Malicious attacker can cheat the voting mechanism to sunset the collection
Summary
A dishonest party can cheat the voting mechanism to influence the vote when users are trying to sunset a collection
Vulnerability Detail
The protocol leaves a room for users to create and canceling listing at any instant. An attacker can create a malicuous contract that will do the following
CreateListing from listing contract
call start on the CollectionShutdown contract
call CancelListing from the listing contract
Impact
Attacker can influence votes provided that they have enough collection ERC20 token
Round Silver Cuckoo
Medium
Malicious attacker can cheat the voting mechanism to sunset the collection
Summary
A dishonest party can cheat the voting mechanism to influence the vote when users are trying to sunset a collection
Vulnerability Detail
The protocol leaves a room for users to create and canceling listing at any instant. An attacker can create a malicuous contract that will do the following
CreateListing
from listing contractCollectionShutdown
contractCancelListing
from the listing contractImpact
Attacker can influence votes provided that they have enough collection ERC20 token
Code Snippet
https://github.com/sherlock-audit/2024-08-flayer/blob/0ec252cf9ef0f3470191dcf8318f6835f5ef688c/flayer/src/contracts/utils/CollectionShutdown.sol#L135
Tool used
Manual Review
Recommendation
consider setting a cool down time fot which users will be able to cancel, from when the listing was created