Open 3esmit opened 1 year ago
As of https://github.com/logos-co/optimism-bridge-snt/commit/c76ba5b946d67b070cd39f1f88dafa319202ff5a, the controller is using Ownable2Step
, do you think this can be closed then?
Ownable2Step
allows for declining ownership
The MiniMeToken has several permissionless perks, but currently the entire system can be compromised by a single entity which is the owner of SNTPlaceHolder (current controller). That’s because it can change the SNT’s controller to an arbitrary address, and the controller can mint infinite/burn by any amount. Use most safeguards, or even configure it to be the DAO itself. Consider issue Info-03, to remove unnecessary power from the Controller entity.