[Audit Fix] modifier onlyDAO also allows minter

## Summary
modifier `onlyDAO` requires that the `msg.sender` is a `daoAddress` OR `minter` while the name suggests that it should only allow the daoAddress.
## Risk Rating
3
## Vulnerability Details
  ```
  solidity
  modifier onlyDAO() {
    require(msg.sender == daoAddress || msg.sender == minter, 'ElasticDAO: Not authorized');
    _;
  }
  ```
## Impact
This allows the minter to call functions that are supposed to be called only by DAO like `setBurner` or `setMinter`.
## Proof of Concept

https://github.com/code-423n4/code-contests/blob/4db2720312f0958f2e89f6207a6774c9e5360655/contests/02-elasticdao/contracts/tokens/ElasticGovernanceToken.sol#L31-L34

## Tools Used
Just a simple code review using a text editor.

## Recommended Mitigation Steps
Remove this condition: `|| msg.sender == minter`

#### Definition of Done


- [x] The additional `|| msg.sender == miner` is removed

Provide feedback

Saved searches

Use saved searches to filter your results more quickly

Uh oh!

[Audit Fix] modifier onlyDAO also allows minter #35

Summary

Risk Rating

Vulnerability Details

Impact

Proof of Concept

Tools Used

Recommended Mitigation Steps

Definition of Done

Metadata

Assignees

Labels

Type

Projects

Milestone

Relationships

Development

[Audit Fix] modifier onlyDAO also allows minter #35

Description

Summary

Risk Rating

Vulnerability Details

Impact

Proof of Concept

Tools Used

Recommended Mitigation Steps

Definition of Done

Metadata

Metadata

Assignees

Labels

Type

Projects

Milestone

Relationships

Development

Issue actions