The new broker pallet, responsible for handling the Coretime procurement logic, had a vulnerability that allowed users to assign Coretime they no longer owned. This is, obviously, quite problematic.
The issue is described in more detail here: https://github.com/paritytech/polkadot-sdk/pull/2811
This is a small tip request for finding reporting and fixing the issue.
We Use Cookies!
This site uses cookies to improve your browsing experience, to show you personalized content, to analyze our website traffic.