c4-pre-sort
commented
1 year ago minhquanym marked the issue as duplicate of #80
Closed code423n4 closed 1 year ago
c4-pre-sort
commented
1 year ago minhquanym marked the issue as duplicate of #80
c4-judge
commented
1 year ago trust1995 marked the issue as unsatisfactory: Out of scope
Lines of code
https://github.com/code-423n4/2023-06-lukso/tree/main/contracts/LSP8IdentifiableDigitalAsset/extensions/LSP8CompatibleERC721.sol#L266 https://github.com/code-423n4/2023-06-lukso/tree/main/contracts/LSP8IdentifiableDigitalAsset/presets/LSP8CompatibleERC721MintableInitAbstract.sol#L29 https://github.com/code-423n4/2023-06-lukso/tree/main/contracts/LSP8IdentifiableDigitalAsset/presets/LSP8CompatibleERC721Mintable.sol#L19 https://github.com/code-423n4/2023-06-lukso/tree/main/contracts/LSP8IdentifiableDigitalAsset/extensions/LSP8CompatibleERC721InitAbstract.sol#L266
Vulnerability details
Note: This risk has been included in the Automated Findings. At that time, the findings given by M-04 were not comprehensive. I'm of the opinion that the subsequent findings should also be categorized under M-04 and they share a similar level of risk.
Impact
_mint()is discouraged in favor of_safeMint()which ensures that the recipient is either an EOA or implements IERC721Receiver. Both OpenZeppelin and solmate have versions of this functionFindings
Total: 4
contracts/LSP8IdentifiableDigitalAsset/extensions/LSP8CompatibleERC721InitAbstract.sol#L266
contracts/LSP8IdentifiableDigitalAsset/extensions/LSP8CompatibleERC721.sol#L266
contracts/LSP8IdentifiableDigitalAsset/presets/LSP8CompatibleERC721MintableInitAbstract.sol#L29
contracts/LSP8IdentifiableDigitalAsset/presets/LSP8CompatibleERC721Mintable.sol#L19
Assessed type
Invalid Validation