Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom

[L-05] Zero or negligible total stake allows proposals to always pass #55

Open
softstackio opened this issue Dec 10, 2024 · 0 comments · May be fixed by #68
Open

[L-05] Zero or negligible total stake allows proposals to always pass #55

softstackio opened this issue Dec 10, 2024 · 0 comments · May be fixed by #68
Assignees
@MSalman6

Comments

@softstackio
Copy link

Severity: Low
Likelihood: Low

Description:

In extreme scenarios where the total staking amount is zero or extremely small, the quorum calculation will allow proposals to almost always pass. Because the quorum is calculated relative to total stake, if that stake is zero, any proposal effectively meets the quorum threshold. Consequently, proposals can be accepted without receiving any meaningful support.

    function quorumReached(ProposalType _type, VotingResult memory result) public view returns (bool) {
        uint256 requiredExceeding;
        uint256 totalStakedAmount = _getTotalStakedAmount();

        if (_type == ProposalType.ContractUpgrade) {
              requiredExceeding = totalStakedAmount * (50 * 100) / 10000;
        } else {
              requiredExceeding = totalStakedAmount * (33 * 100) / 10000;
        }

        return result.stakeYes >= result.stakeNo + requiredExceeding;

In this case, requiredExceeding will be 0 as long as totalStakedAmount is small enough (less than 5000).

Impact:

With zero or negligible total stake,the quorum requirements and thresholds do not provide any meaningful resistance or require actual consensus.

Proof of Concept:

Execute the following test by running forge test --mt testQuorumCalculationWithZeroOrSmallTotalStake -vv:

    function testQuorumCalculationWithZeroOrSmallTotalStake() public {
        address proposer = users[2];

        // Create a proposal
        address[] memory targets = new address[](1);
        targets[0] = users[1];

        uint256[] memory values = new uint256[](1);
        values[0] = 100 ether;

        bytes[] memory callDatas = new bytes[](1);
        callDatas[0] = "";

        uint256 proposalId = createProposal(proposer, "Test Proposal", targets, values, callDatas);

        // No validators added, total stake is zero

        // Switch to Voting phase
        switchPhase();

        // No votes cast

        // Switch phase to end Voting
        switchPhase();

        // Finalize proposal
        dao.finalize(proposalId);

        // Check proposal state
        Proposal memory proposal = dao.getProposal(proposalId);

        // Proposal is accepted
        // @note Basically, when total stakes are 0 or very small at the time of quorum calculation, any proposal will get accepted (as long as Yes >= No)
        assertEq(uint256(proposal.state), uint256(ProposalState.Accepted));
    }

Recommendation:

  • Ensure that proposals cannot pass without 0 votes.
  • Consider implementing a base quorum that is independent of the total staked amount.
MSalman6 added a commit to MSalman6/diamond-contracts-dao that referenced this issue Jan 2, 2025
@MSalman6
Fix DMDcoin#55: Ensure atleast 1 vote for quorum reached check
ddc3f87
@MSalman6 MSalman6 linked a pull request Jan 27, 2025 that will close this issue
Open
@Kris-DMD Kris-DMD moved this to In Progress in Diamond Beta Feb 7, 2025
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Assignees

@MSalman6 MSalman6

Labels
None yet
Projects
Diamond Beta
Status: In Progress
Milestone
No milestone
Development

Successfully merging a pull request may close this issue.

Audit Fixes MSalman6/diamond-contracts-dao
2 participants
@MSalman6 @softstackio