2 matches found
Time delay for operations scheduled by the community multisig (CM) in timelock pose a risk to the protocol and it users
Lines of code Vulnerability details Impact Time sensitive operations done by the CM, like taking actions in case of an security exploit, are subject to the minDelay of the Timelock contract. Such operations are time sensitive and executing them several minutes later can result in significant loss...
The upgrade executor is granted the canceller role instead of the new emergency security council.
Lines of code Vulnerability details Impact In L1SCMgmtActivationAction.sol, the perform function is not granting role to the new emergency security council. It instead grants it to the upgrade executor. This logic doesn't align with the function inline comment and can prevent the perform function...