Quorum calculation uses current total voting power instead of historical value
Summary
The getDebugInfo function uses the current quorum requirement instead of the historical value at proposal creation time, leading to incorrect reporting of required votes for past proposals.
Vulnerability Details
In Governance::getDebugInfo, the quorum requirement is fetched using the quorum() function which calculates based on the current total voting power and quorum numerator:
This is problematic because:
The total voting power can change over time as veRAAC tokens are locked/unlocked
The quorum numerator can be modified by the owner via setParameter()
Historical proposals should reference the quorum requirement at their creation time
Impact
The getDebugInfo function will return incorrect quorum requirements for historical proposals if:
The total voting power has changed since proposal creation
The quorum numerator was modified by governance
While this does not affect on-chain functionality or proposal execution, it provides misleading data for:
Off-chain analytics and reporting
User interfaces showing proposal status
Historical proposal auditing
Recommendations
Store quorum requirement at proposal creation
Lead Judging Commences
Governance::quorum uses current total voting power instead of proposal creation snapshot, allowing manipulation of threshold requirements to force proposals to pass or fail
Governance::quorum uses current total voting power instead of proposal creation snapshot, allowing manipulation of threshold requirements to force proposals to pass or fail
Prize pool breakdown
Live
The contest is live. Earn rewards by submitting a finding.
Appeals
This is your time to appeal against judgements on your submissions.
Appeals Review
Appeals are being carefully reviewed by our judges.