Upgraded Q -> 2 from #748 [1675439377792] #887
Labels
2 (Med Risk)
Assets not at direct risk, but function/availability of the protocol could be impacted or leak value
duplicate-521
satisfactory
satisfies C4 submission criteria; eligible for awards
Comments
c4-judge
added
the
2 (Med Risk)
c4-judge
added a commit
that referenced
this issue
Feb 3, 2023
|
GalloDaSballo marked the issue as duplicate of #521 |
c4-judge
added
the
satisfactory
|
GalloDaSballo marked the issue as satisfactory |
Sign up for free
to join this conversation on GitHub.
Already have an account?
Sign in to comment
Judge has assessed an item in Issue #748 as 2 risk. The relevant finding follows:
[L] MultisigManager doesn't have unregister function
MultisigManager.sol contains a hard limit of MULTISIG_LIMIT to 10. Meanwhile in the contract, there are functions like registerMultisig, enableMultisig, and disableMultisig. So, logically, there should be a unregister or remove for the multisig.
If the limit is reached and some address was disabled or maybe compromised, it will locked the protocol from registering new multisig.
If multisig is secure enough so that it wont get compromised, then the hard limit of it seems unnecessary.
The text was updated successfully, but these errors were encountered: