Anyone can send proposal for the first time #141

code423n4 · 2022-09-10T13:44:29Z

Lines of code

https://github.com/code-423n4/2022-09-nouns-builder/blob/7e9fddbbacdd7d7812e912a369cfd862ee67dc03/src/governance/governor/Governor.sol#L466

Vulnerability details

Impact

If settings.token.totalSupply() < 10_000/settings.proposalThresholdBps), then function returns 0
So anyone can send proposal

Recommended Mitigation Steps

Review math, maybe add other statement while there are low totalSupply

The text was updated successfully, but these errors were encountered:

GalloDaSballo · 2022-09-20T13:18:16Z

Dup of #604

code423n4 added 2 (Med Risk) Assets not at direct risk, but function/availability of the protocol could be impacted or leak value bug Something isn't working labels Sep 10, 2022

code423n4 added a commit that referenced this issue Sep 10, 2022

R2 issue #141

653ba74

GalloDaSballo closed this as completed Sep 20, 2022

GalloDaSballo added the duplicate This issue or pull request already exists label Sep 20, 2022

Provide feedback

Saved searches

Use saved searches to filter your results more quickly

Anyone can send proposal for the first time #141

Anyone can send proposal for the first time #141

code423n4 commented Sep 10, 2022

GalloDaSballo commented Sep 20, 2022

Anyone can send proposal for the first time #141

Anyone can send proposal for the first time #141

Comments

code423n4 commented Sep 10, 2022

Lines of code

Vulnerability details

Impact

Recommended Mitigation Steps

GalloDaSballo commented Sep 20, 2022