Lines of code
<https://github.com/code-423n4/2022-03-paladin/blob/9c26ec8556298fb1dc3cf71f471aadad3a5c74a0/contracts/HolyPaladinToken.sol#L284>
<https://github.com/code-423n4/2022-03-paladin/blob/9c26ec8556298fb1dc3cf71f471aadad3a5c74a0/contracts/HolyPaladinToken.sol#L268>
Anyone could create a contract or a contract factory βPAL Lockerβ with a fonction to deposit PAL tokens through a contract, lock them and delegate the voting power to the contract owner. Then, the ownership of this contract could be sold. By doing so, locked hPAL would be made liquid and transferrable again. This would eventually break the overall system of hPAL, where the idea is that you have to lock them to make them non liquid to get a boosted voting power and reward rate.
Paladin should expect this behavior to happen as weβve seen it happening with veToken models and model implying locking features (see <https://lockers.stakedao.org/> and <https://www.convexfinance.com/>).
This behavior could eventually be beneficial to the original DAO (ex. <https://www.convexfinance.com/> for Curve and Frax), but the original DAO needs to at least be able to blacklist / whitelist such contracts and actors to ensure their interests are aligned with the protocol.
To make locked hPAL liquid, Alice could create a contact C. Then, she can deposit hPAL through the contract, lock them and delegate voting power to herself. She can then sell or tokenize the ownership of the contract C.
Depending of if Paladin wants to be optimistic or pessimistic, implement a whitelisting / blacklisting system for contracts.
The text was updated successfully, but these errors were encountered:
All reactions