Anyone can mint the yield fee using mintYieldFee().
mintYieldFee() mints the shares for yield fee.
function mintYieldFee(uint256 _shares, address _recipient) external {
_requireVaultCollateralized();
if (_shares > _yieldFeeTotalSupply) revert YieldFeeGTAvailable(_shares, _yieldFeeTotalSupply);
_yieldFeeTotalSupply -= _shares;
_mint(_recipient, _shares);
emit MintYieldFee(msg.sender, _recipient, _shares);
}
This function mints the shares to the _recipient and reduces _yieldFeeTotalSupply accordingly.
But there is no access control here and anyone can steal the yield fee using this function.
Manual Review
mintYieldFee() should have a whitelist for callers.
Access Control
The text was updated successfully, but these errors were encountered:
All reactions