In the contract TridentNFT, function selects are encoded as hexadecimal numbers. Solidity has the keyword .selector, making the code easier to read and less error-prone.
Recommended Mitigation Steps
Recommended alternative implementation:
IERC721Receiver.onERC721Received.selector
Handle
pauliax
Vulnerability details
Impact
In the contract TridentNFT, function selects are encoded as hexadecimal numbers. Solidity has the keyword .selector, making the code easier to read and less error-prone.
Recommended Mitigation Steps
Recommended alternative implementation: IERC721Receiver.onERC721Received.selector
https://github.com/OpenZeppelin/openzeppelin-contracts/blob/master/contracts/token/ERC721/IERC721Receiver.sol
or I think you can even refactor this function to avoid this low-level call:
import "@openzeppelin/contracts/token/ERC721/IERC721Receiver.sol"; function safeTransferFrom( address, address recipient, uint256 tokenId, bytes memory data ) public { transferFrom(address(0), recipient, tokenId); if (recipient.code.length != 0) { bytes4 memory returned = IERC721Receiver(recipient).onERC721Received(msg.sender, address(0), tokenId, data); require(returned == IERC721Receiver.onERC721Received.selector, "NOT_ERC721_RECEIVER"); } }