31558 - [SC - Insight] Discrepancy in MAX_PROPOSAL_NUMERATOR Value in ...

Submitted on May 21st 2024 at 09:40:57 UTC by @Limbooo for Boost | Alchemix

Report ID: #31558

Report type: Smart Contract

Report severity: Insight

Target: https://github.com/alchemix-finance/alchemix-v2-dao/blob/main/src/AlchemixGovernor.sol

Impacts:

• Contract fails to deliver promised returns, but doesn't lose value

Description

Introduction

The AlchemixGovernor contract contains a discrepancy between the implemented MAX_PROPOSAL_NUMERATOR value and the value specified in the official veALCX Launch Parameters Proposal document. The contract currently uses a value of 5000 (50%), while the documentation specifies a value of 6600 (66%).

Vulnerability Details

Current Implementation

The AlchemixGovernor contract defines the MAX_PROPOSAL_NUMERATOR as follows:

src/AlchemixGovernor.sol:
  19:     uint256 public constant MAX_PROPOSAL_NUMERATOR = 5000; // 50% of total supply to create a proposal

This means that currently, setting the % of total supply required to create a proposal (proposalNumerator) to a value more than 50% and less than 66% will revert with 'numerator too high' error.

src/AlchemixGovernor.sol:
  64:     /**
  65:      * @dev Set the % of total supply required to create a proposal
  66:      * @param numerator The new numerator value for the quorum fraction
  67:      */
  68:     function setProposalNumerator(uint256 numerator) external {
  69:         require(msg.sender == admin, "not admin");
@>70:         require(numerator <= MAX_PROPOSAL_NUMERATOR, "numerator too high");
  71:         proposalNumerator = numerator;
  72:         emit ProposalNumberSet(numerator);
  73:     }

Documented Parameters

According to the veALCX Launch Parameters Proposal document, the MAX_PROPOSAL_NUMERATOR should be set to 6600 (66%):

MAX_PROPOSAL_NUMERATOR, 6600 (66%), Maximum threshold for quorum, hard coded, set up to never be changed except by an upgrade

Impact Details

The discrepancy between the documented and implemented values can have the following impacts:

• Governance Integrity: The governance process may not function as intended, as the max threshold for creating proposals is lower than what was documented.

• Community Trust: Community members who refer to the documentation may be confused by the mismatch, leading to mistrust in the governance system.

References

• Quote from “veALCX Launch Parameters Proposal”

Proof of Concept

Here is a simple test case that you can use to verify the correct discrepancy behavior

// SPDX-License-Identifier: UNLICENSED
import "./BaseTest.sol";

contract AlchemixGovernorPoCTest is BaseTest {

    function setUp() public {
        setupContracts(block.timestamp);
    }


    function testMaxProposalNumerator() public {
        assertTrue(governor.MAX_PROPOSAL_NUMERATOR() != 6600, "MAX_PROPOSAL_NUMERATOR is not 6600");
        
        hevm.prank(admin);
        hevm.expectRevert(abi.encodePacked("numerator too high"));
        governor.setProposalNumerator(6000);
    }
}