Inexplicable Capability of Arbitrary Mints

[adradr]

RTN-01M: Inexplicable Capability of Arbitrary Mints

Type	Severity	Location
Centralization Concern		RandToken.sol:L53, L55

Description:

The multi-signature module of the contract is able to arbitrarily mint new Rand tokens at will.

Example:

function initialize(
    string memory _name,
    string memory _symbol,
    uint256 _initialSupply,
    IAddressRegistry _registry
) public initializer {
    __ERC20_init(_name, _symbol);
    __ERC20Burnable_init();
    __Pausable_init();
    __AccessControl_init();

    REGISTRY = _registry;

    address _multisigVault = REGISTRY.getAddress("MS");
    _grantRole(DEFAULT_ADMIN_ROLE, _multisigVault);
    _grantRole(PAUSER_ROLE, _multisigVault);
    _grantRole(MINTER_ROLE, _multisigVault);
    _mint(_multisigVault, _initialSupply * 10**decimals());
}

Recommendation:

We advise this component of the system to be revised as there appears to be no purpose for this trait of the system.

[adradr]

@sergiff This would be a feature, as there is new tokens are required to be minted we can do so, otherwise we can do that we don't grant role automatically for the multisig, but only granting role when needed. I think there is not much of a difference.