Core Contracts

Regnum Aurum Acquisition Corp

HardhatReal World AssetsNFT

77,280 USDC

View results

Previous Next

Submission Details

Severity: low

Invalid

Inaccurate Event Reason in Proposal Cancellation

johny7173

Summary

The Governance contract’s proposal cancellation functionality emits an event with a hardcoded reason that inaccurately indicates the cancellation was performed by the proposer, even in cases where a third party cancels the proposal due to the proposer's voting power falling below the required threshold.

Vulnerability Details

In the cancel() function, the cancellation condition permits either the original proposer to cancel their proposal or any other address to cancel it if the proposer’s voting power is still above the threshold. The relevant code snippet is as follows:

// Only proposer or if proposer's voting power dropped below threshold

if (msg.sender != proposal.proposer &&

_veToken.getVotingPower(proposal.proposer) >= proposalThreshold) {

revert InsufficientProposerVotes(proposal.proposer,

_veToken.getVotingPower(proposal.proposer), proposalThreshold, "Proposer lost required voting power");

}

After the cancellation conditions are satisfied, the proposal is marked as canceled and the event is emitted with a fixed message:

proposal.canceled = true;

emit ProposalCanceled(proposalId, msg.sender, "Proposal canceled by proposer");

This implementation always uses the reason "Proposal canceled by proposer" regardless of whether the cancellation was initiated by the proposer or by a third party (due to the proposer's insufficient voting power). Consequently, if a non-proposer cancels the proposal because the proposer's voting power falls below the threshold, the event will still misleadingly report that the proposal was canceled by the proposer.

Impact

This inconsistency can lead to confusion and misinterpretation of governance activity. Stakeholders reviewing event logs may incorrectly assume that only the proposer has the authority to cancel a proposal, which undermines the transparency of the governance process.

Tools Used

Manual Review

Recommended Mitigation

Modify the event emission in the cancel() function to accurately reflect the actor responsible for cancellation. For example, use a conditional message or include additional data in the event to indicate whether the cancellation was performed by the proposer or by a third party due to insufficient voting power. One approach could be:

string memory reason;

if (msg.sender == proposal.proposer) {

reason = "Proposal canceled by proposer";

} else {

reason = "Proposal canceled due to insufficient voting power of proposer";

}

emit ProposalCanceled(proposalId, msg.sender, reason);

Updates

Lead Judging Commences

inallhonesty Lead Judge 6 months ago

Submission Judgement Published

Invalidated

Reason: Non-acceptable severity

Prize pool breakdown

Total prize

77,280 USDC

nSLOC

3,864

20 USDC / LOC

High Medium

74,000

Low

3,280

Live

The contest is live. Earn rewards by submitting a finding.

Judging

Submissions are being carefully reviewed by our judges.

View all submissions

Appeals

This is your time to appeal against judgements on your submissions.

Appeals Review

Appeals are being carefully reviewed by our judges.

Rewards Distribution

The contest is complete and the rewards are being distributed.

View results

Support

FAQs

Can't find an answer? Chat with us on Discord, Twitter or Linkedin.