Omniscia Steer Protocol Audit
SteerToken Manual Review Findings
SteerToken Manual Review Findings
STN-01M: Arbitrary Mint Capacity
| Type | Severity | Location |
|---|---|---|
| Centralization Concern |  | SteerToken.sol:L53-L58 |
Description:
The owner of the contract is capable of minting an arbitrary amount of tokens to an arbitrary party.
Example:
53/// @dev Mints tokens to a given address54/// @param _to The address to transfer to55/// @param _amount The amount to transfer56function mint(address _to, uint256 _amount) public onlyOwner {57 _mint(_to, _amount);58}Recommendation:
We advise this form of functionality to be restricted as it significantly increases the centralization of the token. The Steer Protocol team has informed us that the initial owner will be a multi-signature wallet beyond which ownership will be transferred to a DAO. Given that the interim state of multi-signature ownership is vulnerable to ownership attacks, we advise the initial mint to be utilized for all team-related needs and the mint capability to only be invoke-able by the DAO instead of the owner.
Alleviation (200f275c40cbd4798f4a416c044ea726755d4741):
The Steer Protocol stated that the ownership of this token will be transferred to a DAO shortly after deployment. As such, the centralization concern is nullified based on the assumption that ownership will be transferred.
STN-02M: Inexistent Initialization of Base Implementation
| Type | Severity | Location |
|---|---|---|
| Language Specific | | SteerToken.sol:L17-L27 |
Description:
The contract does not properly initialize the base logic implementation permitting it to be taken over by a malicious party.
Impact:
While not an active security threat, it can evolve into one if any form of delegatecall capability is introduced in one of the dependencies of the contract that could cause it to invoke a selfdestruct instruction.
Example:
17contract SteerToken is18 Initializable,19 ERC20Upgradeable,20 ERC20BurnableUpgradeable,21 PausableUpgradeable,22 OwnableUpgradeable,23 ERC20PermitUpgradeable,24 ERC20VotesUpgradeable,25 ERC20FlashMintUpgradeable,26 UUPSUpgradeable27{Recommendation:
We advise a constructor to be introduced that simply invokes the initializer modifier to ensure that the logic implementation cannot be initialized maliciously.
Alleviation (200f275c40cbd4798f4a416c044ea726755d4741):
A constructor was introduced that properly invokes the initializer modifier and disallows initialization of the logic implementation, alleviating this exhibit in full.
STN-03M: Potentially Incompatible Flash Loan Mechanism
| Type | Severity | Location |
|---|---|---|
| Language Specific | | SteerToken.sol:L25 |
Description:
The SteerToken has been set as a flash mintable token, however, it is meant to support governance mechanisms.
Example:
17contract SteerToken is18 Initializable,19 ERC20Upgradeable,20 ERC20BurnableUpgradeable,21 PausableUpgradeable,22 OwnableUpgradeable,23 ERC20PermitUpgradeable,24 ERC20VotesUpgradeable,25 ERC20FlashMintUpgradeable,26 UUPSUpgradeable27{Recommendation:
Given that flash mint capabilities have limited use cases, we advise the trait to be omitted from the token in favour of a behaviourally-sound EIP-20 implementation given that the Steer token plays a pivotal role in the protocol's operational integrity. We should note that while the flash-mint mechanism cannot be currently exploited to acquire votes, other protocol integrators will assume that a governance token will fit within acceptable value ranges and will not be flash-mintable.
Alleviation (200f275c40):
The Steer Protocol team asserted that they would remove the flash-loan capability of the token, however, this trait is still present rendering this exhibit not dealt with.
Alleviation (0ed41ccc18):
The ERC20FlashMintUpgradeable dependency has been properly removed from the codebase rendering this exhibit alleviated.