Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom

Centralization-01: Controller Owner #7

Open
3esmit opened this issue Sep 26, 2023 · 1 comment
Open

Centralization-01: Controller Owner #7

3esmit opened this issue Sep 26, 2023 · 1 comment

Comments

@3esmit
Copy link
Contributor

3esmit commented Sep 26, 2023

The MiniMeToken has several permissionless perks, but currently the entire system can be compromised by a single entity which is the owner of SNTPlaceHolder (current controller).
That’s because it can change the SNT’s controller to an arbitrary address, and the controller can mint infinite/burn by any amount.
Use most safeguards, or even configure it to be the DAO itself.
Consider issue Info-03, to remove unnecessary power from the Controller entity.
@0x-r4bbit
Copy link
Contributor

As of c76ba5b, the controller is using Ownable2Step, do you think this can be closed then?

Ownable2Step allows for declining ownership

Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Assignees
No one assigned
Labels
None yet
Projects
None yet
Milestone
No milestone
Development

No branches or pull requests
2 participants
@3esmit @0x-r4bbit