New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom

recoveryTimelock mis-configured #918

Open

anna-carroll opened this issue Oct 29, 2021 · 0 comments

Assignees

Labels

bug fix Priority

Contributor

anna-carroll commented Oct 29, 2021

What is wrong?

recoveryTimelock on the GovernanceRouter is configured to "1" on all chains
this means when recovery is initiated, it becomes active after 1 second

When did we notice?

I discovered the mis-configuration while prepping transaction to transfer governor to Celo

How can we fix this?

recoveryTimelock is an immutable variable (stored in the code of the GovernanceRouter, rather than storage) - so, to fix, this, we need to upgrade the GovernanceRouter to a new implementation
to lock down the system while we triage, we should initiate recovery and transfer the recoveryManager role to a more secure multisig (currently configured as an EOA)

How did this happen?

mis-configuration probably due to problem in dev tooling
we need to root-cause to prevent repro in the future

The text was updated successfully, but these errors were encountered:

anna-carroll added bug Priority fix labels

anna-carroll self-assigned this

Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment