function mint() in FERC1155 don't follow check-effect-interact pattern, it's possible to call protocol contracts after tokens minted and before totalSupply updated
Lines of code Vulnerability details Impact Function mint mints new fractions for an ID and is only callable by VaultRegistry. code mints tokens then updates totalSupply value. when minting contract may make external call to target address, in that external call contract state is wrong, tokens are...