Master minters can assign minters with an allowed amount. Upon adding a minter, these values are set correctly. However, if a minter is removed from the protocol, any balance that they had minted but not yet distributed will not be burnt. It is also possible that minters will front-run the removal action to mint any allowed token amount that they have not yet minted.
Proof of Concept
Tools Used
Manual code review.
Recommended Mitigation Steps
Ensure this is understood and consider burning a minter's tokens when removeMinter() is called. It also might be useful to make use of networks that have front-running protection. For example, Taichi and Flashbots allow for private transactions.
Lines of code
https://github.com/code-423n4/2022-02-jpyc/blob/main/contracts/v1/FiatTokenV1.sol#L344-L353 https://github.com/code-423n4/2022-02-jpyc/blob/main/contracts/v1/FiatTokenV1.sol#L361-L375 https://github.com/code-423n4/2022-02-jpyc/blob/main/contracts/v1/FiatTokenV1.sol#L127-L150
Vulnerability details
Impact
Master minters can assign minters with an allowed amount. Upon adding a minter, these values are set correctly. However, if a minter is removed from the protocol, any balance that they had minted but not yet distributed will not be burnt. It is also possible that minters will front-run the removal action to mint any allowed token amount that they have not yet minted.
Proof of Concept
Tools Used
Manual code review.
Recommended Mitigation Steps
Ensure this is understood and consider burning a minter's tokens when
removeMinter()
is called. It also might be useful to make use of networks that have front-running protection. For example, Taichi and Flashbots allow for private transactions.