Incorrect minting condition allows exceeding maximum supply
Summary
TempleGold::_canDistribute contains a logical error that could potentially allow the total supply of Temple Gold to exceed the predefined maximum supply (MAX_SUPPLY).
Vulnerability Details
This condition incorrectly allows minting as long as mintAmount is greater than or equal to MINIMUM_MINT, even if _totalDistributed + mintAmount exceeds MAX_SUPPLY. As a result, the total supply of Temple Gold could exceed the intended maximum limit.
Impact
If this vulnerability is exploited, it could lead to the creation of more tokens than the intended maximum supply (MAX_SUPPLY), which would result in token inflation.
Tools Used
Manual code review
Recommendations
To fix this issue, the condition in the Templegold::_canDistribute function should be modified to ensure that the total distributed tokens do not exceed the MAX_SUPPLY. The corrected function is as follows:
This change ensures that all of the following conditions are fulfilled:
The mint amount must be non-zero.
The total distributed amount plus the mint amount must not exceed (as opposed to equal) the
MAX_SUPPLY.The mint amount must be at least the
MINIMUM_MINT.
Lead Judging Commences
`_canDistribute` could return a result breaking the MAX TOTAL SUPPLY of TGLD
Prize pool breakdown
Live
The contest is live. Earn rewards by submitting a finding.
Appeals
This is your time to appeal against judgements on your submissions.
Appeals Review
Appeals are being carefully reviewed by our judges.