Unable to Remove Tokens with Non-Zero Balance
removeToken refuses to remove a token while the contract holds any balance. Even dust amounts trap the token in the supported list, with no override for emergency removal.
Description
The MonadexV1Raffle contract's removeToken function includes a safety check that prevents the removal of a token if the contract holds any balance of that token. While this check is intended to prevent accidental removal of valuable assets, it introduces a significant vulnerability that could potentially lock the contract into supporting problematic or malicious tokens indefinitely.
uint256 balance = IERC20(_token).balanceOf(address(this));if (balance > 0) revert MonadexV1Raffle__CannotRemoveTokenYet(_token, balance);
This seemingly prudent check can backfire in several scenarios, effectively trapping the contract with tokens it cannot remove, regardless of the necessity or urgency of their removal.
Impact
- If a token is later discovered to be malicious or compromised, the contract has no way to remove it from the supported list as long as any balance remains. This could expose users to ongoing risk.
- Tokens with implementation bugs that prevent transfers or have other issues cannot be removed, potentially affecting the raffle's operations or user interactions.
- Even tiny, non-transferable dust amounts of a token can prevent its removal, leading to a bloated and potentially misleading list of supported tokens.
Recommendation
Add a force removal function for emergency situations or another mechanism to avoid such scenarios.
