Closed FeeqCodes closed 1 month ago
"This presents a vulnerability where the governor could potentially manipulate the challenge period for ongoing requests, bypassing the intended security measures." The governor is trusted and will be moved to the governance contract.
As per the contest rules are excluded:
Description\ The
changeDurations
function in the ProofOfHumanity contract allows the governor to modify critical time parameters, including the challengePeriodDuration. This presents a vulnerability where the governor could potentially manipulate the challenge period for ongoing requests, bypassing the intended security measures.Attack Scenario\ When a request is submitted, it enters a challenge period during which it can be contested. The duration of this period is crucial for maintaining the integrity of the system. However, if the governor changes the challengePeriodDuration while requests are in the challenge period, it could prematurely end or extend the challenge period for those requests.
This vulnerability could be exploited in two ways:
Shortening the challenge period: The governor could drastically reduce the challengePeriodDuration, potentially allowing requests to pass through with insufficient time for proper scrutiny. Extending the challenge period: The governor could indefinitely extend the challengePeriodDuration, effectively freezing requests in the challenge state. Either scenario compromises the fairness and predictability of the challenge process, potentially leading to the acceptance of fraudulent requests or the unfair blocking of legitimate ones.
POC
Recommendation
Introduce a time delay for duration changes: Implement a timelock mechanism where changes to durations only take effect after a predetermined period, allowing users to be aware of upcoming changes.
Use a separate storage for active requests: Store the challenge period end time for each request at the time of submission, making it independent of subsequent duration changes.