Users can abuse VotingEscrow.delegate() to avoid voting power decay. Additionally, users can delegate expired locks to regain full voting power.
Lines of code Vulnerability details Impact Voting power will not decay over the course of the lock. Proof of Concept The VotingEscrow.delegate function allows users to delegate to locks with a longer expiry time. See the below code snippet and inline comments: requiretoLocked.end = fromLocked.end...