Project
One World
NFTDeFi
15,000 USDC
View results
Previous Next
Submission Details
Severity: medium
Invalid

# Irreversible DAO Size Increase in updateDAOMembership Function

pro_king

Summary

The updateDAOMembership function in MembershipFactory contract contains a design flaw where the maxMembers value can only increase but never decrease. This one-way adjustment creates permanent resource allocation issues and prevents DAOs from properly adjusting their size downward.

Vulnerability Details

The issue exists in the maxMembers update logic:

function updateDAOMembership(string calldata ensName, TierConfig\[] memory tierConfigs)
external onlyRole(EXTERNAL\_CALLER) returns (address) {
// ... other code ...
uint256 maxMembers = 0;
for (uint256 i = 0; i < tierConfigs.length; i++) {
maxMembers += tierConfigs[i].amount;
}
// Can only increase, never decrease
if(maxMembers > dao.maxMembers){
dao.maxMembers = maxMembers;
}
// ... other code ...

}

The condition if(maxMembers > dao.maxMembers) means the value can only be increased, creating a permanent high-water mark that cannot be reduced even when the actual capacity requirements decrease.

Impact

  1. Permanent Resource Lock:

  • Once maxMembers is set to a high value, it cannot be decreased

  • Creates misleading DAO capacity information

  • Affects resource allocation and planning

  1. Business Logic Constraints:

  • Affects tokenomics calculations

  • Impacts governance planning and voting power distribution

Tools Used

Manual Review

Recommendations

Implement Safe Size Adjustment

Updates

Lead Judging Commences

0xbrivan2 Lead Judge 9 months ago
Submission Judgement Published
Invalidated
Reason: Design choice
0xbrivan2 Lead Judge 9 months ago
Submission Judgement Published
Invalidated
Reason: Design choice

Support

FAQs

Can't find an answer? Chat with us on Discord, Twitter or Linkedin.