The token of the uusd contract can be destroyed infinitely

Summary

The burnRebalancer(uint256 amount) function can be called by everyone, This will cause the token of the UUSD contract to be destroyed at will.

Vulnerability Detail

In the USSD.sol file, the burnRebalancer(uint256 amount) function can be called by anyone:

function burnRebalancer(uint256 amount) public override {
    _burn(address(this), amount);
}

The attacker can call the burnRebalancer(uint256 amount) to destroy the tokens of UUSD contract.

Impact

Tokens of UUSD contract are destroyed at will.

Code Snippet

https://github.com/USSDofficial/ussd-contracts/blob/f44c726371f3152634bcf0a3e630802e39dec49c/contracts/USSD.sol#L208-L210

Tool used

Manual Review

Recommendation

Add onlyBalancer modifier to burnRebalancer(uint256 amount) function:

modifier onlyBalancer() {
    require(msg.sender == address(rebalancer), "bal");
    _;
}
function burnRebalancer(uint256 amount) public override onlyBalancer {
    _burn(address(this), amount);
}

Provide feedback

Saved searches

Use saved searches to filter your results more quickly

002.md

002.md

The token of the uusd contract can be destroyed infinitely

Summary

Vulnerability Detail

Impact

Code Snippet

Tool used

Recommendation

Files

002.md

Latest commit

History

002.md

File metadata and controls

The token of the uusd contract can be destroyed infinitely

Summary

Vulnerability Detail

Impact

Code Snippet

Tool used

Recommendation