0xAppo
commented
1 year ago As shown in the state function in the Governor contract, the only possible states for a proposal to be in are: canceled, pending, active, defeated, successful, executed, expired, and queued. The only one of these states where voting should be allowed to take place is during the active state, and the check linked here explicitly requires for the proposal state to be active to accomplish this. The change suggested here would allow for voting in all states except for pending, which is not the intended behavior. As for your second point, I think you've gotten some things turned around here. A user cannot make a new proposal if their latest proposal is either active or pending. The two are independent of one another.
SEVERITY :- Medium
castVoteInternal() had check to whether proposal id is active or not, but no check to whether proposal is in pending state or not . propose() cannot call if latestProposalId is not pending and active but CastVote() can be done .
Recommendation require(state(proposalId)!= ProposalState.Pending, "");