Platform: Code4rena
Start Date: 31/10/2023
Pot Size: $60,500 USDC
Total HM: 9
Participants: 65
Period: 10 days
Judge: gzeon
Total Solo HM: 2
Id: 301
League: ETH
Rank: 13/65
Findings: 1
Award: $716.76
🌟 Selected for report: 0
🚀 Solo Findings: 0
🌟 Selected for report: TresDelinquentes
Also found by: 0xbrett8571, KupiaSec, cccz
716.7564 USDC - $716.76
In the current implementation, the proposal may call _executeSetGovernanceParameter to change the governanceValues, which include voteDuration, executionDelay, and passThresholdBps, and since they are used to determine the status of the proposal, when they are changed, the status of other proposals may be changed. For example, if executionDelay decreases, other proposals may expire. If voteDuration decreases, the status of other proposals in voting may change to Defeated
uint40 t = uint40(block.timestamp); GovernanceValues memory gv = _getSharedProposalStorage().governanceValues; if (pv.passedTime != 0) { // Ready. if (pv.passedTime + gv.executionDelay <= t) { return ProposalStatus.Ready; } // If unanimous, we skip the execution delay. if (_isUnanimousVotes(pv.votes, pv.totalVotingPower)) { return ProposalStatus.Ready; } // If all hosts voted, skip execution delay if (_hostsAccepted(pv.numHosts, pv.numHostsAccepted)) { return ProposalStatus.Ready; }
None
It is recommended to add voteDuration, executionDelay, and passThresholdBps fields in ProposalStateValues structure to cache governanceValues when propose.
Context
#0 - c4-pre-sort
2023-11-12T02:16:15Z
ydspa marked the issue as duplicate of #413
#1 - c4-pre-sort
2023-11-12T02:16:20Z
ydspa marked the issue as sufficient quality report
#2 - c4-judge
2023-11-19T15:30:06Z
gzeon-c4 marked the issue as satisfactory