Assessment reportsPublic findings
Back to Zellic siteBack
Assessment reports>SSI Protocol>Discussion>Centralization risk
GeneralOverview
Findings
Medium (3)
Low (4)
DiscussionTest suiteCustom errors could save gasRedundant checksNo storage gap for upgradable contractsCentralization risk
Threat ModelWhat are threat models?AssetFactory.solAssetFeeManager.solAssetIssuer.solAssetLocking.solAssetRebalancer.solAssetToken.solStakeFactory.solStakeToken.solSwap.solUSSI.sol
Audit ResultsAssessment Results

Centralization risk

In the Swap contract, the orders are signed by an address with the MAKER_ROLE. If one of those addresses is compromised, it would also allow signing any orders, allowing minting, burning fees, and redeeming operations until the role is revoked by the owner of the Swap contract. In addition, the owner can revoke a maker before a participant uses their orders and thus grief any participants.

The above introduces a centralization risk that users should be aware of, as it grants a single point of control over the system.

We recommend that this centralization risk be clearly documented for users so that they are aware of the extent of the owner's control over the contract. This can help users make informed decisions about their participation in the project. Additionally, clear communication about the circumstances in which the owner may exercise these powers can help build trust and transparency with users. Therefore, it is recommended to implement additional measures to mitigate these risks, such as implementing a multi-signature requirement for owner access.

Zellic © 2025Back to top ↑