3 matches found
anyone can burn the governance NFT
Lines of code Vulnerability details Impact Impact The impact of this finding centers on the PartyGovernanceNFT.sol smart contract, specifically within the context of the burnuint256 tokenId function. This critical function operates without any access control mechanisms in place. Consequently, it...
accept() can be delayed or gas-griefed by burning a governance NFT
Lines of code Vulnerability details Impact Rage quitting or burning a token will set the lastBurnTimestamp to the current block's timestamp. This disables accept for the rest of the transactions in the block. This bug can be abused to either gas-grief or delay acceptance of proposals long enough...
ERC20ConvictionScore.acquireConviction implements wrong governance checks
Handle cmichel Vulnerability details Vulnerability Details There are two issues with the governance checks when acquiring them from an NFT: Missing balance check The governance checks in updateConvictionScore are: !isGovernanceuser && userConvictionScore = governanceThreshold && balanceOfuser =...