2 matches found
Incorrectly set totalVotingPower can allow users to pass arbitrary Proposals and steal all the parties NFTs
Lines of code Vulnerability details Bug Description The recent implementation update empowers the authority to decrease the totalVotingPower arbitrarily using the decreaseTotalVotingPower function. This authority-exclusive function allows the reduction of totalVotingPower by a specified amount. O...
members can get less funds out than they should have in a rageQuit
Lines of code Vulnerability details Vulnerability details: Details: the function getVotingPowerShareOf in PartyGovernanceNft get's the voting power share of a tokenId and it does that by dividing the voting power that nft has by the totalVotingPower: function getVotingPowerShareOfuint256 tokenId...