Description:Description\
The void function in Validator is controlled by the WHITELISTER_ROLE, allowing any user with this role to reset an account's status. This can lead to blacklisted accounts being reset to VOID status, effectively bypassing the blacklist restrictions.
Impact\
A user with WHITELISTER_ROLE could accidentally or intentionally reset blacklisted accounts, allowing restricted addresses to bypass security measures, which undermines the integrity of the blacklist.
Recommendation\
Modify the void function to check that only users with the BLACKLISTER_ROLE can void blacklisted accounts, and only users with the WHITELISTER_ROLE can void whitelisted accounts.
Github username: -- Twitter username: 4n0n_x Submission hash (on-chain): 0xe89316f61cbe0531bea147aff5576e14a7a75dc5387913aa8dd12f86ca3fcb0f Severity: medium
Description: Description\ The void function in Validator is controlled by the WHITELISTER_ROLE, allowing any user with this role to reset an account's status. This can lead to blacklisted accounts being reset to VOID status, effectively bypassing the blacklist restrictions.
Impact\ A user with WHITELISTER_ROLE could accidentally or intentionally reset blacklisted accounts, allowing restricted addresses to bypass security measures, which undermines the integrity of the blacklist.
Recommendation\
Modify the void function to check that only users with the BLACKLISTER_ROLE can void blacklisted accounts, and only users with the WHITELISTER_ROLE can void whitelisted accounts.