Open code423n4 opened 1 year ago
Downgrading to QA. See https://github.com/code-423n4/2022-12-escher-findings/issues/508#issuecomment-1345252989
berndartmueller changed the severity to QA (Quality Assurance)
berndartmueller marked the issue as grade-b
Lines of code
https://github.com/code-423n4/2022-12-escher/blob/main/src/minters/FixedPrice.sol#L66
Vulnerability details
Impact
In different contracts protocol uses ERC721 mint function to create new token for address instead of safeMint. Because of that it's possible to mint token to the contract that doesn't support ERC721 and token will be stucked there,
Proof of Concept
Inside FixedPrice.buy function new tokens are minted using mint function. In case if msg.sender is contract and it doesn't support ERC721, using safeMint is better. Otherwise token can be stucked inside contract.
Tools Used
VsCode
Recommended Mitigation Steps
Use safeMint that will check that recipient supports ERC721 tokens.