jkilpatr
commented
2 years ago duplicate of #63 and semi duplicate of #51
Closed code423n4 closed 2 years ago
jkilpatr
commented
2 years ago duplicate of #63 and semi duplicate of #51
Handle
pauliax
Vulnerability details
Impact
The code does not enforce that the sum of validator powers is no less than the threshold. It is possible that even when all validators sign the message their total power is not enough to confirm it.
Recommended Mitigation Steps
While this may increase the gas usage I advise you to sum the total power and check that it can reach the threshold when setting or updating validators and powers.