AntToken Manual Review Findings

ATN-01M: Improper Collateral System

Type	Severity	Location
Logical Fault		AntToken.sol:L94-L110

Description:

The collateral system of the token is ineffectual as funds can be freely transferred between accounts even when set as collateral.

Example:

Copy
94/**
95 * @notice Allows account to block his tokens as collater for another address
96 * @dev Analogous to ERC20 approve, but not allow to decrease already set collateral
97 */
98function setCollateralFor(address receiver, uint256 amount) external nonReentrant {
99    require(receiver != address(0), "receiver can not be zero address");
100    require(balanceOf(_msgSender()) >= amount, "amount exceeds balance");
101    require(collateral[_msgSender()][receiver] < amount, "collateral can be only increased");
102    
103    // increase total collateral
104    totalCollateral[_msgSender()] -= collateral[_msgSender()][receiver];
105    totalCollateral[_msgSender()] += amount;
106   
107    collateral[_msgSender()][receiver] = amount;
108
109    emit CollateralSet(_msgSender(), receiver, amount);
110}

Recommendation:

We advise this trait of the system to be re-evaluated and corrected as it is currently a mis-implementation.

Alleviation:

After extensive deliberation with the Colony Lab team, we concluded that the function is indeed performing as expected given that it relies on balanceOf measurements that have been overridden. Our initial concern was with regards to direct transfers to the zero-address, however, the Colony Lab team showcased that the dependency version of OpenZeppelin utilized prohibits direct transfers to the zero-address and as such there is no attack vector present in the code from this segment. As a result, we consider this exhibit nullified.