Platform: Code4rena
Start Date: 02/10/2023
Pot Size: $1,100,000 USDC
Total HM: 28
Participants: 64
Period: 21 days
Judge: GalloDaSballo
Total Solo HM: 13
Id: 292
League: ETH
Rank: 25/64
Findings: 1
Award: $3,293.31
🌟 Selected for report: 0
🚀 Solo Findings: 0
3293.3126 USDC - $3,293.31
Malicious securityCouncil may dos updateSecurityCouncil .New security council is not able to be set,because old security council can always cancel the operation.
function updateSecurityCouncil(address _newSecurityCouncil) external onlySelf { emit ChangeSecurityCouncil(securityCouncil, _newSecurityCouncil); securityCouncil = _newSecurityCouncil; }
In function updateSecurityCouncil , the modifier is onlySelf. It means that this function can only be called by execute function. A new operation is needed to scheduled.The issue is if a old SecurityCouncil notice that he is going to be replaced, he can cancel the operation immediately. So the securitycouncil will never change if he want. Make the council change logic useless.
function cancel(bytes32 _id) external onlyOwnerOrSecurityCouncil { require(isOperationPending(_id), "Operation must be pending"); delete timestamps[_id]; emit OperationCancelled(_id); }
manual
Consider limit the old security council authority in updateSecurityCouncil
Access Control
#0 - c4-pre-sort
2023-10-31T07:01:18Z
bytes032 marked the issue as low quality report
#1 - miladpiri
2023-11-08T16:10:12Z
Duplicate.
#2 - c4-judge
2023-11-26T19:21:18Z
GalloDaSballo marked the issue as duplicate of #260
#3 - c4-judge
2023-11-28T15:52:56Z
GalloDaSballo marked the issue as satisfactory