c4-judge
commented
8 months ago Picodes marked the issue as nullified
Closed c4-bot-3 closed 8 months ago
c4-judge
commented
8 months ago Picodes marked the issue as nullified
Lines of code
Vulnerability details
Comments
Because of ballot name conflict mechanism, Legitimate proposal creation could be DoSed by malicious user through front-running same proposal creation but different other infos
Mitigation
commit 39921b4 The mitigation included all necessary arguments into
ballotName:proposeParameterBallot():parameterType,descriptionproposeTokenWhitelisting():token,tokenIconURL,descriptionproposeTokenUnwhitelisting():token,tokenIconURL,descriptionproposeSendSALT():wallet,amount,descriptionproposeCallContract():contractAddress,number,descriptionproposeCountryInclusion():countryCode,descriptionproposeCountryExclusion():countryCode,descriptionproposeSetAccessManager():newAddress,descriptionproposeWebsiteUpdate():newWebsiteURL,descriptionThe original issue was resolved.
Conclusion
Confirmed