Merge pull request from GHSA-878m-3g6q-594q

* Test batch minting of 1

* Fix balance tracking

* fix lint

* add changeset

* rename UNSAFE -> unsafe

* fix docs

* fix changeset

* grammar

* add explanation of preserved invariant

* add fuzz tests

* rename variable

* improve property definition

* add burn

* add test ownership multiple batches

* refactor fuzz tests

* change ownership test for better probability

* typo

* reorder comment

* update changelog notes

* edit changelog

* lint

* Update CHANGELOG.md

---------

Co-authored-by: Francisco Giordano <fg@frang.io>

contracts/token/ERC721/ERC721.sol

@@ -434,21 +434,7 @@ contract ERC721 is Context, ERC165, IERC721, IERC721Metadata {
      *
      * To learn more about hooks, head to xref:ROOT:extending-contracts.adoc#using-hooks[Using Hooks].
      */
-    function _beforeTokenTransfer(
-        address from,
-        address to,
-        uint256 /* firstTokenId */,
-        uint256 batchSize
-    ) internal virtual {
-        if (batchSize > 1) {
-            if (from != address(0)) {
-                _balances[from] -= batchSize;
-            }
-            if (to != address(0)) {
-                _balances[to] += batchSize;
-            }
-        }
-    }
+    function _beforeTokenTransfer(address from, address to, uint256 firstTokenId, uint256 batchSize) internal virtual {}
 
     /**
      * @dev Hook that is called after any token transfer. This includes minting and burning. If {ERC721Consecutive} is
@@ -465,4 +451,16 @@ contract ERC721 is Context, ERC165, IERC721, IERC721Metadata {
      * To learn more about hooks, head to xref:ROOT:extending-contracts.adoc#using-hooks[Using Hooks].
      */
     function _afterTokenTransfer(address from, address to, uint256 firstTokenId, uint256 batchSize) internal virtual {}
+
+    /**
+     * @dev Unsafe write access to the balances, used by extensions that "mint" tokens using an {ownerOf} override.
+     *
+     * WARNING: Anyone calling this MUST ensure that the balances remain consistent with the ownership. The invariant
+     * being that for any address `a` the value returned by `balanceOf(a)` must be equal to the number of tokens such
+     * that `ownerOf(tokenId)` is `a`.
+     */
+    // solhint-disable-next-line func-name-mixedcase
+    function __unsafe_increaseBalance(address account, uint256 amount) internal {
+        _balances[account] += amount;
+    }
 }

contracts/token/ERC721/extensions/ERC721Consecutive.sol

@@ -96,6 +96,11 @@ abstract contract ERC721Consecutive is IERC2309, ERC721 {
             // push an ownership checkpoint & emit event
             uint96 last = first + batchSize - 1;
             _sequentialOwnership.push(last, uint160(to));
+
+            // The invariant required by this function is preserved because the new sequentialOwnership checkpoint
+            // is attributing ownership of `batchSize` new tokens to account `to`.
+            __unsafe_increaseBalance(to, batchSize);
+
             emit ConsecutiveTransfer(first, last, address(0), to);
 
             // hook after