🔥 Day 1 of #30daysweb3security 
@Web3SecurityDAO

Follow me on my 30-day journey in Web3 security!

Today, i learnt about the dangers of using _safeMint over _mint 🧵

Warden/Watson at C4/Sherlock

Follow me for onchain security info

_safeMint checks whether the receiver can receive ERC721 tokens (i.e. receiver is not a contract).

However, this creates a reentrancy loophole due to the onERC721Received callback, where an attacker can mint more tokens - before a check is performed.

So how? Implement a reentrancy guard if using _safeMint; or don't use _safeMint at all (if you don't expect contracts to be minting) and even save some gas with _mint. 🔥