[WP-H7] CollateralToken.sol's COLLATERAL_BURNER_ROLE and COLLATERAL_MINTER_ROLE can rug users
Lines of code Vulnerability details In the current design/implementation, CollateralToken is minted and burned by COLLATERALMINTERROLE and COLLATERALBURNERROLE. Such roles can be granted by the owner of QuantConfig, which is the deployer of the QuantConfig. Once the attacker managed to acquire on...