WhoAmI?
may be auditor

Security blog

Add new post Feed

Auditors space

Dapp Security list Audit Challenges Team formation

Dapps and protocols

Pre-audit plan Audit Profile

Dev Tools

Dev tools Testing tools

Protocol Marketing

Marketing tips

Misc

Support Log In

AuditProfile, Copywright 2025

info@auditprofile.xyz

Privacy Policy

AuditProfile

Block: 64

Author: AuditProfile

AuditProfile

Security blog

Propose token whitelisting

#propose

#dos

Hint

There is a possibility of protocol DDoS.

Answer

daoConfig.maxPendingTokensForWhitelisting() was set by default to 5. In other words, more than 5 proposals could not be added for voting. The problem was that any user could add their own proposal, which opened up the possibility of a DoS attack. A hacker could either constantly ‘stuff’ the proposals to the maximum and block the addition of new ones, or frontrun unwanted tokens and also lock the system.

CTF

Capture the Ether The Ethernaut Damn Vulnerable DeFi CryptoZombies Speedrun Ethereum CipherShastra Mr Steal Yo Crypto Cryptohack DeFi Hack Ether Hack CTF protocol CTF Blockchain Challenges

Awesome Books

Uniswap V2 Book

by RareSkills
Uniswap V3 Book

by Jeiwan
Compound Book

by RareSkills
ZK Book

by RareSkills
Ethereum Book

by Andreas M. Antonopoulos, Gavin Wood
Beigepaper

by Micah Dameron

Useful tools

EVM diff

Compare execution layer differences between chains
EVM storage

Dive deep into the storage of any contract

Регистрация прошла успешно! Спасибо за внимание!

loader