Light ModeLight
Light ModeDark

One Bug Per Day

One H/M every day from top Wardens

Checkmark

Join over 1020 wardens!

Checkmark

Receive the email at any hour!

Ad

Rage quit modifications should be limited to provide stronger guarantees to party members

mediumCode4rena

Lines of code

https://github.com/code-423n4/2023-05-party/blob/main/contracts/party/PartyGovernanceNFT.sol#L270

Vulnerability details

Party hosts can arbitrarily change the rage quit settings overriding any existing preset.

Impact

Rage quit is implemented in the PartyGovernanceNFT contract by using a timestamp. Leaving aside the cases of permanent settings (which, of course, cannot be changed) this implementation allows a more flexible feature than a simple enable/disable toggle. The timestamp represents the time until rage quit is allowed, if the timestamp is still in the future then rage quit is enabled, if it is in the past, the feature is disabled.

This setting can be changed at will by party hosts. At any moment and without any restriction (other than the permanent enabled or disabled, which cannot be modified), the party host is allowed to change the value to any arbitrary date. This means that an already scheduled setting that would allow rage quit until a certain future date, can be simply overridden and changed by the party host.

A party member can feel secure knowing it has the option to rage quit until the defined timestamp in rageQuitTimestamp. However any party host can arbitrarily reduce or completely disable the feature, ignoring any preset.

This is particularly concerning as it defeats the purpose of having a programmable expire date of the rage quit feature. The allowed modifications should ensure members are covered at least until the agreed timestamp (i.e. extend it or leave it as it is to disable rage quit the moment the timestamp expires), or provide better guarantees against arbitrary changes.

Recommendation

Here are some alternatives that should be taken as ideas to be used individually or in some combination:

  1. Ensure rage quit cannot be disabled at least until the current defined timestamp.
  2. Rage quit can only be reduced by a certain amount of time (for example, a percentage of remaining time).
  3. Rage quit can only be changed once per period of time.
  4. If rage quit is currently enabled, then ensure timestamp is not decreased below the latest proposal execution time.

Assessed type

Other

OneBugPerDay.com
To all the whitehats, we salute you

Legal

Advertise with usPrivacy PolicyTerms of ServiceCookie PolicyAcceptable Use

Unsubscribe

Unsubscribe from all emailsConfirm unsubscribe via code

Subscribe

Subscribe via formConfirm subscription via codeChange your Preferences
Made by Alex The EntreprenerdVulnerabilities database by TinTinWeb