3 matches found
Users can abuse VotingEscrow.delegate() to avoid voting power decay. Additionally, users can delegate expired locks to regain full voting power.
Lines of code Vulnerability details Impact Voting power will not decay over the course of the lock. Proof of Concept The VotingEscrow.delegate function allows users to delegate to locks with a longer expiry time. See the below code snippet and inline comments: requiretoLocked.end = fromLocked.end...
Delegator's locked Amount would be temporarily unable to withdraw their locked_.amount
Lines of code Vulnerability details Impact Delegator's locked Amount would be temporarily unable to withdraw their locked.amount Proof of Concept From the contract, the delegatee has alot of controlling power. As such, users cannot withdraw or even quitLock their locked funds and this function is...
Inconsistent logic of increase unlock time to the expired locks
Lines of code Vulnerability details 2022-08-fiatdao Inconsistent logic of increase unlock time to the expired locks Impact Can not prevent expired locks being extended. Proof of Concept Call function function increaseUnlockTime with an expired lock lockedmsg.sender.end block.timestamp Case 1: if...