search

code-423n4 / 2024-03-saltyio-mitigation-findings

0 stars 0 forks source link

M-03 MitigationConfirmed #49

Open c4-bot-8 opened 7 months ago

c4-bot-8 commented 7 months ago

Lines of code

Vulnerability details

Lines of code

Vulnerability details

C4 Issue

https://github.com/code-423n4/2024-01-salty-findings/issues/991

Comments

The limitation to five token whitelisting proposals at any given time introduced a vulnerability where the system can be intentionally or unintentionally DOS'd, blocking new proposals until existing ones are resolved. This mechanism, while designed to manage the flow of proposals, can be exploited or triggered by accumulating the maximum allowed pending proposals, thereby preventing the addition of new, potentially legitimate tokens. This issue is exacerbated if the maximum pending proposals limit is reduced. Any one can propose token whitelisting and thus crux of the problem was in the line below:

require( _openBallotsForTokenWhitelisting.length() < daoConfig.maxPendingTokensForWhitelisting(), "The maximum number of token whitelisting proposals are already pending" );

Mitigation

https://github.com/othernet-global/salty-io/commit/ccf4368fcf1777894417fccd2771456f3eeaa81c

The mitigation effectively removed entirely the restrictions on proposals for token whitelisting. now an unlimited number of proposals for token whitelisting can be made.

Conclusion

LGTM

c4-judge commented 6 months ago

Picodes marked the issue as satisfactory

c4-judge commented 6 months ago

Picodes marked the issue as confirmed for report