QA Report #366
Labels
bug
Something isn't working
QA (Quality Assurance)
Assets are not at risk. State handling, function incorrect as to spec, issues with clarity, syntax
valid
Overall, there has been a ton of thought and detail into the architecture of this protocol. Unfortunately, we had not had enough time to dig deep into this contest so we are just noting once low risk bug issue that we found.
Issue:
It is discouraged to use
_mint
. Should use_safeMint
instead. If the recipient of the HomeFi project is a smart contract, _safeMint() will check if the contract can handle an ERC721 receive. The minted ERC721 can get lost in the current state if mint is called upon a smart contract.https://github.com/OpenZeppelin/openzeppelin-contracts/blob/d4d8d2ed9798cc3383912a23b5e8d5cb602f7d4b/contracts/token/ERC721/ERC721.sol#L271
This has come up before in C4:
code-423n4/2021-11-vader-findings#27
Recommended Mitigation:
Use
_safeMint
.The text was updated successfully, but these errors were encountered: