Platform: Code4rena
Start Date: 03/08/2023
Pot Size: $90,500 USDC
Total HM: 6
Participants: 36
Period: 7 days
Judge: 0xean
Total Solo HM: 1
Id: 273
League: ETH
Rank: 36/36
Findings: 1
Award: $36.16
🌟 Selected for report: 0
🚀 Solo Findings: 0
🌟 Selected for report: MiloTruck
Also found by: 0xbepresent, 0xnev, 0xprinc, HE1M, Mirror, Sathish9098, Udsen, arialblack14, berlin-101, eierina, hals, ktg, nobody2018
36.1616 USDC - $36.16
SecurityCouncilMgmtUpgradeLib.sol/areAddressArraysEqual(...) as it is missing an edge caseThis function checks whether the two addresses array have all same elements or not. <br>This function contains two loops, first loop check whether all elements of first array are present in the second array, second for loop does vice versa. <br>
This is wrong implementation as the input of type ([a,a,b,c], [a,b,b,c]) will bypass where a,b,c are three different addresses. <br>
This is considered low as the function is used with arrays with all addresses in the array to be different and no repetition. <br>
But if that is the case then there is no point of having two for loops as if the arrays have all elements different then this will not require two for loops.
ActionExecutionRecod.solhttps://github.com/ArbitrumFoundation/governance/blob/c18de53820c505fc459f766c1b224810eaeaabc5/src/gov-action-contracts/execution-record/ActionExecutionRecord.sol#L8-L9
it appears two times
/// @dev This contract is designed to be inherited by action contracts, so it /// it must not use any local storage
ActionExecutionRecord.sol/constructor(...)there should be the input validation of isContract to validate the KeyValueStore contract.
https://github.com/ArbitrumFoundation/governance/blob/c18de53820c505fc459f766c1b224810eaeaabc5/src/gov-action-contracts/execution-record/ActionExecutionRecord.sol#L37-L39
https://github.com/ArbitrumFoundation/governance/blob/c18de53820c505fc459f766c1b224810eaeaabc5/src/gov-action-contracts/execution-record/KeyValueStore.sol#L26-L28
ActionExecutionRecord.sol/computeKey() and KeyValueStore.sol/computeKey() have the same function signatures which is not recommended.
SecurityCouncilManager.solconstant named as the RETRYABLE_TICKET_MAGIC present in the contract is redundant as it is not called anytime in that contract and is not even used by any other contract calling this contract i.e. SecurityCouncilManager.sol.
RETRYABLE_TICKET_MAGIC is also declared in L1ArbitrumTimelock.sol and UpgradeExecRouteBuilder.sol where it is used but not here.<BR>
SecurityCouncilManager.sol/replaceCohort(...) should been recommended to have the functionality to replace the new cohort of any size in the limits of (0 -> cohortSize)This functionality will be useful while making a big change in the security council with change in the new cohort length, all this in a single transaction. otherwise it will need more than a single transaction.
SecurityCouncilManager.sol/_swapMembers(...) should include the validation that the address to add should not equal to the address to remove.This validation is recommended to avoid not necessary swapping.
SecurityCouncilMgmtUtils.sol/filterAddressesWithExcludeList(...) can be marked as pure as it is not reading any state.SecurityCouncilMemberSyncAction.sol/perform(...) as the name of the variable is never usedres variable name is never used so better not to name the retuern variable
function perform(address _securityCouncil, address[] memory _updatedMembers, uint256 _nonce) external returns (bool res)
zeroAddress validation missing in function perform(...)for (uint256 i = 0; i < _updatedMembers.length; i++) { address member = _updatedMembers[i]; // @low should also have a check of that the new addresses are not zero addresses if (!securityCouncil.isOwner(member)) { _addMember(securityCouncil, member, threshold); } }
#0 - c4-judge
2023-08-18T23:25:32Z
0xean marked the issue as grade-b