Back to BLOS's contests

Llama - BLOS's results

A governance system for onchain organizations.

General Information

Platform: Code4rena

Start Date: 06/06/2023

Pot Size: $60,500 USDC

Total HM: 5

Participants: 50

Period: 8 days

Judge: gzeon

Id: 246

League: ETH

Llama

Findings Distribution

Researcher Performance

Rank: 13/50

Findings: 1

Award: $446.81

🌟 Selected for report: 0

🚀 Solo Findings: 0

External Links

Code4rena Contest PageGithub Contest RepositoryGithub Findings RepositoryLlama

Findings Information

🌟 Selected for report: ktg

Also found by: 0xnev, Atree, BLOS, Toshii, auditor0517, xuwinnie

Labels

bug
2 (Med Risk)
satisfactory
duplicate-64

Awards

446.8103 USDC - $446.81

External Links

Link to GitHub issue

Lines of code

https://github.com/code-423n4/2023-06-llama/blob/9d641b32e3f4092cc81dbac7b1c451c695e78983/src/LlamaPolicy.sol#L404-L409

Vulnerability details

Impact

"_assertNoActionCreationsAtCurrentTimestamp" can be used to DOS "revokeExpiredRole"

Proof of Concept

If someone tries to revoke an expired role, they will need to call "revokeExpiredRole". But the role holder can frontrun "createAction" at the same timestamp to make that call revert.

function _assertNoActionCreationsAtCurrentTimestamp() internal view {
    if (llamaExecutor == address(0)) return; // Skip check during initialization.
    address llamaCore = LlamaExecutor(llamaExecutor).LLAMA_CORE();
    uint256 lastActionCreation = LlamaCore(llamaCore).getLastActionTimestamp();
    if (lastActionCreation == block.timestamp) revert ActionCreationAtSameTimestamp();
}

Tools Used

Manual

Don't use "_assertNoActionCreationsAtCurrentTimestamp"

Assessed type

DoS

#0 - c4-pre-sort

2023-06-19T11:45:51Z

0xSorryNotSorry marked the issue as duplicate of #209

#1 - c4-judge

2023-07-02T11:13:39Z

gzeon-c4 marked the issue as satisfactory

AuditHub

A portfolio for auditors, a security profile for protocols, a hub for web3 security.

Built bymalatrax © 2024

Auditors

Browse

Contests

Browse

Get in touch

ContactTwitter