Security Audit #2867 Exposes Critical Flaw: 'Mining Reward Type Confusion' Allows Unauthorized Minting in Real Code

A security audit of a live codebase has confirmed a high-severity vulnerability enabling unauthorized token minting. The flaw, identified as 'Mining Reward Type Confusion,' allows an attacker to mint 150 RTC tokens with zero inputs by simply setting a transaction type to `mailing_reward`. The proof-of-concept demonstrates that the `apply_transaction()` function lacks any authorization check for who can invoke the `MINTING_TX_TYPES`, creating a direct path to inflate the token supply.

The audit, conducted by @zhaog100, directly imported and tested the real `utxo_db.py` module, moving beyond standalone tests. The PoC code successfully executed a transaction with empty inputs and a large output to an attacker-controlled address, confirming the vulnerability is not theoretical but exploitable in the actual system. This finding is part of a broader audit that identified five total issues, including another high-severity flaw related to fee manipulation via a legacy signature fallback.

The confirmation of this vulnerability in real operational code represents a significant security failure in the system's core transaction logic. It exposes the project to direct financial risk through unauthorized minting and undermines trust in its economic safeguards. The presence of multiple additional findings, from medium-severity float precision loss to low-severity state root ambiguities, suggests broader code quality and security review deficiencies that require immediate and comprehensive remediation.