Omniscia Bluejay Finance Audit

StablecoinToken Manual Review Findings

STE-01M: Fluid Token Minting System

Type	Severity	Location
Centralization Concern		StablecoinToken.sol:L32-L34

Description:

The StablecoinToken contains an access control system that permits the owner to arbitrarily set minters and mint at will.

Example:

packages/contracts/contracts/StablecoinToken.sol

22function initialize(string memory name, string memory symbol)
23  public
24  initializer
25{
26  __ERC20_init(name, symbol);
27  __ERC20Burnable_init();
28  __AccessControl_init();
29  __ERC20Permit_init(name);
30  __UUPSUpgradeable_init();
31
32  _setupRole(DEFAULT_ADMIN_ROLE, msg.sender);
33}
34
35function mint(address to, uint256 amount) public onlyRole(MINTER_ROLE) {
36  _mint(to, amount);
37}

Recommendation:

Given that the token is meant to be minted by system components, we advise a function to be coded that assigns the corresponding minting and upgrader roles to pre-determinate parties without the ability to arbitrarily set them and thus significantly reducing the centralization of the project.

Alleviation:

The Bluejay Finance team stated that they wish to retain a degree of flexibility with regards to the token's minting capabilities as they may branch out to multi-chain deployments in the future. As a result, we consider this exhibit sufficiently addressed based on the principle that the Bluejay Finance team will act responsibly with the contract's role management system.

Omniscia Bluejay Finance Audit

StablecoinToken Manual Review Findings

StablecoinToken Manual Review Findings

STE-01M: Fluid Token Minting System

Description:

Example:

Recommendation:

Alleviation:

StablecoinEngine.sol (SEE-M)

StakedToken.sol (STN-M)

On this page