No access control on mint function allows anyone to mint tokens for free
Summary
In WStETHMock.sol the mint function does not have any access control neither restricts users to mint unlimited tokens for themselves or someone else.
Vulnerability Details
https://github.com/Cyfrin/2024-01-Morpheus/blob/07c900d22073911afa23b7fa69a4249ab5b713c8/contracts/mock/tokens/WStETHMock.sol#L15
https://github.com/Cyfrin/2024-01-Morpheus/blob/07c900d22073911afa23b7fa69a4249ab5b713c8/contracts/mock/tokens/StETHMock.sol#L19
The external mint function in WStETHMock.sol does not have any access control which means that any user can call this function and mint tokens at will. The same goes for the mint function in StETHMock.sol though in that contract shares are minted and the maximum amount is 1000 shares.
To see how this works you can add the following tests to Distribution.test.ts and it will succeed.
Impact
Since there is also no requirement for staking tokens or sending ETH in this function it would allow anyone to mint as many tokens as they want. This would result in the minted token to actually become wortless as anyone could mint it for free. Since this is a wrapped token this could end really badly.
Tools Used
vsCodium
Recommendations
Add access control to this function to only allow the owner or a privileged role to mint tokens. Another approach would be to add a mechanism where users need to deposit funds in order to mint tokens depending on what the goal is here.
Lead Judging Commences
Lack of access control in `StETHMock:mint` and `WStETHMock::mint`
Prize pool breakdown
Live
The contest is live. Earn rewards by submitting a finding.
Appeals
This is your time to appeal against judgements on your submissions.
Appeals Review
Appeals are being carefully reviewed by our judges.