Judge has assessed an item in Issue #119 as Medium risk. The relevant finding follows:
Checking whether the receiver is capable of holding ERC721
The contract usessafeTransfer() for ERC20 but uses transferFrom() for ERC721 in both exercise() and withdraw() which may lead to the loss of ERC721 if the receiving contract does not have onERC721Received(). To prevent this unintended circumstance, the contract should replace this function with safeTransferFrom() for ERC721 to check whether the receiving contract is IERC721Receiver.
HardlyDifficult
commented
2 years ago
Judge has assessed an item in Issue #119 as Medium risk. The relevant finding follows:
Checking whether the receiver is capable of holding ERC721 The contract usessafeTransfer() for ERC20 but uses transferFrom() for ERC721 in both exercise() and withdraw() which may lead to the loss of ERC721 if the receiving contract does not have onERC721Received(). To prevent this unintended circumstance, the contract should replace this function with safeTransferFrom() for ERC721 to check whether the receiving contract is IERC721Receiver.