Use safeMint for ERC721 #445
Labels
2 (Med Risk)
Assets not at direct risk, but function/availability of the protocol could be impacted or leak value
bug
Something isn't working
invalid
This doesn't seem right
sponsor disputed
Sponsor cannot duplicate the issue, or otherwise disagrees this is an issue
Lines of code
https://github.com/code-423n4/2022-09-nouns-builder/blob/main/src/auction/Auction.sol#L206
Vulnerability details
🎨 Category
ERC721, Data Validation
💥 Impact
In Auction.sol, the
_createAuction()
function eventually callsmint()
in Token.sol.https://github.com/code-423n4/2022-09-nouns-builder/blob/main/src/token/Token.sol#L143
Calling mint this way does not ensure that the
settings.auction
can handle ERC721 properly.📝 Proof of Concept
https://github.com/code-423n4/2022-09-nouns-builder/blob/main/src/auction/Auction.sol#L206
🚜 Tools Used
Manual
✅ Recommended Mitigation Steps
Use
_safeMint()
function of Opnezeppelin instead of themint
function.And this function should be used with reentrancy guards as a guard to protect the user.
https://github.com/OpenZeppelin/openzeppelin-contracts/blob/master/contracts/token/ERC721/ERC721.sol
👬 Similar Issue
code-423n4/2022-01-sandclock-findings#29
The text was updated successfully, but these errors were encountered: