A compromised or malicious owner of StableToken can mint any amount of the stable coins. #309
Labels
2 (Med Risk)
Assets not at direct risk, but function/availability of the protocol could be impacted or leak value
bug
Something isn't working
duplicate-377
satisfactory
satisfies C4 submission criteria; eligible for awards
Lines of code
https://github.com/code-423n4/2022-12-tigris/blob/588c84b7bb354d20cbca6034544c4faa46e6a80e/contracts/StableToken.sol#L38
Vulnerability details
Impact
Detailed description of the impact of this finding.
A compromised or malicious owner of StableToken can mint any amount of the stable coins.
Proof of Concept
Provide direct links to all referenced code in GitHub. Add screenshots, logs, or any other relevant proof that illustrates the concept.
.
A compromised or malicious owner of StableToken can mint any amount of the stable coins as follows:
setMinter(badMinter, true)
so thatbadMinter
becomes a legal minter;badMinter
callsmintFor(attackerA, amount)
to getamount
of stable coinsamount
of stable coins to trade and get back other stable coins that are safe and popular in the market.Tools Used
Remix
Recommended Mitigation Steps
Set the minters in the constructor only during deployment. If new minters are needed, then use a proxy pattern to upgrade.
The text was updated successfully, but these errors were encountered: