Closed code423n4 closed 2 years ago
goatbug
uint256 public constant TIMELOCK_DURATION = 4 * 60 * 24; // 1 day
This is not one day.
4 60 24 != 86400 where 86400 is seconds in a day.
Incorrect timelocks in both the basket and factory can allow parameters to be modified quicker than expected.
This is referring to the 15 second block time, not the seconds.
Invalid
Handle
goatbug
Vulnerability details
Impact
This is not one day.
4 60 24 != 86400 where 86400 is seconds in a day.
Proof of Concept
Incorrect timelocks in both the basket and factory can allow parameters to be modified quicker than expected.
Tools Used
Recommended Mitigation Steps