Closed dantaik closed 2 weeks ago
Generated at commit: eea46ad17e8a03dfa0272872f69f8c623b9952d1
🚨 Report Summary
Severity Level Results Contracts Critical High Medium Low Note Total 2 2 0 5 40 49 Dependencies Critical High Medium Low Note Total 0 0 0 0 0 0
For more details view the full report in OpenZeppelin Code Inspector
@davidtaikocha TaikoToken's storage layout stays the same; but bridged tokens' layout changed which I think it's OK.
BEGIN_COMMIT_OVERRIDE refactor(protocol): merge
BridgedERC20Base
intoBridgedERC20
for simplicity feat(protocol): allow contract owner to mint/burn bridged ERC20 tokens (besides ERC20Vault) feat(protocol): disallow bridged token contract owner to trigger migration directly (must go through ERC20Vault) feat(protocol): disallow migration within 90 days post the previous migration feat(protoocl): make BridgedERC20 no longer inheritERC20VotesUpgradeable
feat(protocol): addBridgedTaikoToken
that inheritsERC20VotesUpgradeable
END_COMMIT_OVERRIDEThis is to respond this feedback from OZ
Tokens inheriting from the BridgedERC20Base contract can be migrated by the owner or by calling the changeMigrationStatus function of the ERC20Vault. If a migration is triggered, token owners can burn their tokens to mint the same amount of tokens on the new contract. If the migration is triggered by the bridge, old tokens are added to a blacklist and have to be migrated before being able to bridge.
However, there are multiple migration scenarios that could cause accidental user losses: