2 matches found
burnFeiHeld() in SimpleFeiDaiPSM burns FEI balance of contract, which includes FEI received because of redeems and FEI transferred or minted for the contract address. contract should only burn FEI received in redeems. this functionality a backdoor to transfer and burn FEI tokens by this contract.
Lines of code Vulnerability details Impact it's possible to burn FEI tokens without receiving DAI tokens, one can transfer FEI tokens to SimpleFeiDaiPSM contract address and then call burnFeiHeld to burn FEI tokens. this is a backdoor to burn FEI tokens. the contract should only burn FEI tokens...
onlyBurner modifier missing
Lines of code Vulnerability details Impact onlyBurner modifier is missing in burn function. Since it is a public function anyone can burn FEI tokens. Proof of Concept Tools Used Manual analysis Recommended Mitigation Steps Add onlyBurner modifier to the burn function. --- The text was updated...