Lack of minter role revocation in RAACToken
Summary
The setMinter() function allows the contract owner to assign a minter but does not provide a way to revoke the minter role by setting it to address(0). This omission creates a security risk where the minter retains indefinite minting privileges.
Vulnerability Details
The
setMinter()function assigns a new minter but does not include a mechanism for revocation.Once a minter is assigned, there is no way to remove their role unless the contract is modified or redeployed.
If the minter’s private key is compromised, the attacker can mint unlimited tokens, leading to inflation and potential devaluation of the token.
Steps to Reproduce
The contract owner calls
setMinter(newMinter), assigning minting rights.The minter remains assigned indefinitely as there is no function to revoke the role.
If the minter’s private key is compromised, an attacker can mint unlimited tokens.
Impact
Permanent Minter Role: The contract owner cannot remove the minter once assigned.
Tools Used
Manual Review
Recommendations
Modify the setMinter() function to allow setting the minter to address(0), enabling revocation of the role.
Prize pool breakdown
Live
The contest is live. Earn rewards by submitting a finding.
Appeals
This is your time to appeal against judgements on your submissions.
Appeals Review
Appeals are being carefully reviewed by our judges.