Submission Details
Impact:
Likelihood:
[H-1] Unlimited tokens can minted by the `owner` due to lack of fixed total supply in `briTechToken::mint`
[H-1] Unlimited tokens can minted by the `owner` due to lack of fixed total supply in `briTechToken::mint`
Description
The `briTechToken::mint` function allows the contract owner to mint an arbitrary number of tokens without restriction. Because there is no hard cap or maximum supply defined, the owner can repeatedly call this function to mint new tokens, leading to unbounded inflation.
This behavior can severely impact the token’s integrity and value, potentially resulting in a rug pull or complete devaluation of user holdings.
```solidity
function mint() public onlyOwner {
@> _mint(owner(), 10_000_000 * 1e18);
}
```
Risk
Likelihood:
High likelihood — since the
mint()function lacks a total supply cap or access restriction beyondonlyOwner, the owner (or any compromised owner account) can mint unlimited tokens at any time. This makes exploitation easy and probable, especially if ownership is transferred, leaked, or misused.
Impact:
The absence of a fixed total supply allows the owner to continuously increase supply, making user-held tokens worthless due to dilution.
This also undermines trust in the token and any protocol or vault that depends on its stability, resulting in potential loss of funds or collapse of the token economy.
Proof of Concept
Place the following lines of codes here `briVault.t.sol`
<details>
<summary>Proof Of Code</summary>
```solidity
function testUnlimitedMinting() public {
uint256 initialSupply1 = britechToken.totalSupply();
assertEq(initialSupply1, 0, "should start with 0 supply");
// First mint of 10M Tokens
britechToken.mint();
uint256 supplyAfter1 = britechToken.totalSupply();
console.log("Total supply after mint 1:", supplyAfter1 / 1e18, "tokens");
assertEq(supplyAfter1, 10_000_000 * 1e18);
// Second mint of 20M Tokens
britechToken.mint();
uint256 supplyAfter2 = britechToken.totalSupply();
console.log("Total supply after mint 2:", supplyAfter2 / 1e18, "tokens");
assertEq(supplyAfter2, 20_000_000 * 1e18);
// Third mint of 30M Tokens
britechToken.mint();
uint256 supplyAfter3 = britechToken.totalSupply();
console.log("Total supply after mint 3:", supplyAfter3 / 1e18, "tokens");
assertEq(supplyAfter3, 30_000_000 * 1e18);
// Fourth mint of 40M Tokens
britechToken.mint();
uint256 supplyAfter4 = britechToken.totalSupply();
console.log("Total supply after mint 4:", supplyAfter4 / 1e18, "tokens");
assertEq(supplyAfter4, 40_000_000 * 1e18);
// Final mint of 1B Tokens
for (uint i = 0; i < 96; i++) {
britechToken.mint();
}
uint256 finalMint = britechToken.totalSupply();
address actualOwner = britechToken.owner();
console.log("Final total supply:", finalMint / 1e18, "tokens");
console.log("Owner balance:", britechToken.balanceOf(actualOwner) / 1e18, "tokens");
assertEq(finalMint, 1_000_000_000 * 1e18);
assertEq(britechToken.balanceOf(address(actualOwner)), 1_000_000_000 * 1e18);
}
```
</details>
Recommended Mitigation
- remove this code
+ add this code
Implement a fixed total supply in the constructor rather than an owner-controlled mint function.
This ensures the supply cannot be increased after deployment.
```diff
+ constructor() ERC20("BriTechLabs", "BTT") Ownable(msg.sender) {}
- function mint() public onlyOwner {
- _mint(owner(), 10_000_000 * 1e18);
}
constructor() ERC20("BriTechLabs", "BTT") Ownable(msg.sender) {
+ _mint(msg.sender, 10_000_000 * 1e18);
}
```
Rewards breakdown
nSLOC
193This contest has a flat reward structure with the following payouts:
100 EXP
20 EXP
2 EXP
Live
The contest is live. Earn rewards by submitting a finding.
Appeals
This is your time to appeal against judgements on your submissions.
Appeals Review
Appeals are being carefully reviewed by our judges.