Voting tokens may be lost when given to non-EOA accounts
Summary
veBVMs can be sent to contracts that cannot handle them, resulting in the permanent locking of all rewards, voting power, and underlying assets.
Vulnerability Detail
The _mint function which creates the locks, does not perform a check to ensure that the recipient address is capable of handling ERC721 tokens.
This omission means that if veBVMs are sent to a contract that does not implement the ERC721 receiver interface, the tokens, along with their associated rewards and voting power, will be locked in that contract permanently.
Impact
The failure to perform this check can result in the permanent loss of voting power, rewards, and the underlying assets when veBVMs are sent to non-EOA (Externally Owned Accounts) contracts that cannot handle ERC721 tokens.
To mitigate this issue, call onERC721Received in the _mint function and ensure that the return value equals IERC721Receiver.onERC721Received.selector. This will ensure that the recipient address is capable of handling ERC721 tokens.
blackhole
Medium
Voting tokens may be lost when given to non-EOA accounts
Summary
veBVMs can be sent to contracts that cannot handle them, resulting in the permanent locking of all rewards, voting power, and underlying assets.
Vulnerability Detail
The _mint function which creates the locks, does not perform a check to ensure that the recipient address is capable of handling ERC721 tokens. This omission means that if veBVMs are sent to a contract that does not implement the ERC721 receiver interface, the tokens, along with their associated rewards and voting power, will be locked in that contract permanently.
Impact
The failure to perform this check can result in the permanent loss of voting power, rewards, and the underlying assets when veBVMs are sent to non-EOA (Externally Owned Accounts) contracts that cannot handle ERC721 tokens.
Code Snippet
https://github.com/sherlock-audit/2024-06-velocimeter/blob/main/v4-contracts/contracts/VotingEscrow.sol#L483-L492
Tool used
Manual Review
Recommendation
To mitigate this issue, call onERC721Received in the _mint function and ensure that the return value equals IERC721Receiver.onERC721Received.selector. This will ensure that the recipient address is capable of handling ERC721 tokens.
Duplicate of #131