cmichel
The GovernorAlphaβs council cannot veto proposals that perform a call to the contract itself.
This can be exploited by malicious proposal creators by appending a new call at the end of their proposal that simply calls an innocent function like GovernorAlpha.votingDelay().
The veto procedure can easily be circumvented, making the council unable to veto.
The veto check must be further restricted by specifying the actual function selector that is not allowed to be vetoed, like changeCouncil.
The text was updated successfully, but these errors were encountered:
All reactions