search

hyperlane-xyz / hyperlane-monorepo

The home for Hyperlane core contracts, sdk packages, and other infrastructure
https://hyperlane.xyz
Other
243 stars 274 forks source link

Consider removing initial mint functionality from synthetic warp routes #4013

Open yorhodes opened 3 weeks ago

yorhodes commented 3 weeks ago

Problem

The HypERC20 contract has a feature which allows mints initial supply to the deployer (in the initialize). This is somewhat of a footgun, and can grant the deployer unintended power on the warp route.

Additional context Discord developer @lyfsen

Hey, I tried to deploy a new wrap Router, and I deployed an ERC20 token in the collateral chain (collateral mode) using this. It pre-minted 1M tokens. But I found that in the synthetic chain (synthetic mode), the contract also pre-minted 1M to the sender address. I think it's abnormal because the synthetic chain token should need minting rather than pre-minting. So, is it normal to pre-mint in the synthetic chain? It should not premint I want

Solution

Remove initialize minting and rely exclusively on messages to mint initial supply

nambrot commented 3 weeks ago

I'm fine with having this in the initializer, i would just call it initialBalances so that from the function signature, you can tell the purpose of the parameter is to mint that.