Submission Details
Severity:
Any one can mint RAAC token rewards
Summary
In the tick function, function does not check whether the caller has permission to execute this function. This leads to anyone being able to call the tick function and mint the RAAC token.
Vulnerability Details
In the tick function, There is no authorization check for the function caller.
function tick() external nonReentrant whenNotPaused {
if (emissionUpdateInterval == 0 || block.timestamp >= lastEmissionUpdateTimestamp + emissionUpdateInterval) {
updateEmissionRate();
}
uint256 currentBlock = block.number;
uint256 blocksSinceLastUpdate = currentBlock - lastUpdateBlock;
if (blocksSinceLastUpdate > 0) {
uint256 amountToMint = emissionRate * blocksSinceLastUpdate;
if (amountToMint > 0) {
excessTokens += amountToMint;
lastUpdateBlock = currentBlock;
raacToken.mint(address(stabilityPool), amountToMint);
emit RAACMinted(amountToMint);
}
}
}
Therefore, anyone who calls the function if the condition is true will mint RAAC tokens. This results in infinite RAAC tokens being minted.
Impact
This results in infinite RAAC tokens being minted.
Tools Used
Manual
Recommendations
Add authorization check msg.sender:
if (msg.sender != address(stabilityPool)) revert OnlyStabilityPool();
Prize pool breakdown
Total prize
77,280 USDC
nSLOC
3,86420 USDC / LOC
74,000
3,280
Live
The contest is live. Earn rewards by submitting a finding.
Appeals
This is your time to appeal against judgements on your submissions.
Appeals Review
Appeals are being carefully reviewed by our judges.