Use of `_mint` Instead of `_safeMint` for NFT Minting, causing loss of NFT for users which cannot receive ERC721's
Summary
The protocol mints the NFT's via _mint instead of safeMint function. The _mint function does not check weather or not the recipient can actually receive ERC721 token.
Vulnerability Details
In the EggstravaganzaNFT:mintEgg function, the contract uses _mint to create and assign ownership of NFTs without checking the compatibility of the recipient. This lack of validation could result in NFTs being sent to contracts that are not ERC721-compatible, causing them to be locked and inaccessible.
Impact
Using _mint instead of _safeMint could impact the user's experience, if users mistakenly use an incompatible contract, then they will not have access to the NFT, leading loss of Eggs, user dissatisfaction, or users with a limited knowledge about NFT's might event think this project is a scam.
Tools Used
static analysis
Recommendations
Lead Judging Commences
Unsafe ERC721 Minting
Protocol doesn't check if recipient contracts can handle ERC721 tokens
Rewards breakdown
Live
The contest is live. Earn rewards by submitting a finding.
Appeals
This is your time to appeal against judgements on your submissions.
Appeals Review
Appeals are being carefully reviewed by our judges.