ether_sky - There is no functionality to set quorumVotesBPS.

[sherlock-admin4]

ether_sky

medium

There is no functionality to set quorumVotesBPS.

Summary

The quorumVotesBPS is used when get dynamic quorum parameters. However, there is currently no method to set this variable, resulting in a constant value of 0.

Vulnerability Detail

The quorumVotesBPS is used when get dynamic quorum parameters.

function getDynamicQuorumParamsAt(
    NounsDAOTypes.Storage storage ds,
    uint256 blockNumber_
) internal view returns (NounsDAOTypes.DynamicQuorumParams memory) {
    uint32 blockNumber = safe32(blockNumber_, 'NounsDAO::getDynamicQuorumParamsAt: block number exceeds 32 bits');
    uint256 len = ds.quorumParamsCheckpoints.length;

    if (len == 0) {
        return
            NounsDAOTypes.DynamicQuorumParams({
                minQuorumVotesBPS: safe16(ds.quorumVotesBPS),
                maxQuorumVotesBPS: safe16(ds.quorumVotesBPS),
                quorumCoefficient: 0
            });
    }

    if (ds.quorumParamsCheckpoints[len - 1].fromBlock <= blockNumber) {
        return ds.quorumParamsCheckpoints[len - 1].params;
    }

    if (ds.quorumParamsCheckpoints[0].fromBlock > blockNumber) {
        return
            NounsDAOTypes.DynamicQuorumParams({
                minQuorumVotesBPS: safe16(ds.quorumVotesBPS),
                maxQuorumVotesBPS: safe16(ds.quorumVotesBPS),
                quorumCoefficient: 0
            });
    }
}

However, there is no way to set this variable.

Impact

Code Snippet

https://github.com/sherlock-audit/2024-03-nouns-dao-2/blob/8f6879efaf831eb7fc9d4a4ad2b62b5334220d87/nouns-monorepo/packages/nouns-contracts/contracts/governance/NounsDAODynamicQuorum.sol#L84-L104

Tool used

Manual Review

Recommendation

[sherlock-admin4]

1 comment(s) were left on this issue during the judging contest.

WangAudit commented:

but this variable is supplied by the user in NounsDAOTypes.Storage struct