Judge has assessed an item in Issue #543 as 2 risk. The relevant finding follows:
[04] Function approveUSDPrice does not check whether voter (a PrideFeed) already diapproved the proposal or not
Function approveUSDPrice performs the following checks to decide whether an approval is valid/acceptable:
if (usdUpdateProposal.proposer == address(0)) revert NoProposalError();
if (usdUpdateProposal.proposer == msg.sender)
revert ProposerCannotApproveError();
if (usdUpdateProposal.approvals[msg.sender] == _usdProposalId)
revert ProposalAlreadyApprovedError();
if (usdUpdateProposal.proposedPrice != _price)
revert ProposalPriceNotMatchedError();
It checks whether the the voter already approved the proposal, but it does not check whether it previously disapproved the same proposal. Hence, it is possible for a PriceFeed to disapprove, and then approve the same proposal.
(In contract, disapproveUSDPrice does check whether the PriceFeed that is voting has previously approved and also whether it previously disapproved the proposal.)
To mitigate the issue, add an additional check to function approveUSDPrice:
if (usdUpdateProposal.proposer == address(0)) revert NoProposalError();
if (usdUpdateProposal.proposer == msg.sender)
revert ProposerCannotApproveError();
if (usdUpdateProposal.approvals[msg.sender] == _usdProposalId)
revert ProposalAlreadyApprovedError();
+ if (usdUpdateProposal.disapprovals[msg.sender] == _usdProposalId)
+ revert ProposalAlreadyDisapprovedError();
if (usdUpdateProposal.proposedPrice != _price)
revert ProposalPriceNotMatchedError();
Judge has assessed an item in Issue #543 as 2 risk. The relevant finding follows:
[04] Function
approveUSDPrice
does not check whether voter (a PrideFeed) already diapproved the proposal or notFunction
approveUSDPrice
performs the following checks to decide whether an approval is valid/acceptable:It checks whether the the voter already approved the proposal, but it does not check whether it previously disapproved the same proposal. Hence, it is possible for a PriceFeed to disapprove, and then approve the same proposal.
(In contract,
disapproveUSDPrice
does check whether the PriceFeed that is voting has previously approved and also whether it previously disapproved the proposal.)To mitigate the issue, add an additional check to function
approveUSDPrice
: