Assessment reportsPublic findings
Back to Zellic siteBack
Assessment reports>Hyperbeat Pay>Design>Component: TokenWhitelistRegistry
GeneralOverview
Findings
Critical (1)
Medium (3)
Low (7)
Informational (1)
Indeterminate (2)
DiscussionIncompatible with nonstandard ERC-20 tokensWithdrawal-fee bypass with dust amountsMissing token whitelist validation in ACTION_CUSTOM pathTest suite
DesignComponent: ManagementAccountComponent: ManagementAccountFactoryComponent: ServiceRegistryComponent: TokenWhitelistRegistryComponent: MorphoService
Audit ResultsAssessment Results

Component: TokenWhitelistRegistry

Description

The TokenWhitelistRegistry is a central access-control registry that manages which tokens are permitted for use across all ManagementAccounts. It serves as the single source of truth for token whitelisting, ensuring that only approved tokens can be deposited, withdrawn, used in service actions, or utilized for settlements.

Invariants

Settlement-token enforcement

  • The settlement token is immutable and automatically whitelisted upon deployment.

  • The settlement token cannot be removed from the whitelist.

Access control

  • Only addresses with the TOKEN_ADMIN_ROLE can whitelist new tokens or remove existing tokens.

  • The DEFAULT_ADMIN_ROLE can grant or revoke the TOKEN_ADMIN_ROLE.

Attack surface

  • Token removal risk. A TOKEN_ADMIN_ROLE can remove a token from the whitelist, which would prevent all ManagementAccounts from withdrawing that token from their accounts. This risk is mitigated by the fact that the settlement token cannot be removed from the whitelist.

  • Token whitelist management. Only TOKEN_ADMIN_ROLE can manage the token whitelist, preventing malicious external parties from adding or removing tokens from the whitelist.

Zellic © 2025Back to top ↑