Closed sherlock-admin4 closed 4 months ago
This issue is incorrect, the auditor is misunderstanding how the escrow works.
@eladmallel can you please specifically say where's the auditor is wrong, or they're wrong as a whole?
they don't understand how the escrow works, and I am not sure if it's important to fully articulate here how it works and why they are wrong. if you say it's important we can make the effort.
in essence, they claim that there could be some ID collision when users try to fork out of Nouns DAO, but that is not possible.
Yeah, I guess it's enough. Invalidating this issue accordingly.
ether_sky
medium
Users may not be able to claim tokens from escrow in the forked DAO.
Summary
Users can send tokens to the
escrow
and can later claim the tokens with the sameID
within theforked DAO
. Once tokens are sent to theescrow
, users should be able to claim them at any time. Theadmin
has the ability to withdraw tokens from theescrow
and sent to other users in order to increase thetotal supply
. And that users can join the currentforked DAO
using these tokens. As a result, due to the constraint that the same token ID can not be minted twice, users who sent tokens to theescrow
may not be able to claim tokens in theforked DAO
.Vulnerability Detail
Users have the ability to send tokens to the
escrow
before theforking period
.The
admin
can withdraw tokens from theescrow
.Users can join to the current
forked DAO
using these tokens during theforking period
.Tokens with these
IDs
are minted to these users within theforked DAO
.The original users should be able to claim tokens with these
IDs
. However, the transaction will be reverted.Impact
Code Snippet
https://github.com/sherlock-audit/2024-03-nouns-dao-2/blob/8f6879efaf831eb7fc9d4a4ad2b62b5334220d87/nouns-monorepo/packages/nouns-contracts/contracts/governance/fork/NounsDAOFork.sol#L83-L85 https://github.com/sherlock-audit/2024-03-nouns-dao-2/blob/8f6879efaf831eb7fc9d4a4ad2b62b5334220d87/nouns-monorepo/packages/nouns-contracts/contracts/governance/fork/NounsDAOFork.sol#L198 https://github.com/sherlock-audit/2024-03-nouns-dao-2/blob/8f6879efaf831eb7fc9d4a4ad2b62b5334220d87/nouns-monorepo/packages/nouns-contracts/contracts/governance/fork/NounsDAOFork.sol#L154 https://github.com/sherlock-audit/2024-03-nouns-dao-2/blob/8f6879efaf831eb7fc9d4a4ad2b62b5334220d87/nouns-monorepo/packages/nouns-contracts/contracts/governance/fork/newdao/token/NounsTokenFork.sol#L176 https://github.com/sherlock-audit/2024-03-nouns-dao-2/blob/8f6879efaf831eb7fc9d4a4ad2b62b5334220d87/nouns-monorepo/packages/nouns-contracts/contracts/governance/fork/newdao/token/NounsTokenFork.sol#L155
Tool used
Manual Review
Recommendation
Restrict
admin withdrawals
during theforking period
.