_writeQuorumParamsCheckpoint() and getDynamicQuorumParamsAt() at some point will be out of the work. The Ethereum block numbers have no limit
Proof of Concept
The max of uint32 is 4 294 967295 so on this block number these functions will be out. At the same block number no one will be able to use this contract successfully because the state() invoke quorumVotes() which is called getDynamicQuorumParamsAt()
no one will be able to check the ProposalState if Defeated, Succeeded, Executed, Expired or Queued
Lines of code
https://github.com/code-423n4/2022-08-nounsdao/blob/main/contracts/governance/NounsDAOLogicV2.sol#L923 https://github.com/code-423n4/2022-08-nounsdao/blob/main/contracts/governance/NounsDAOLogicV2.sol#L965
Vulnerability details
Impact
_writeQuorumParamsCheckpoint()
andgetDynamicQuorumParamsAt()
at some point will be out of the work. The Ethereum block numbers have no limitProof of Concept
The max of
uint32
is4 294 967295
so on thisblock number
these functions will be out. At the sameblock number
no one will be able to use this contract successfully because thestate()
invokequorumVotes()
which is calledgetDynamicQuorumParamsAt()
no one will be able to check the
ProposalState
ifDefeated, Succeeded, Executed, Expired
orQueued
Recommended Mitigation Steps
Use
uint256
to expand the time more