Closed c4-bot-3 closed 9 months ago
0xSorryNotSorry marked the issue as insufficient quality report
0xSorryNotSorry marked the issue as remove high or low quality report
0xSorryNotSorry marked the issue as sufficient quality report
0xSorryNotSorry marked the issue as duplicate of #1195
Trumpero marked the issue as unsatisfactory: Invalid
Lines of code
https://github.com/code-423n4/2023-12-ethereumcreditguild/blob/2376d9af792584e3d15ec9c32578daa33bb56b43/src/tokens/ERC20MultiVotes.sol#L290-L315
Vulnerability details
According to this comment in
ERC20MultiVotes.sol
This contract should allow delegations to multiple addresses but in the
_delegate()
function the amount of delegates is capped to be less than 2Impact
The contract does not do what it is expected to do which is allow delegation to multiple addresses
Tools Used
Manual Review
Recommended Mitigation Steps
The cap on the
_delegate()
function should be removed and the function modified to allow users delegate to multiple addresses.Assessed type
Other