FootiumClub.safeMint should use ERC721Upgradeable._safeMint instead of ERC721Upgradeable._mint
Summary
There are certain smart contracts that do not support ERC721, using ERC721Upgradeable._mint may result in the NFT being sent to such contracts.
Within ERC721Upgradeable._safeMint, there is addition check to make sure the receiver can handle the NFT properly.
function _safeMint(
address to,
uint256 tokenId,
bytes memory data
) internal virtual {
_mint(to, tokenId);
require(
_checkOnERC721Received(address(0), to, tokenId, data),
"ERC721: transfer to non ERC721Receiver implementer"
);
}
jasonxiale
medium
FootiumClub.safeMint should use ERC721Upgradeable._safeMint instead of ERC721Upgradeable._mint
Summary
There are certain smart contracts that do not support ERC721, using ERC721Upgradeable._mint may result in the NFT being sent to such contracts.
Within ERC721Upgradeable._safeMint, there is addition check to make sure the receiver can handle the NFT properly.
Vulnerability Detail
FootiumClub.safeMint is called by FootiumClubMinter.mint, if the to is a smart contracts that do not support ERC721, the club will break
https://github.com/sherlock-audit/2023-04-footium/blob/main/footium-eth-shareable/contracts/FootiumClub.sol#L56-L68
Impact
The NFT may get stuck in the contract that does support ERC721.
Code Snippet
Tool used
Manual Review
Recommendation
Duplicate of #342