Open hats-bug-reporter[bot] opened 4 months ago
Thank you for the submission.
Indeed, such functionality is not available in Thena & Chronos, the very absence of this functionality does not create obvious problems except for hypothetical ones, which may also be based on misconfiguration on the part of the Owner
Github username: @https://github.com/Pavel2202 Twitter username: https://twitter.com/timenov_pavel Submission hash (on-chain): 0x7b0bc848386f8668cadf59ad039bd12fadd8675a110bde66ebca4dee43c0a196 Severity: low
Description: Description\ In
BribeUpgradeable.sol
there are 2 function that can add token to therewardTokens
array and update theisRewardToken
mapping(totrue
). However there is no way to remove that token from the array and mapping.https://github.com/Satsyxbt/Fenix/blob/7b81d318fd9ef6107a528b6bd49bb9383e1b52ab/contracts/bribes/BribeUpgradeable.sol#L352-L369
Attack Scenario\ Describe how the vulnerability can be exploited.
Attachments
Proof of Concept (PoC) File
Revised Code File (Optional)