Assessment reportsPublic findings
Back to Zellic siteBack
Assessment reports>XAUm>Low findings>Incorrect role check
GeneralOverview
Findings
Medium (1)
Low (1)Incorrect role check
Informational (4)
DiscussionOff-chain validation
Threat ModelComponent: Minter module (minter::minter)Component: MToken module (mtoken::mtoken)
Audit ResultsAssessment Results
Category: Business Logic

Incorrect role check

Low Impact
Low Severity
Low Likelihood

Description

The revoke_set_revoker function checks if the sender is the operator. While all functions with the revoke_ prefix are only callable by the revoker, when setting the revoker, it would be more appropriate to check if the sender is the owner. This is because the operator is only responsible for operations related to minting and burning coins.

entry fun revoke_set_revoker<T>(state: &State<T>, req: SetRevokerReq, ctx: &TxContext) {
    check_version(state);
    check_operator(state, ctx);

Impact

The operator can revoke operations that exceed its privileges.

Recommendations

We recommend to check if the sender is the owner instead of operator.

Remediation

This issue has been acknowledged by MatrixDock, and a fix was implemented in commit fbab42d6.

Zellic © 2025Back to top ↑