Summary

The contracts under review contain several functions with privileged rights reserved for the contract owner. These functions allow the owner to perform critical administrative tasks, such as adding or removing stakeholders, managing whitelist entries, and setting thresholds. This level of control requires a high level of trust in the contract owner to avoid malicious activities that could compromise the contract’s integrity or drain funds.

Vulnerability Details

The following functions have been identified as having privileged rights for the contract owner:

• Stakeable.sol

  • Line 27: contract Stakeable is Ownable, IStakeable

  • Line 39: function addStake(address epAddress, uint32 unstakeDelaySec) external payable onlyOwner

  • Line 47: function unlockStake(address epAddress) external onlyOwner

  • Line 56: function withdrawStake(address epAddress, address payable withdrawAddress) external onlyOwner

• BiconomyMetaFactory.sol

  • Line 52: function addFactoryToWhitelist(address factory) external onlyOwner

  • Line 59: function removeFactoryFromWhitelist(address factory) external onlyOwner

• RegistryFactory.sol

  • Line 57: function addAttester(address attester) external onlyOwner

  • Line 61: function removeAttester(address attester) external onlyOwner

  • Line 71: function setThreshold(uint8 newThreshold) external onlyOwner

Impact

The owner of these contracts holds significant control, which, if misused, could lead to:

• Unauthorized manipulation of staking mechanisms.

• Arbitrary changes to whitelist entries, potentially allowing unauthorized entities to interact with the contract.

• Unilateral adjustments to key parameters such as thresholds, which could affect contract behavior and security.

• Potential draining of funds from the contract, causing financial losses to stakeholders.

Tools Used

• Manual code review

Recommendations

1. Minimize Owner Privileges:

   • Implement multisig authorization for critical functions to distribute trust among multiple parties.

   • Introduce time-lock mechanisms for sensitive functions to provide stakeholders with notice of impending changes.

2. Enhanced Access Controls:

   • Use role-based access control to limit the number of functions accessible to the owner.

   • Regularly review and update the list of privileged roles and their permissions.