VotingBooth Manual Review Findings
VotingBooth Manual Review Findings
VBH-01M: Inconsistent Behaviour
| Type | Severity | Location |
|---|---|---|
| Mathematical Operations | 
| VotingBooth.sol:L34, L46 |
Description:
The code of the Bip contract performs an addition of startFor and periodFor of a particular BIP safely at all times whereas this contract performs them unsafely.
Example:
protocol/contracts/farm/facets/GovernanceFacet/VotingBooth.sol
33function placeLock(address account, uint32 bipId) internal {34 uint32 newLock = startFor(bipId) + periodFor(bipId);35 if (newLock > s.a[account].lockedUntil) {36 s.a[account].lockedUntil = newLock;37 }38}Recommendation:
We advise them to be performed safely across the codebase to avoid unexpected behaviour.
Alleviation:
The calculations are now conducted safely as advised in all linked instances.
View Fix on GitHub