When the profile attempts to migrate, it would revert since the handle tokenId has already been minted. Hence the profile will be unable to migrate to V2.
Tools Used
Manual Review
Recommended Mitigation Steps
Before minting a handle check whether it belongs to a V1 profile.
Lines of code
https://github.com/code-423n4/2023-07-lens/blob/cdef6ebc6266c44c7068bc1c4c04e12bf0d67ead/contracts/libraries/MigrationLib.sol#L60
Vulnerability details
Impact
Some profiles cannot be migrated to V2 if their handle tokenId has already been minted.
Proof of Concept
A handle can be minted in the LensHandles contract before a profile that would have the same handle is migrated from V1.
https://github.com/code-423n4/2023-07-lens/blob/cdef6ebc6266c44c7068bc1c4c04e12bf0d67ead/contracts/namespaces/LensHandles.sol#L87-L94
When the profile attempts to migrate, it would revert since the handle tokenId has already been minted. Hence the profile will be unable to migrate to V2.
Tools Used
Manual Review
Recommended Mitigation Steps
Before minting a handle check whether it belongs to a V1 profile.
Assessed type
Other