Dynamic Quorum Vulnerability
Dynamic Quorum Vulnerability
Summary
The governance contract exhibits two critical vulnerabilities: the Dynamic Quorum Vulnerability and the Missing Voter Weight Decay. Both issues allow for manipulation of the governance process, undermining the integrity and fairness of voting.
1. Dynamic Quorum Vulnerability
Issue
What it affects: The quorum calculation for proposals.
Problem: The quorum is calculated dynamically using the current total voting power at the time of the quorum check, rather than a snapshot taken at the proposal's creation.
Impact
If the total voting power changes during the voting period (e.g., due to token unlocks or new locks), the quorum requirement changes.
This allows attackers to manipulate the quorum by altering the total voting power during the voting period.
Example
Proposal created when total voting power = 10M → quorum = 400k (4%).
Attacker unlocks tokens → total voting power drops to 5M.
Now quorum = 200k (4% of 5M).
Proposal passes with lower actual support.
Fix
Store the total voting power at the time of proposal creation and use it for quorum calculations.
Lead Judging Commences
Governance::quorum uses current total voting power instead of proposal creation snapshot, allowing manipulation of threshold requirements to force proposals to pass or fail
Governance::quorum uses current total voting power instead of proposal creation snapshot, allowing manipulation of threshold requirements to force proposals to pass or fail
Prize pool breakdown
Live
The contest is live. Earn rewards by submitting a finding.
Appeals
This is your time to appeal against judgements on your submissions.
Appeals Review
Appeals are being carefully reviewed by our judges.