QA Report

[c4-bot-7]

See the markdown file with the details of this report here.

[c4-pre-sort]

bytes032 marked the issue as sufficient quality report

[c4-judge]

alex-ppg marked the issue as grade-b

[bin2chen66]

@alex-ppg hi,Please help confirm whether L-01 can be upgraded to be duplicated with https://github.com/code-423N4/2024-01-opus-Findings/issues/116 ? thanks

[alex-ppg]

Hey @bin2chen66, thanks for flagging this! Exhibit #116 also makes mention of cycling requests to further increase the impact of the exhibit, so your original grade of "low-risk" for what you described is correct (you did not specify cycling authorizations). If we take L-01 at face value, the request timelock would be increased on each iteration meaning that the attack would not be feasible in reality.