Inheritable Smart Contract Wallet
First Flight #35
Beginner FriendlySolidity
100 EXP
View results
Previous Next
Submission Details
Severity: medium
Invalid

The contract uses `ERC721::_mint()` instead of `ERC721::_safeMint()` that can result in a loss of assets

yo4nn

Summary

The contract uses ERC721::_mint() instead of ERC721::_safeMint(), which can result in tokens being minted to contracts that do not support ERC721 tokens, leading to a loss of assets.

Vulnerability Details

The _mint() function in the ERC721 standard does not check whether the recipient is capable of handling ERC721 tokens. If a token is minted to a smart contract that does not implement the onERC721Received function, the token will be permanently locked in that contract, making it inaccessible.

For example, if an NFT marketplace or another contract interacts with the minting function and does not support ERC721, the token will be unrecoverable.

Impact

Loss of NFTs if minted to incompatible contracts.

Tools Used

Aderyn

Recommendations

Replace _mint() with _safeMint() to ensure the recipient is capable of handling ERC721 tokens:

_safeMint(receiver, tokenId);
Updates

Lead Judging Commences

0xtimefliez Lead Judge 9 months ago
Submission Judgement Published
Invalidated
Reason: Non-acceptable severity

Appeal created

yo4nn Submitter
9 months ago
0xtimefliez Lead Judge 9 months ago
Submission Judgement Published
Invalidated
Reason: Non-acceptable severity

Support

FAQs

Can't find an answer? Chat with us on Discord, Twitter or Linkedin.

Give us feedback!