In the proposals/discussion module the add_post extrinsic does not require a deposit for adding a new post on a proposal thread (similarly to the forum implementation in #5). Since the posts in proposal threads are stored on-chain, a malicious proposer/council member/whitelisted member could use this extrinsic to exhaust the storage of the blockchain.
Issue
In the proposals/discussion module the add_post has the following issues:
There is no upper limit for the number of posts that can be added to a proposal thread
Calling this extrinsic is cheap since no deposit is required.
Therefore, a malicious actor can create a lot of posts by calling this extrinsic and consequently fill up the blockchain storage.
Risk
This issue would allow an attacker to fill up the blockchain storage by adding arbitrary number of posts. A full storage is problematic because it could lead to an infeasible amount of storage being required to run a blockchain node.
Since only the proposer, council members and some whitelisted members can call this extrinsic who should be trusted actors in the system, we consider this issue being of low severity.
Mitigation
We suggest to require a deposit for adding posts on proposal discussion threads to prevent attackers from filling up the blockchain storage.
Summary
In the
proposals/discussion
module theadd_post
extrinsic does not require a deposit for adding a new post on a proposal thread (similarly to the forum implementation in #5). Since the posts in proposal threads are stored on-chain, a malicious proposer/council member/whitelisted member could use this extrinsic to exhaust the storage of the blockchain.Issue
In the
proposals/discussion
module theadd_post
has the following issues:Therefore, a malicious actor can create a lot of posts by calling this extrinsic and consequently fill up the blockchain storage.
Risk
This issue would allow an attacker to fill up the blockchain storage by adding arbitrary number of posts. A full storage is problematic because it could lead to an infeasible amount of storage being required to run a blockchain node.
Since only the proposer, council members and some whitelisted members can call this extrinsic who should be trusted actors in the system, we consider this issue being of low severity.
Mitigation
We suggest to require a deposit for adding posts on proposal discussion threads to prevent attackers from filling up the blockchain storage.