Closed code423n4 closed 2 years ago
https://github.com/code-423n4/2022-08-nounsdao/blob/45411325ec14c6d747b999a40367d3c5109b5a89/contracts/governance/NounsDAOInterfaces.sol#L238-L242 https://github.com/code-423n4/2022-08-nounsdao/blob/45411325ec14c6d747b999a40367d3c5109b5a89/contracts/governance/NounsDAOInterfaces.sol#L311-L315
Possible slot overlapping. Reference: https://ethereum.stackexchange.com/questions/112386/is-it-safe-to-append-a-variable-in-array-of-structure-during-upgrade-the-contrac
additing new Proposal structs
Visual Studio
Append new variables that will manage this totalSupply/CreationBlock info stored.
to our best understanding, there is no slot collision in the upgrade. the issue provides no evidence that there is
Lines of code
https://github.com/code-423n4/2022-08-nounsdao/blob/45411325ec14c6d747b999a40367d3c5109b5a89/contracts/governance/NounsDAOInterfaces.sol#L238-L242 https://github.com/code-423n4/2022-08-nounsdao/blob/45411325ec14c6d747b999a40367d3c5109b5a89/contracts/governance/NounsDAOInterfaces.sol#L311-L315
Vulnerability details
Impact
Possible slot overlapping. Reference: https://ethereum.stackexchange.com/questions/112386/is-it-safe-to-append-a-variable-in-array-of-structure-during-upgrade-the-contrac
Proof of Concept
additing new Proposal structs
Tools Used
Visual Studio
Recommended Mitigation Steps
Append new variables that will manage this totalSupply/CreationBlock info stored.