https://github.com/code-423n4/2023-05-juicebox/blob/main/juice-buyback/contracts/JBXBuybackDelegate.sol#L205
https://github.com/code-423n4/2023-05-juicebox/blob/main/juice-buyback/contracts/JBXBuybackDelegate.sol#L207
.mint
won’t check if the recipient is able to receive the NFT. If an incorrect address is passed, it will result in a silent failure and loss of asset.
OpenZeppelin recommendation is to use the safe variant of _mint
.
Manual review
Replace _mint()
with _safeMint()
.
juice-buyback/contracts/JBXBuybackDelegate.sol
68: uint256 private constant SLIPPAGE_DENOMINATOR = 10000;
Manual review
- 68: uint256 private constant SLIPPAGE_DENOMINATOR = 10000;
+ 68: uint256 private constant SLIPPAGE_DENOMINATOR = 10_000;