Admin should have ability to remove Allowed Token Funtion
isAllowedToken
modifier checks against a list of allowed tokens, then it's still possible that a token in this list has been compromised/is malicious/price fee error. To mitigate this, the contract owner should have the ability to remove tokens from the list.
An attacker could potentially use a malicious token contract to exploit the contract.
manually reviewed
Provide a function that would allow the contract owner to remove a token from the allowed list
The contest is live. Earn rewards by submitting a finding.
This is your time to appeal against judgements on your submissions.
Appeals are being carefully reviewed by our judges.