Submission Details
Severity:
Some proposals cannot be executed via Governance::execute()
Summary
Some proposals cannot be executed via Governance::execute()
Vulnerability Details
When one proposal is succeed, we can queue the proposal and execute it via execute() function. The problem is that some proposals need to transfer some native ether to execute. But we miss the payable in the execute() function. This will cause that some proposals which include some native ether will fail to be executed via Governance::execute().
function execute(uint256 proposalId) external override nonReentrant {
ProposalCore storage proposal = _proposals[proposalId];
if (proposal.executed) revert ProposalAlreadyExecuted(proposalId, block.timestamp);
ProposalState currentState = state(proposalId);
if (currentState == ProposalState.Succeeded) {
_queueProposal(proposalId);
} else if (currentState == ProposalState.Queued) {
_executeProposal(proposalId);
} else {
...
}
}
function executeBatch(
address[] calldata targets,
uint256[] calldata values,
bytes[] calldata calldatas,
bytes32 predecessor,
bytes32 salt
) external override payable nonReentrant onlyRole(EXECUTOR_ROLE) {
}
Impact
Governance::execute() cannot work as expected for some proposals which need to transfer some native token.
Tools Used
Manual
Recommendations
Add payable into Governance::execute()
Updates
Lead Judging Commences
inallhonesty 4 months ago
Submission Judgement Published Assigned finding tags:
Governance.execute lacks payable modifier and ETH forwarding mechanism, preventing proposals with ETH transfers from being executed through TimelockController
inallhonesty 4 months ago
Submission Judgement Published Assigned finding tags:
Governance.execute lacks payable modifier and ETH forwarding mechanism, preventing proposals with ETH transfers from being executed through TimelockController
Prize pool breakdown
Total prize
77,280 USDC
nSLOC
3,86420 USDC / LOC
74,000
3,280
Live
The contest is live. Earn rewards by submitting a finding.
Appeals
This is your time to appeal against judgements on your submissions.
Appeals Review
Appeals are being carefully reviewed by our judges.