Unused mintRewards Function in RAACMinter Contract
Summary
The RAACMinter contract includes a function named mintRewards intended to mint and distribute RAAC tokens as rewards. However, this function is not called or integrated anywhere in the protocol, effectively rendering it unused (dead code).Its presence unnecessarily increases the contract's code size and complexity
Vulnerability Details
-
Affected Function:
function mintRewards(address to, uint256 amount) external nonReentrant whenNotPaused {if (msg.sender != address(stabilityPool)) revert OnlyStabilityPool();uint256 toMint = excessTokens >= amount ? 0 : amount - excessTokens;excessTokens = excessTokens >= amount ? excessTokens - amount : 0;if (toMint > 0) {raacToken.mint(address(this), toMint);}raacToken.safeTransfer(to, amount);emit RAACMinted(amount);} -
Issue:
ThemintRewardsfunction is not referenced or invoked by any other part of the protocol.Impact
-
Contract Bloat:
Unused functions add unnecessary code, making the contract longer. This increases the bytecode size, leading to higher deployment costs and potentially higher gas fees when interacting with the contract. -
Increased Complexity:
Dead code can complicate maintenance and audits, increasing the likelihood of security oversights.
Tools Used
Manual Code Review
Recommendations
Remove Unused Functionality:
If themintRewardsfunction is not part of the intended protocol workflow, it should be removed to reduce code complexity and potential attack surface.
Lead Judging Commences
RAACMinter::mintRewards function is never called by StabilityPool despite being the only authorized caller, leaving intended reward functionality unused
RAACMinter::mintRewards function is never called by StabilityPool despite being the only authorized caller, leaving intended reward functionality unused
Prize pool breakdown
Live
The contest is live. Earn rewards by submitting a finding.
Appeals
This is your time to appeal against judgements on your submissions.
Appeals Review
Appeals are being carefully reviewed by our judges.