Using `_mint` in `EggstravaganzaNFT::mintEgg` can cause NFT loss when the receiver is a contract that doesn't implement `ERC721Receiver`
Description: _mint is a function that doesn't take into account whether the receiver address can receive the specified tokens. So a contract that calls the EggHuntGame::searchForEgg function and finds an egg, tries to mint it in EggstravaganzaNFT::mintEgg with _mint but doesn't have the ERC721Receiver contract implemented, won't be able to receive the NFT and the NFT will be lost.
Impact: Minted NFT tokens will be lost when the EggstravaganzaNFT::mintEgg tries to mint them to a contract that can't receive the tokens.
Recommended Mitigation: It's recommended to use the _safeMint function instead of _mint when minting new tokens to ensure the NFT token won't be lost if the receiver can't actually receive NFTs.
Lead Judging Commences
Unsafe ERC721 Minting
Protocol doesn't check if recipient contracts can handle ERC721 tokens
Rewards breakdown
Live
The contest is live. Earn rewards by submitting a finding.
Appeals
This is your time to appeal against judgements on your submissions.
Appeals Review
Appeals are being carefully reviewed by our judges.