Currently there is no checks when the owner calls set_merkle_root
and changes the merkle_root
value, this can end up with DoS
merkle_root
can be accidently set to current value instead of new
can be set to wrong merkle root
can cause blocking claim
function making it revert for everyone due to wrong or old merkle root
Manual review
Keeping track of the previous merkle roots
can prevent human error and mistakenly setting old/wrong root
Also off-chain verification of the new root will significantly lower the chance of setting setting old/wrong root
The `set_merkle_root` function is called only by the `owner` and the `owner` is trusted. This means the input argument `merkle_root` will be correct and the `owner` will not call again the `set_merkle_root` function.
The contest is live. Earn rewards by submitting a finding.
This is your time to appeal against judgements on your submissions.
Appeals are being carefully reviewed by our judges.