Omniscia KlimaDAO Audit
AlphaKlimaUpgradeable Manual Review Findings
AlphaKlimaUpgradeable Manual Review Findings
AKU-01M: Centralized Total Supply
Type | Severity | Location |
---|---|---|
Logical Fault | Minor | AlphaKlimaUpgradeable.sol:L22 |
Description:
The aKLIMA
token's total supply is minted in full directly to the Klima administrator.
Example:
contracts/tokens/upgradeable/AlphaKlimaUpgradeable.sol
10contract AlphaKlimaUpgradeable is ERC20PresetFixedSupplyUpgradeable, OwnableUpgradeable {11
12 constructor(){13 }14
15 function initialize() public initializer {16 __AlphaKlimaUpgradeable_init(0x693aD12DbA5F6E07dE86FaA21098B691F60A1BEa);17 }18
19 function __AlphaKlimaUpgradeable_init(address _Klimadmin) internal {20
21 __Ownable_init();22 __ERC20PresetFixedSupply_init("AlphaKlima", "aKLIMA", 120000 * 1e18, _Klimadmin);23 }24
25}
Recommendation:
We advise this trait of the system to be assessed and potentially revised as it overly centralizes the supply of the token and consequent value.
Alleviation:
The KlimaDAO team stated that this is by design and that the aKLIMA token was a placeholder that is no longer in use. As such, we consider this exhibit void.