Skip to content
New issue

Have a question about this project? # for a free GitHub account to open an issue and contact its maintainers and the community.

#

By clicking “#”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? # to your account

Jump to bottom

Past defeated proposal may get executed when proposal to update to lower quorum votes is passed. #673

Closed
c4-bot-9 opened this issue Dec 27, 2023 · 4 comments
Closed

Past defeated proposal may get executed when proposal to update to lower quorum votes is passed. #673

c4-bot-9 opened this issue Dec 27, 2023 · 4 comments
Labels
3 (High Risk) Assets can be stolen/lost/compromised directly bug Something isn't working insufficient quality report This report is not of sufficient quality unsatisfactory does not satisfy C4 submission criteria; not eligible for awards

Comments

@c4-bot-9
Copy link
Contributor

Lines of code

https://github.com/code-423n4/2023-12-ethereumcreditguild/blob/2376d9af792584e3d15ec9c32578daa33bb56b43/src/governance/GuildGovernor.sol#L98-L103

Vulnerability details

Impact

When a proposal to lower quorum votes is passed. Past proposals may become executable if they had been defeated only due to lack of quorum votes and the number of votes it received past new quorum requirement.

Vulnerability details

Where :- In Governance.sol

  • In Governance.sol, when a proposal regarding lowering quorum votes is succeeded and executed.
  • All the past proposals that were defeated due to lack of quorum votes suddenly becomes executable.
  • This is a high severity issue for 2 reasons :-
    1. As per docs, the team is planning to burn their Guild governance power, which could lead to overhead of making sure no proposals are ever defeated to lack of quorum votes.
    After the beta period, governance powers will be burnt and no further arbitrary code changes possible.
    1. Once a proposal is defeated due to lack of quorum votes, governance cannot update quorum until that proposal is expired or defeated or exploitation is fully recoverable.

Proof of Concept

Tools Used

Manual review

Recommended Mitigation Steps

Assessed type

Governance
@c4-bot-9 c4-bot-9 added 3 (High Risk) Assets can be stolen/lost/compromised directly bug Something isn't working labels Dec 27, 2023
c4-bot-9 added a commit that referenced this issue Dec 27, 2023
@c4-bot-9
hoshiyari issue #673
3692cb6
@0xSorryNotSorry
Copy link

The submission does not provide any demonstration of the issue, reasoning and code blocks.

@c4-pre-sort
Copy link

0xSorryNotSorry marked the issue as insufficient quality report

@c4-pre-sort c4-pre-sort added the insufficient quality report This report is not of sufficient quality label Jan 2, 2024
@Trumpero
Copy link

invalid proof, OZ 4.9.3 is used for these contracts.

@c4-judge
Copy link
Contributor

Trumpero marked the issue as unsatisfactory:
Invalid

@c4-judge c4-judge added the unsatisfactory does not satisfy C4 submission criteria; not eligible for awards label Jan 22, 2024
# for free to join this conversation on GitHub. Already have an account? # to comment
Assignees
No one assigned
Labels
3 (High Risk) Assets can be stolen/lost/compromised directly bug Something isn't working insufficient quality report This report is not of sufficient quality unsatisfactory does not satisfy C4 submission criteria; not eligible for awards
Projects
None yet
Milestone
No milestone
Development

No branches or pull requests
5 participants
@0xSorryNotSorry @c4-judge @c4-pre-sort @Trumpero @c4-bot-9