The contract lacks proper access control for critical functions such as mint_dsc and burn_dsc, which allows any user to mint or burn DSC tokens. These functions are critical for managing the token supply, and their unrestricted usage poses significant security risks and can disrupt the token ecosystem.
Both mint_dsc and burn_dsc are key functions responsible for the minting and burning of DSC tokens within the contract.
Access Control Issue: These functions do not have any form of access restriction, allowing any user or contract to call them without authorization.
Anyone can mint an unlimited number of DSC tokens, leading to inflation or devaluation of the token, which can destabilize the token's intended economic model.
Any user can burn DSC tokens, which could cause unintended token shortages or disrupt the token balance, leading to a malfunctioning token supply.
Manual Review
Introduce proper access control mechanisms such as modifiers (e.g., onlyOwner, onlyAuthorized) to restrict access to these critical functions. Only authorized addresses or contracts should be allowed to call mint_dsc and burn_dsc.
The contest is live. Earn rewards by submitting a finding.
This is your time to appeal against judgements on your submissions.
Appeals are being carefully reviewed by our judges.