Lack of deadline for security council or guardian-approved upgrade proposals
Summary
Upgrade proposals approved by the security council or guardians remain valid indefinitely and can be executed at any point after the delay period. This poses a risk if the proposal becomes outdated or irrelevant over time.
Vulnerability Details
As per upgradeState function in ProtocolUpgradeHandler contract,
proposals approved by security council are valid since upg.securityCouncilApprovalTimestamp + UPGRADE_DELAY_PERIOD and proposals approved by gurdians are valid since upg.creationTimestamp + legalVetoTime + UPGRADE_WAIT_OR_EXPIRE_PERIOD + UPGRADE_DELAY_PERIOD.
In other words, these proposals remain valid indefinitely after a certain time and do not expire. While this is generally not an issue, it could lead to problems if the proposals become significantly outdated.
Impact
Proposals with indefinite validity could lead to issues and cause unexpected behavior during protocol upgrades.
Tools Used
Manual Review
Recommendations
Establish a specific deadline and enforce restrictions on the valid execution period for these proposals.
Lead Judging Commences
[INVALID] Informational
Admin input validation, gas, missing events not related to bridges, NATSPEC, spellcheck, Address Zero, Indexed fields in Events, 0 impact, trusted admin/party action https://docs.codehawks.com/hawks-auditors/how-to-determine-a-finding-validity
Appeal created
Lack of proposal expiry mechanisms can lead to governance exploits.
Prize pool breakdown
Live
The contest is live. Earn rewards by submitting a finding.
Appeals
This is your time to appeal against judgements on your submissions.
Appeals Review
Appeals are being carefully reviewed by our judges.