Closed code423n4 closed 10 months ago
bytes032 marked the issue as low quality report
More like a recommendation instead a vulnerability
GalloDaSballo changed the severity to QA (Quality Assurance)
Per discussion with judge, adding grade labels on their behalf.
Lines of code
https://github.com/code-423n4/2023-08-dopex/blob/main/contracts/dpxETH/DpxEthToken.sol#L19
Vulnerability details
Impact
The
DpxEthToken
contract uses a specificPAUSER_ROLE
for pausing and unpausing the token. This contrasts with other contracts in the codebase that use theDEFAULT_ADMIN_ROLE
for similar functionalities. This inconsistency could lead to confusion and potential mismanagement of roles, as administrators may not be aware of the specific roles required for certain actions across different contracts.Tools Used
Manual code review.
Recommended Mitigation Steps
Choose a standard role for pausing functionalities across all contracts. If
PAUSER_ROLE
is specific toDpxEthToken
, consider updating other contracts to use this role for consistency or vice versa.Assessed type
Access Control