Tokens may be minted to address(0x0)

[hats-bug-reporter[bot]]

Github username: @saidqayoumsadat Twitter username: saqsadat143 Submission hash (on-chain): 0xc35ff36c88677acf554f3830f0b084e6b277a49726208551bfe4eef5dcd0e515 Severity: low

Description: Description\ Neither the listed functions, nor _mint() prevent minting to address(0x0)

1. Proof of Concept (PoC) File

file: src/CatalystVaultAmplified.sol

152        _mint(depositor, INITIAL_MINT_AMOUNT);

https://github.com/catalystdao/catalyst/blob/27b4d0a2bca177aff00def8cd745623bfbf7cb6b/evm/src/CatalystVaultAmplified.sol#L152C1-L152C47

file: src/CatalystVaultAmplified.sol

138        _mint(toAccount, purchasedVaultTokens);

https://github.com/catalystdao/catalyst/blob/27b4d0a2bca177aff00def8cd745623bfbf7cb6b/evm/src/CatalystVaultAmplified.sol#L1388C1-L1388C48

[reednaa]

See intended use: Factory.