nevillehuang
commented
6 days ago Invalid, ADMIN_ROLE trusted per contest details
Closed sherlock-admin3 closed 1 week ago
nevillehuang
commented
6 days ago Invalid, ADMIN_ROLE trusted per contest details
newt
High
No Limit For Minting
Summary
In vault contract StakeToken.sol, there is no limit set for amount of tokens that can be minted, as a result, the minter can mint unlimited tokens, disrupting the token supply and value.
Vulnerability Detail
If the minter were to mint an excessive amount of tokens seeing that there are no limit checks implemented. This can lead to overinflation.
Impact
It presents a significant risk of overinflation.
Code Snippet
https://github.com/sherlock-audit/2024-05-elfi-protocol/blob/main/elfi-perp-contracts/contracts/vault/StakeToken.sol#L14-L16
Tool used
Manual Review
Recommendation
Add a limit for the number of tokens the minter can mint.