Core Contracts

Regnum Aurum Acquisition Corp

HardhatReal World AssetsNFT

77,280 USDC

View results

Previous Next

Submission Details

Severity: medium

Valid

New value of quorum variable is applied to all previous proposals

sovaslava

Summary

Owner of timeLockController contract could change settings QuorumNumerator. But new value will be used also for proposals, which were created before it.

Vulnerability Details

Function state() in Governance contract call quorum() function, which use current values of quorumNumerator.

function state(uint256 proposalId) public view override returns (ProposalState) {

...

// After voting period ends, check quorum and votes

ProposalVote storage proposalVote = _proposalVotes[proposalId];

uint256 currentQuorum = proposalVote.forVotes + proposalVote.againstVotes;

uint256 requiredQuorum = quorum(); // <--- we use current values here

// Check if quorum is met and votes are in favor

if (currentQuorum < requiredQuorum || proposalVote.forVotes <= proposalVote.againstVotes) {

return ProposalState.Defeated;

}

function quorum() public view override returns (uint256) {

return (_veToken.getTotalVotingPower() * quorumNumerator) / QUORUM_DENOMINATOR;

}

Impact

If owner change QuorumNumerator value, old proposals, which before could not be executed, could be executed now due new variable value(low values than before), because before they do not have enough votes FOR and now could have enough. IIts defenetly bad situation. New values should be applied only for new proposals.

Yes, owner is trusted, but I talk about normal value, which could cause that bad proposals (previous created) could be exeuted.

Also, when user creates proposal, he know how much votes FOR should be in proposal, for executing, but when owner has change it, it change situation. If user know current value, maybe he did not created hisproposal.

Tools Used

Manual review

Recommendations

Apply new values only for new proposals.

Updates

Lead Judging Commences

inallhonesty Lead Judge 6 months ago

Submission Judgement Published

Validated

Assigned finding tags:

Governance allows execution of previously-defeated proposals if quorum requirements are later lowered, enabling unexpected resurrection of old proposals

inallhonesty Lead Judge 6 months ago

Submission Judgement Published

Validated

Assigned finding tags:

Governance allows execution of previously-defeated proposals if quorum requirements are later lowered, enabling unexpected resurrection of old proposals

Prize pool breakdown

Total prize

77,280 USDC

nSLOC

3,864

20 USDC / LOC

High Medium

74,000

Low

3,280

Live

The contest is live. Earn rewards by submitting a finding.

Judging

Submissions are being carefully reviewed by our judges.

View all submissions

Appeals

This is your time to appeal against judgements on your submissions.

Appeals Review

Appeals are being carefully reviewed by our judges.

Rewards Distribution

The contest is complete and the rewards are being distributed.

View results

Support

FAQs

Can't find an answer? Chat with us on Discord, Twitter or Linkedin.