-
Notifications
You must be signed in to change notification settings - Fork 0
New issue
Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.
By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.
Already on GitHub? Sign in to your account
A user can delegate his tire voting to a zero address #228
Comments
This is not an issue, user can delegate votes at will (including delegating to another address later after delegating to |
@drgorillamd |
@csanuragjain indeed, reopened 11 to give it another look, it kinda feels like a different issue tho |
The warden has not showed why the user won't be able to delegate to other address post delegating to |
Picodes changed the severity to QA (Quality Assurance) |
Picodes marked the issue as grade-b |
Lines of code
https://github.com/jbx-protocol/juice-nft-rewards/blob/f9893b1497098241dd3a664956d8016ff0d0efd0/contracts/JB721TieredGovernance.sol#L177
Vulnerability details
Impact
A user can lose his vote for a specific tire id by delegating his vote to a zero address.
Proof of Concept
In the
setTierDelegate
function and also in_delegateTier
function which is called by the previous function the input delegated address is not checked. In the_delegateTier
function, then is stored in the_tierDelegation
mapping for a specific tire id. In the_moveTierDelegateVotes
function also there is not any revert if the new delegated address is zero.Tools Used
Manual
Recommended Mitigation Steps
Check delegated for not being zero.
The text was updated successfully, but these errors were encountered: