Absence of Exit Mechanisms for DAO Members
Summary
The current MembershipFactory contract implementation lacks any provision for members to exit or revoke their membership, resulting in several limitations and potential risks for DAO participants.
Vulnerability Details
Issue Analysis: Lack of an Exit Option
The MembershipFactory contract provides various functionalities, including:
Creation of DAOs with custom tier configurations.
Joining DAOs by purchasing memberships at different tiers.
Tier upgrades within specific DAOs.
Despite these functionalities, there is no method for a member to voluntarily exit a DAO or relinquish their membership tokens. This omission results in a lack of autonomy for members who may want to dissociate from the DAO due to dissatisfaction, changes in governance, or evolving personal interests.
Impact
Members who wish to leave a DAO are unable to do so directly. This limitation restricts personal freedom and makes membership less attractive
If a DAO’s governance or financial direction becomes risky or volatile, members have no way to withdraw from the DAO's economic system.
Tools Used
Manual analysis
Recommendations
Implement a function that allows members to "burn" their membership tokens, effectively revoking their association with the DAO.
Allowing members to downgrade their membership to a base, non-interactive level, or exit entirely could offer a compromise for DAOs wishing to retain some level of association with former members while still allowing for a degree of dissociation.
Prize pool breakdown
Live
The contest is live. Earn rewards by submitting a finding.
Appeals
This is your time to appeal against judgements on your submissions.
Appeals Review
Appeals are being carefully reviewed by our judges.