GalloDaSballo
commented
2 years ago We must be able to mint the token so we can trade it, if we didn't renounce the minter role after the end of the sale, then I can agree with a Admin Privilege.
However that's outside of scope as there's no way you can prove that.
Lines of code
https://github.com/code-423n4/2022-04-badger-citadel/blob/main/src/CitadelToken.sol#L40
Vulnerability details
the governance can call mint in citadel token and mint for themselves as much as they want and sell, which will cause the token price to drop to zero.