Closed code423n4 closed 2 years ago
https://github.com/code-423n4/2022-08-nounsdao/blob/main/contracts/governance/NounsDAOLogicV2.sol#L839-L845
the vetoer can burn the Veto Power by mistake without invoking the _burnVetoPower()
vetoer
Veto Power
_burnVetoPower()
the vetoer could make a mistake by passing address(0x0) when he tries to set a new vetoer address by invoking _setVetoer()
address(0x0)
_setVetoer()
Add check for address(0x0)
Duplicate of #315
Lines of code
https://github.com/code-423n4/2022-08-nounsdao/blob/main/contracts/governance/NounsDAOLogicV2.sol#L839-L845
Vulnerability details
Impact
the
vetoer
can burn theVeto Power
by mistake without invoking the_burnVetoPower()
Proof of Concept
the
vetoer
could make a mistake by passingaddress(0x0)
when he tries to set a newvetoer
address by invoking_setVetoer()
Recommended Mitigation Steps
Add check for
address(0x0)