Centralization risk
Description
There are two types of privileged accounts for the Distributor1 contract: the owner and the signer. The signer address is only used to verify the signature before allowing airdrop claims.
For the Distributor1 contract, the owner can change the claimRoot
value with the setClaimRoot
function and render all the previous proof of inclusions invalid. Additionally, the owner has the ability to withdraw all funds from the contract using the withdraw
function.
For the StreamingNFT contract, there is only one privileged address, the owner. The owner can change the value of the fees with the setFee
function to a very high value, making the stream creation and reward-amount values almost null. Additionally, the owner has the ability to withdraw all funds from the contract using the withdraw
function.
Impact
The above introduces centralization risks that users should be aware of, as it grants a single point of control over the system. If a malicious user gains access to the owner's private key, they can withdraw all funds.
Recommendations
We recommend that these centralization risks be clearly documented for users so that they are aware of the extent of the owner's control over the contracts. This can help users make informed decisions about their participation in the project. Additionally, clear communication about the circumstances in which the owner may exercise these powers can help build trust and transparency with users. Therefore, it is recommended to implement additional measures to mitigate these risks, such as implementing a multi-signature requirement for owner access.