Omniscia 0xPhase Audit
PegTokenV1 Manual Review Findings
PegTokenV1 Manual Review Findings
PTV-01M: Inexistent Validation of Allowances
| Type | Severity | Location |
|---|---|---|
| Centralization Concern |  | PegTokenV1.sol:L24-L29, L33-L39 |
Description:
The PegTokenV1::burnManager and PegTokenV1::transferManager functions do not validate any allowance between the from address and the caller of the function, permitting arbitrary balances to be burned / transferred.
Example:
22/// @inheritdoc IPegToken23/// @custom:protected onlyRole(MANAGER_ROLE)24function burnManager(25 address from,26 uint256 amount27) external override onlyRole(MANAGER_ROLE) {28 _burn(from, amount);29}Recommendation:
We advise the code to ensure that there is sufficient allowance between the from address and the caller (msg.sender) and to decrease it by the amount being utilized, disallowing the same allowance from being reused.
Alternatively, if the MANAGER_ROLE is meant to be held solely by system modules we advise it to be assigned only once during the contract's PegTokenV1::constructor and no further addresses to be added to it.
Alleviation (3dd3d7bf0c2693b2f9c23bacedfa420393f7ea84):
The 0xPhase team evaluated this exhibit and has stated that only system modules as well as the timelock address will be able to access MANAGER_ROLE protected functions. While they acknowledge the potential security risk, they believe that the benefit of reduced gas costs across the board outweighs them. As such, we consider this exhibit acknowledged.