Notice: Polkadot has migrated to AssetHub. Balances, data, referenda, and other on-chain activity has moved to AssetHub.Learn more
Finding and fixing a vulnerability in broker-pallet
2 years ago
retroactive
development
Executed
The new broker pallet, responsible for handling the Coretime procurement logic, had a vulnerability that allowed users to assign Coretime they no longer owned. This is, obviously, quite problematic. The issue is described in more detail here: https://github.com/paritytech/polkadot-sdk/pull/2811 This is a small tip request for finding reporting and fixing the issue.
Comments (1)
Requested
100.00 DOT
Proposal Passed
Fine for now, but i think once the salary kicks in, we should stop tipping fellowship members.