Description

Note that the owner of the SpecToken contract has the ability to (including, but not limited to):

• pause ERC-20 transfers at any time

• upgrade the contract to potentially mint coins

• block specific users by setting a large allocation configuration on specific users such that calculateAllocation reverts with an integer overflow error

Recommendations

Ensure the contract owner is a trustworthy governance contract, or otherwise prominently document and accept the centralization risks.

Remediation