When ODGovernor is deployed the GovernorSettings is initialized with the initialVotingDelay, initialVotingPeriod and initialProposalThreshold. The problem is that the initialVotingDelay and initialVotingPeriod are set to incorrect values which are really small and the proposal wont have time to receive votes.
Impact
The votingPeriod and the snapshot will be too short and there will be not time to vote
As you can see it is set to 1 and 15 which means that the initialVotingDelay will be 1 block and the initialVotingPeriod will be 15 blocks so there will be no time to vote.
Lines of code
https://github.com/open-dollar/od-contracts/blob/f4f0246bb26277249c1d5afe6201d4d9096e52e6/src/contracts/gov/ODGovernor.sol#L41
Vulnerability details
When
ODGovernor
is deployed theGovernorSettings
is initialized with theinitialVotingDelay
,initialVotingPeriod
andinitialProposalThreshold
. The problem is that theinitialVotingDelay
andinitialVotingPeriod
are set to incorrect values which are really small and the proposal wont have time to receive votes.Impact
The votingPeriod and the snapshot will be too short and there will be not time to vote
Proof of Concept
https://github.com/open-dollar/od-contracts/blob/f4f0246bb26277249c1d5afe6201d4d9096e52e6/src/contracts/gov/ODGovernor.sol#L41
As you can see it is set to 1 and 15 which means that the initialVotingDelay will be 1 block and the initialVotingPeriod will be 15 blocks so there will be no time to vote.
Tools Used
Manual Review
Recommended Mitigation Steps
Use the correct values
Assessed type
Governance