Referendum #393

Finding and fixing a vulnerability in broker-pallet

Small Tipper

1yr ago

1 Comments

Executed

The new broker pallet, responsible for handling the Coretime procurement logic, had a vulnerability that allowed users to assign Coretime they no longer owned. This is, obviously, quite problematic.

The issue is described in more detail here: https://github.com/paritytech/polkadot-sdk/pull/2811

This is a small tip request for finding reporting and fixing the issue.

Request

100DOT

Status

Decision7d

Confirmation10mins

Attempts

Tally

93.4%Aye

50.0%Threshold

6.6%Nay

Aye

≈2.82MDOT

Nay

≈198.46KDOT

0.0%
0.09%
0.0%

Threshold

Support0.09%

≈1.19MDOT

Issuance

≈1.32BDOT

Votes

Nested

Flattened

Calls

How OpenGov works↗

Call

Metadata

Timeline6

Votes Bubble

Statistics

Comments

We Use Cookies!

This site uses cookies to improve your browsing experience, to show you personalized content, to analyze our website traffic.