A batch of calls may be doubly executed in Timelock.
Scenario
Consider the following two scenarios where increaseTime() is executed after execute() for the same callHash:
The authorized GSC contract accidentally or maliciously calls increaseTime() for the callHash that has already been executed. (Difficulty: High)
OR, the GSC legitimately calls increaseTime() near the end of the original waiting period, but increaseTime() is delayed for some reason until the original waiting period passes, and immediately adversaries front-run execute() before the increaseTime() transaction. (Difficulty: Medium)
Then, callTimestamps[callHash] becomes non-zero again, and the subsequent execute() may lead to double execution of the same batch of calls.
Recommendation
Add an extra condition require(callTimestamps[callHash] != 0); in the increaseTime() function to ensure that the given callHash is active.
A batch of calls may be doubly executed in
Timelock.Scenario
Consider the following two scenarios where
increaseTime()is executed afterexecute()for the samecallHash:increaseTime()for thecallHashthat has already been executed. (Difficulty: High)increaseTime()near the end of the original waiting period, butincreaseTime()is delayed for some reason until the original waiting period passes, and immediately adversaries front-runexecute()before theincreaseTime()transaction. (Difficulty: Medium)Then,
callTimestamps[callHash]becomes non-zero again, and the subsequent execute() may lead to double execution of the same batch of calls.Recommendation
Add an extra condition
require(callTimestamps[callHash] != 0);in theincreaseTime()function to ensure that the givencallHashis active.