Core Contracts
Regnum Aurum Acquisition Corp
HardhatReal World AssetsNFT
77,280 USDC
View results
Previous Next
Submission Details
Severity: low
Invalid

New distribution cap value will not set until FEE_ADMIN is role assigned.

akioniace

Summary

BaseGauge::setDistributionCap will not set new distribution cap value until the DEFAULT_ADMIN_ROLE assign the FEE_ADMIN role to someone.

Vulnerability Details

BaseGauge deploy contract with role based where we can see that function BaseGauge::setDistributionCap is used for the New distribution cap value and it is only called by the FEE_AMDIN which is not assigned in the deploy time leaving function to execute called by no one until FEE_ADMIN role is granted by the owner.

Impact

Until the owner grant someone the FEE_ADMIN role, the new distribution cap value cannot be set, whoever calling even the owner cant set the new distribution cap value.

Tools Used

  • Manual Review

Recommended Mitigation

In Basegauge::constructor add this.

constructor(
address _rewardToken,
address _stakingToken,
address _controller,
uint256 _maxEmission,
uint256 _periodDuration
+ address _feeAdmin,
) {
.
.
.
// Initialize roles
_grantRole(DEFAULT_ADMIN_ROLE, msg.sender);
_grantRole(CONTROLLER_ROLE, _controller);
+ _grantRole(FEE_ADMIN, _feeAdmin)
.
.
.
Updates

Lead Judging Commences

inallhonesty Lead Judge 7 months ago
Submission Judgement Published
Invalidated
Reason: Non-acceptable severity

Support

FAQs

Can't find an answer? Chat with us on Discord, Twitter or Linkedin.

Give us feedback!