c4-judge
commented
4 months ago Picodes marked the issue as nullified
Closed c4-bot-3 closed 4 months ago
c4-judge
commented
4 months ago Picodes marked the issue as nullified
Lines of code
Vulnerability details
C4 Issue
https://github.com/code-423n4/2024-01-salty-findings/issues/362
Comments
The issue describes how stakers within governance system are limited to sponsoring one proposal at a time, which must reach a quorum of votes within a set duration to be finalized. The problem arises when a proposal fails to secure the needed quorum, leaving it indefinitely active and preventing the sponsor from submitting new proposals. The absence of a mechanism for sponsors to withdraw or cancel their proposals exacerbates this problem, hindering active participation in governance due to being locked into unresolved proposals.
Mitigation
https://github.com/othernet-global/salty-io/commit/758349850a994c305a0ab9a151d00e738a5a45a0
The mitigation for this was to set a default 30 day period(ballotMaximumDuration) after which ballots can be removed manually by any user. this period is also modifiable by the owner and can be a max of 90 and low of 15 days.
Tests
Tests were added and all are passing.
Conclusion
LGTM