Project

Summary

The mint function in the ERC20 contract is publicly accessible, allowing anyone to mint an arbitrary number of tokens to any address. This creates a situation where malicious actors can mint an unlimited supply of tokens, devaluing the token and severely impacting the economics of the system. Furthermore, since there is no burn mechanism, once tokens are minted, they cannot be removed from circulation.

Additionally, according to the project's README, All Contracts in **contracts** are in scope. As this shared/testERC20.sol is part of the contracts directory, it is within the audit's scope.

Vulnerability Details

In the current implementation of the contract, the mint function can be called by any external address, not just the contract owner or a privileged account. The function lacks access control, meaning there are no restrictions preventing unauthorized accounts from minting tokens. Here is the relevant code snippet:

The Problem:

• No Access Control: The mint function is external, which means it can be called by anyone. There is no check to ensure that only the contract owner or an authorized user can mint tokens.

• Unlimited Minting: Any actor can call the mint function to create an arbitrary amount of tokens for any address, leading to an unchecked inflation of the token supply.

• No Token Burning: Since there is no burn function, once tokens are minted, they cannot be destroyed, permanently increasing the total supply.

Attack Scenario:

1. A malicious attacker notices that the mint function has no restrictions.

2. They call the mint function to mint tokens to their own address, creating a large number of tokens out of thin air.

3. The attacker can then either transfer these tokens to other accounts or dump them on the market, devaluing the token and undermining the integrity of the system.

Impact

The impact of this vulnerability is severe, as it allows any actor to manipulate the token supply, leading to:

• Hyperinflation: Unlimited minting of tokens will cause the total token supply to skyrocket, significantly devaluing the token for all legitimate holders.

• Inability to Recover: Since there is no burn function, the inflated supply cannot be reduced, leading to permanent damage to the tokenomics.

Tools Used

Manual Review

Recommendations

1. Add Access Control to the mint function

Restrict the mint function so that only authorized addresses (e.g., the contract owner or a role like MINTER_ROLE) can mint new tokens. This can be done using OpenZeppelin's Ownable or AccessControl libraries. Example:

Alternatively, using AccessControl for more granular role-based permissions:

2. Implement a Burn Function

Introduce a burn function that allows users or the contract owner to destroy tokens, reducing the total supply and providing a mechanism to recover from excess minting: