The system uses the same account to change both frequently updated parameters and those that require less frequent updates.
This architecture is error-prone and increases the severity of any privileged account compromises.
Short term, use a separate account to handle updating the tokens/USD ratio. Using the same account for the critical operations and update the tokens/USD ratio increases underlying risks. Long term, document the access controls and set up a proper authorization architecture. Consider the risks associated with each access point and their frequency of usage to evaluate the proper design.
- ToB Audit Hermez Finding 5
- Access Control
- High Severity
- Same Account
- Frequent/Rare Updates
- Least Common Mechanism
- Youtube Reference
- High Risk severity finding from ToB’s Audit of Hermez