search

code-423n4 / 2024-02-ai-arena-findings

4 stars 3 forks source link

Unchecked owner privileges permit unlimited token minting, undermining trust. #1427

Closed c4-bot-1 closed 7 months ago

c4-bot-1 commented 7 months ago

Lines of code

https://github.com/code-423n4/2024-02-ai-arena/blob/1d18d1298729e443e14fea08149c77182a65da32/src/Neuron.sol#L155-L159 https://github.com/code-423n4/2024-02-ai-arena/blob/1d18d1298729e443e14fea08149c77182a65da32/src/Neuron.sol#L56 https://github.com/code-423n4/2024-02-ai-arena/blob/1d18d1298729e443e14fea08149c77182a65da32/src/Neuron.sol#L73 https://github.com/code-423n4/2024-02-ai-arena/blob/cd1a0e6d1b40168657d1aaee8223dc050e15f8cc/src/GameItems.sol#L147-L176

Vulnerability details

Impact

Missing access controls allowing contract owners unlimited critical operations such as token minting. The broad privilege stems from the owner role in the Neuron token contract: File: src/Neuron.sol/mint 

function mint(address to, uint256 amount) public virtual {
    require(totalSupply() + amount < MAX_SUPPLY, "Trying to mint more than the max supply");
    require(hasRole(MINTER_ROLE, msg.sender), "ERC20: must have minter role to mint");
    _mint(to, amount);
}

And the admin configuration: File: src/Neuron.sol#L56, File: src/Neuron.sol#L73

mapping(address => bool) public isAdmin;

isAdmin[_ownerAddress] = true;

This enables the owner to:

Without checks and balances.

For example, unlimited minting:

mint(ownerAddress, 1000000000 * 10**18)

Total loss of trust. Participants abandon ecosystem due to lack of fairness or integrity.

Proof of Concept

File: src/Neuron.sol

function mint(address to, uint256 amount) public {
  // Mints tokens without limit
  require(hasRole(MINTER_ROLE, msg.sender)) 
}

mapping(address => bool) public isAdmin;

// Sets admin status without restrictions
isAdmin[founderAddress] = true;

Together these allow the founder/owner to:

  1. Assign themselves admin access
  2. Mint infinite tokens by virtue of the minter role

Without any checks or oversight. Giving a single address unrestrained control over the token supply and contract privileges is very dangerous.

Tools Used

Vscode

Recommended Mitigation Steps

Multi-sig schemes, time-locks, and reduced authority.

Adding governance constraints and applying the principle of least authority here would mitigate the issues.

Assessed type

Token-Transfer

c4-pre-sort commented 7 months ago

raymondfam marked the issue as insufficient quality report

c4-pre-sort commented 7 months ago

raymondfam marked the issue as duplicate of #20

c4-judge commented 7 months ago

HickupHH3 marked the issue as not a duplicate

HickupHH3 commented 7 months ago

merely a recommendation on privileged roles

HickupHH3 commented 7 months ago

1R

c4-judge commented 7 months ago

HickupHH3 changed the severity to QA (Quality Assurance)

c4-judge commented 7 months ago

HickupHH3 marked the issue as grade-c