Project

Summary

The createNewDAOMembership function in the MembershipFactory contract allows users to create DAOs with multiple tiers. However, the function currently lacks validation to ensure that the amount in each tierConfigs entry is greater than zero, allowing for the creation of useless, zero-capacity tiers that add no functional capacity to the DAO.

Vulnerability Details

The createNewDAOMembership function checks that each tierConfigs[i].minted starts at zero to ensure tiers are initially empty. However, it does not validate the amount field, which defines each tier’s maximum capacity. Without this check, a user could create a DAO with tiers where amount is zero, resulting in tiers that no one can join. These “empty” tiers can lead to storage waste, operational inefficiencies, and user confusion.

https://github.com/Cyfrin/2024-11-one-world/blob/1e872c7ab393c380010a507398d4b4caca1ae32b/contracts/dao/MembershipFactory.sol#L85-L88

This code does not validate tierConfigs[i].amount to ensure it is non-zero, allowing tiers with zero capacity to be added to the DAO.

Impact

Extra storage is used to hold zero-capacity tiers.

Users may attempt to join an empty tier, leading to failed transactions or confusion.

DAOs with meaningless tiers add complexity and waste gas on storage without providing functional utility.

Tools Used

Manual review.

Recommendations

To fix this issue, add a validation check within the loop to ensure that tierConfigs[i].amount is greater than zero: