QuantAMM
QuantAMM
49,600 OP
View results
Previous Next
Submission Details
Severity: low
Invalid

SafeMint is preferable to mint in LPNFT.SOL to prevent loss of nft

momoweb3

Summary

safeMint function ensures that when minting a token to an address, it checks if the recipient can handle the NFT token to prevent the NFT from being locked up and unusable. LPNFT.SOL uses mint instead making it susceptible to this issue.

/// @param _to the address to mint the NFT to
function mint(address _to) public onlyUpliftOnlyRouter returns (uint256 tokenId) {
tokenId = ++numMinted; // We start minting at 1
_mint(_to, tokenId);
}

Vulnerability Details

safeMint in contrast to mint checks;

  • that the recipient is a smart contract

  • after validating that the recipient is a contract, it checks that the contract implements the onERC721Received interface (IERC721Receiver) in order to handle ERC721 tokens correctly.

  • The transaction will fail if the recipient cant handle the NFT token correctly

Impact

users who do not correctly implement the appropriate interface will not be able to use their NFT

Tools Used

manual assessment

Recommendations

use safeMint function instead

Updates

Lead Judging Commences

n0kto Lead Judge 7 months ago
Submission Judgement Published
Invalidated
Reason: Non-acceptable severity
Assigned finding tags:

Informational or Gas / Admin is trusted / Pool creation is trusted / User mistake / Suppositions

Please read the CodeHawks documentation to know which submissions are valid. If you disagree, provide a coded PoC and explain the real likelyhood and the detailed impact on the mainnet without any supposition (if, it could, etc) to prove your point.

Support

FAQs

Can't find an answer? Chat with us on Discord, Twitter or Linkedin.