The unchecked minting vulnerability occurs when there are no limits on the amount of tokens that can be minted by an authorized minter or a smart contract.
DSCEngine
/Decentralized Stable Coin
ContractThe mint
function allows an authorized minter to mint stablecoins:
extcall DSC.mint(msg.sender, amount_dsc_to_mint)
Without additional safeguards:
There are no caps or checks to ensure the minted amount corresponds to the value of deposited collateral.
A compromised minter or governance system could mint unlimited tokens.
Can lead to inflation, with excessive token minting rendering the system unstable. Also can breaks the peg, destroys trust, and leads to system collapse.
N/A
Global Cap: Set a maximum limit for the total DSC supply.
assert total_supply + amount_to_mint <= MAX_SUPPLY, "Global minting cap exceeded"
Per-User Cap: Limit how much a single user can mint also to avoid that one user own more than others.
assert user_minted[msg.sender] + amount_to_mint <= USER_MINT_CAP, "User minting cap exceeded"
The contest is live. Earn rewards by submitting a finding.
This is your time to appeal against judgements on your submissions.
Appeals are being carefully reviewed by our judges.