3 matches found
Users of ReraiseCrowdfund will potentially not receive appropriate voting power
Lines of code Vulnerability details Bug Description The recent code update introduces the functionality for authorities to reduce the total voting power by invoking the decreaseTotalVotingPower function of the party. However, this functionality can lead to issues when used in the time frame after...
increaseTotalVotingPower() can be front-ran by an attacker with a call to rageQuit() in order to withdraw more assets than the attacker should be able to claim.
Lines of code Vulnerability details Overview of the vulnerability / PoC The function increaseTotalVotingPower in PartyGovernanceNFT does not have a front-running protection against rageQuit allowing a user to walk away with more assets than he should. An example of the attack 1. A party member...
PartyGovernanceNFT.sol: burn function does not reduce totalVotingPower making it impossible to reach unanimous votes
Lines of code Vulnerability details Impact With the new version of the Party protocol the PartyGovernanceNFT.burn function has been introduced. This function is used to burn party cards. According to the sponsor the initial purpose of this function was to enable the InitialETHCrowdfund contract t...