bgibers
commented
5 months ago It is a design decision but is valid
Open hats-bug-reporter[bot] opened 6 months ago
bgibers
commented
5 months ago It is a design decision but is valid
Github username: @0xmahdirostami Twitter username: 0xmahdirostami Submission hash (on-chain): 0x824726bc37065e0a15464fdd8b6a848f1dbcb62f6e7c09d0a9ee7b9e0160174a Severity: low
Description: Description: The
remove_agentfunction currently only checks the weight of the agent but does not verify whether the agent has bonded AZERO tokens or not. This lack of verification poses a risk, as an agent with bonded AZERO tokens could potentially be removed from the list of agents.Scenario: An agent with bonded AZERO tokens could unintentionally be removed from the list of agents if the
remove_agentfunction is called without checking whether the agent has bonded tokens.Impact: The unintended removal of an agent with bonded AZERO tokens can have negative consequences, affecting unstaking and compounding operations.
Recommended Mitigation: Enhance the
remove_agentfunction to include a check for bonded AZERO tokens associated with the agent. This ensures that only agents without bonded tokens are removed from the list.