Consider Disabling Inherited _cancel Function In The Governor Contracts

Lines of code Vulnerability details Impact The currently used openzeppelin upgradeable contracts dependency @openzeppelin/contracts-upgradeable is v4.7.3 The security council management contracts are inheriting the openzeppelin GovernorUpgradeable contracts to manage proposals. This version of...

OpenZeppelin Contracts's governor proposal creation may be blocked by frontrunning

Impact By frontrunning the creation of a proposal, an attacker can become the proposer and gain the ability to cancel it. The attacker can do this repeatedly to try to prevent a proposal from being proposed at all. This impacts the Governor contract in v4.9.0 only, and the...

OpenZeppelin 安全漏洞

OpenZeppelin is a software application. A standard for secure blockchain applications. A security vulnerability exists in OpenZeppelin Contracts versions prior to 4.3.0 through 4.9.1 that stems from allowing an attacker to gain the ability to cancel a proposal by creating it in advance...

Queued proposals can be blocked from execution by other proposals when using the same actions

Lines of code Vulnerability details Impact In NounsDAOLogicV1 and NounsDAOLogicV2, anyone can create proposal with the same actions as other proposal. In that case, if attacker calls cancel on his proposal, then other proposal with the same action cannot be executed. Proof of Concept Function...

A proposal can be cancelled by anyone

Handle s1m0 Vulnerability details Impact A proposal can be cancelled by anyone if only exist another proposal with the same type and hasMinority has 16% votes. Proof of Concept 1 voteProposal assume this vote trigger finalise. finalise set mapPIDfinalisingproposalID = true 2 cancelProposal This...