Using `_mint()` instead of `_safeMint()` may cause NFTs to be permanently lost
Description:
The EggstravaganzaNFT::mintEgg function uses the internal _mint() method to create new NFTs:
While this works for externally owned accounts (EOAs), using _mint() bypasses a critical safety check:
_mint() does not verify whether the receiving address is capable of handling ERC721 tokens.
If the to address is a smart contract that does not implement onERC721Received, the token will be transferred but become permanently stuck inside that contract.
This is a known pitfall in ERC721 usage and could lead to accidental loss of NFTs if, in the future, the game logic evolves or tokens are minted to escrow contracts, reward pools, staking contracts, or even mistakenly to the vault.
Impact:
NFTs can become permanently locked in contracts that do not support ERC721.
No way for users or contracts to recover these tokens unless the receiver explicitly adds rescue logic.
Reduces the safety and robustness of the NFT minting process.
Tools Used
Manual Review, Foundry
Recommended Mitigation:
Replace _mint() with _safeMint() in the mintEgg function:
Lead Judging Commences
Unsafe ERC721 Minting
Protocol doesn't check if recipient contracts can handle ERC721 tokens
Rewards breakdown
Live
The contest is live. Earn rewards by submitting a finding.
Appeals
This is your time to appeal against judgements on your submissions.
Appeals Review
Appeals are being carefully reviewed by our judges.