Orderers Can Unauthorized Transfer User's Share In Single Step
Lines of code Vulnerability details Impact The transferFrom function of vToken.sol can be done without any user permissions or strict security checks, requires only the caller must has ORDERERROLE as the access control, exposing it to the centralize risk if an orderer is compromised or act...