QA Report #72
Labels
bug
Something isn't working
QA (Quality Assurance)
Assets are not at risk. State handling, function incorrect as to spec, issues with clarity, syntax
resolved
Finding has been patched by sponsor (sponsor pls link to PR containing fix)
sponsor confirmed
Sponsor agrees this is a problem and intends to fix it (OK to use w/ "disagree with severity")
Low Risk Vulnerabilities
1. No function to remove gauge from whitelist
If governance mistakenly whitelisted a faulty/malicious gauge, there is no way to remove it. A malicious gauge could mint as much $BKD as it's currently available according to the inflation schedule, in detriment of other gauges' allocation.
Recommended Mitigation Steps
Unless there's a reason not to, consider adding a function to remove gauge from whitelist in
InflationManager.sol
:Related Links
The text was updated successfully, but these errors were encountered: