function finaliseProposal contains a line that can never be triggered:
if(!hasQuorum(proposalID)){
_finalise(proposalID);
}
This is because it has a check above which makes sure that the proposal is already in the finalizing state:
require(mapPID_finalising[proposalID] == true, "Must be finalising");
The only place where mapPID_finalising is set to true is function _finalise. What is even more strange is that the comment above the function says: "Proposal with quorum can finalise after cool off period", however, the actual check is !hasQuorum.
Recommended Mitigation Steps
Remove this unreachable branch or update guard conditions.
Handle
paulius.eth
Vulnerability details
Impact
function finaliseProposal contains a line that can never be triggered: if(!hasQuorum(proposalID)){ _finalise(proposalID); } This is because it has a check above which makes sure that the proposal is already in the finalizing state: require(mapPID_finalising[proposalID] == true, "Must be finalising"); The only place where mapPID_finalising is set to true is function _finalise. What is even more strange is that the comment above the function says: "Proposal with quorum can finalise after cool off period", however, the actual check is !hasQuorum.
Recommended Mitigation Steps
Remove this unreachable branch or update guard conditions.