Finding and fixing a vulnerability in broker-pallet
2 years ago
retroactive
development
Executed
The new broker pallet, responsible for handling the Coretime procurement logic, had a vulnerability that allowed users to assign Coretime they no longer owned. This is, obviously, quite problematic. The issue is described in more detail here: https://github.com/paritytech/polkadot-sdk/pull/2811 This is a small tip request for finding reporting and fixing the issue.
Comments (1)
Requested
100.00 DOT
Proposal Passed
Summary
0%
Aye
0%
Nay
Aye (63)0.0 DOT
Support0.0 DOT
Nay (30)0.0 DOT
Fine for now, but i think once the salary kicks in, we should stop tipping fellowship members.