Missing max deposits check in SiloFacet `deposit` function, leads to manipulation of whitelisting assets
Summary
The deposit function within the SiloFacet has no checks for maximum deposit amounts. The potential risks associated with unlimited deposits, leading to excessive voting power and rewards share of Bean seignorage. Additionally, the lack of constraints on deposit amounts could enable users to abuse voting mechanisms to influence asset whitelisting decisions.
Impact
-
Unlimited Voting Power: Unlimited deposits could result in users accumulating excessive voting power within the system, allowing them to exert disproportionate influence over governance decisions, such as asset whitelisting. This undermines the integrity and fairness of the governance process.
-
Excessive Rewards Share: Unlimited deposits may lead to users receiving disproportionately large rewards shares of Bean seignorage, potentially disrupting the economic equilibrium of the ecosystem and affecting the distribution of rewards among participants.
-
Governance Manipulation: Users with unlimited deposits could manipulate governance mechanisms to prioritize the whitelisting of specific assets that align with their interests, potentially undermining the diversity and inclusivity of the ecosystem.
Recommendation
Introduce checks to enforce minimum and maximum deposit amounts, ensuring that deposit sizes are within reasonable limits. Define sensible thresholds based on factors such as system capacity, economic considerations, and risk management.
Lead Judging Commences
Informational/Invalid
Informational/Invalid
Prize pool breakdown
Live
The contest is live. Earn rewards by submitting a finding.
Appeals
This is your time to appeal against judgements on your submissions.
Appeals Review
Appeals are being carefully reviewed by our judges.