Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom

MatricksDeCoder - .. #96

Closed
sherlock-admin2 opened this issue Jan 25, 2024 · 0 comments
Closed

MatricksDeCoder - .. #96

sherlock-admin2 opened this issue Jan 25, 2024 · 0 comments
Labels
Non-Reward This issue will not receive a payout

Comments

@sherlock-admin2
Copy link
Contributor

sherlock-admin2 commented Jan 25, 2024
edited
Loading

MatricksDeCoder

medium

..

Summary

Critical parameters like addresses and sanity checks of values lack input validation e.g constructor in GovernanceBravoDelegator lacks input validation on all passed-in parameters,

Vulnerability Detail

Take for example the constructor in GovernanceBravoDelegator .sol parameters are not validated as suggested in Compound audit Medium finding, and olympus uses compound governance

Impact

Not checking values allows setting of address to address(0), e.g timelock, ohm address, kernel implementation can be set to address(0).

uint256 votingPeriod_, uint256 votingDelay_, uint256 proposalThreshold_ can be set to arbitrary values that makes the voting module not work or not work as expected. These need to be sanity checked and bounded

Code Snippet

https://github.com/sherlock-audit/2024-01-olympus-on-chain-governance/blob/main/bophades/src/external/governance/GovernorBravoDelegator.sol#L10

onstructor(
        address timelock_,
        address gohm_,
        address kernel_,
        address implementation_,
        uint256 votingPeriod_,
        uint256 votingDelay_,
        uint256 proposalThreshold_
    ) {
        // Admin set to msg.sender for initialization
        admin = msg.sender;

        delegateTo(
            implementation_,
            abi.encodeWithSignature(
                "initialize(address,address,address,uint256,uint256,uint256)",
                timelock_,
                gohm_,
                kernel_,
                votingPeriod_,
                votingDelay_,
                proposalThreshold_
            )
        );

Tool used

  1. Manual Analysis
  2. OpenZeppelin Audit of Compund https://blog.openzeppelin.com/compound-governor-bravo-audit

Manual Review

Recommendation

Consider bounding inputs to reasonable ranges and excluding certain values, such as address(0) or uint256(0) from being successfully passed in. This will reduce the surface for error when using these functions.

Duplicate of #21
@github-actions github-actions bot added the Duplicate A valid issue that is a duplicate of an issue with `Has Duplicates` label label Jan 27, 2024
@sherlock-admin2 sherlock-admin2 changed the title Curly Pine Loris - .. MatricksDeCoder - .. Jan 30, 2024
@sherlock-admin2 sherlock-admin2 added Non-Reward This issue will not receive a payout and removed Duplicate A valid issue that is a duplicate of an issue with `Has Duplicates` label labels Jan 30, 2024
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Assignees
No one assigned
Labels
Non-Reward This issue will not receive a payout
Projects
None yet
Milestone
No milestone
Development

No branches or pull requests
1 participant
@sherlock-admin2