search

code-423n4 / 2024-03-saltyio-mitigation-findings

0 stars 0 forks source link

M-07 MitigationConfirmed #73

Open c4-bot-8 opened 8 months ago

c4-bot-8 commented 8 months ago

Lines of code

Vulnerability details

Comments

The original implementation didn't reset proposedMainWallet to address(0) when the wallet changing proposal is rejected. This resulted in no way to propose a new wallet proposal again at all.

Mitigation

commit 5766592 Since the only purpose of ManagedWallet#mainWallet is receiving SALT reward on behalf of development team, the mitigation removed ManagedWallet implementation and used immutable teamWallet address directly. There is no need to change it any more. The mitigation resolved the original issue.

Conclusion

Confirmed

c4-judge commented 8 months ago

Picodes marked the issue as satisfactory