Inadequate Role Separation in Contract Constructors
Summary
Multiple contracts—including FeeCollector, Treasury, BoostController, GaugeController, TimelockController, RAACMinter, and RAACReleaseOrchestrator—assign all critical roles (e.g., DEFAULT_ADMIN_ROLE, MANAGER_ROLE, ALLOCATOR_ROLE) to a single address during construction. This centralization of administrative control can be dangerous, as it concentrates power and creates a single point of failure
Vulnerability Details
Contracts:
FeeCollector, Treasury, BoostController, GaugeController, TimelockController, RAACMinter, and RAACReleaseOrchestrator
Code:
This approach assigns all responsibilities to one admin address (typically msg.sender), without separation of duties. If the admin account is compromised or mismanaged, it could potentially affect all contracts controlled by these roles.
Impact
• Centralized Control: A single address managing all roles can lead to a centralization risk, as the compromise of this account would affect multiple critical functions.
• Single Point of Failure: Concentrating authority in one account increases the potential impact of human error or targeted attacks.
Tools Used
Manual
Recommendations
• Separate Role Assignments: Consider assigning different roles to different addresses to decentralize control and reduce risks associated with a single point of failure.
Prize pool breakdown
Live
The contest is live. Earn rewards by submitting a finding.
Appeals
This is your time to appeal against judgements on your submissions.
Appeals Review
Appeals are being carefully reviewed by our judges.