Skip to content

Latest commit

 

History

History
40 lines (22 loc) · 1.49 KB

File metadata and controls

40 lines (22 loc) · 1.49 KB

Calm Fiery Llama

Medium

Users can unvouch all of their vouches before the slashing evaluation period starts to avoid the penalty imposed on them

Summary

Whenever EthosVouch::slash() is called to slash a user, up to 10% of every vouch made by that user will be sent to the protocol. However, users who have committed offenses need to be accused of inaccurate claims or unethical behavior by "whistleblowers" so that the evaluation period can start. When users are accused, they can simply unvouch to protect their assets.

Root Cause

The current design allows users to bypass being slashed by unvouching before the evaluation period starts.

Internal pre-conditions

None.

External pre-conditions

None.

Attack Path

  1. User calls EthosVouch::vouchByProfileId() or EthosVouch::vouchByAddress() to vouch for a profile.
  2. That user committs some offenses that would lead to getting slashed.
  3. A "whistleblower" accused that user of inaccurate claims or unethical behaviour.
  4. The user unvouches so that no funds will be slashed before the evaluation period starts.

Impact

The current slashing mechanism can easily be bypassed by users so that they cannot be slashed.

PoC

No response

Mitigation

Alternatives to this slashing mechanism should be explored as the current design can be easily bypassed.