Closed code423n4 closed 1 year ago
https://github.com/code-423n4/2022-10-zksync/blob/456078b53a6d09636b84522ac8f3e8049e4e3af5/zksync/contracts/bridge/L2StandardERC20.sol#L103
_safeMint() should be used if you are sending the minted token to a Contract that is capable to manage NFTs or not. This is to prevent tokens to be lost.
Replace _mint with _safeMint.
_mint
_safeMint
Manual review
Nope
GalloDaSballo marked the issue as unsatisfactory: Insufficient quality
Lines of code
https://github.com/code-423n4/2022-10-zksync/blob/456078b53a6d09636b84522ac8f3e8049e4e3af5/zksync/contracts/bridge/L2StandardERC20.sol#L103
Vulnerability details
Fix
_safeMint() should be used if you are sending the minted token to a Contract that is capable to manage NFTs or not. This is to prevent tokens to be lost.
Recommended Mitigation Steps
Replace
_mint
with_safeMint
.Tools Used
Manual review