InternalGovernance Manual Review Findings

IGE-01M: Logic Upgrade w/o Governance Approval

Type	Severity	Location
Centralization Concern		InternalGovernance.sol:L57-L61

Description:

The InternalGovernance contract represents an upgradeable contract and the way its ownership is established the contract can be upgraded without a voting process taking place.

Example:

Copy
33function initialize(
34    ERC20VotesUpgradeable _token,
35    TimelockControllerUpgradeable _timelock,
36    address _steerTimeLock,
37    address[] memory _voters
38) public initializer {
39    __Governor_init("SteerGovernance");
40    __GovernorSettings_init(
41        1, /* 1 block of voting delay*/
42        45818, /* 1 week of voting period*/
43        100e18 /* Voters need 100 tokens to vote */
44    );
45    __GovernorCompatibilityBravo_init();
46    __GovernorVotes_init(_token);
47    __GovernorVotesQuorumFraction_init(
48        40 /* 40% */
49    );
50    __GovernorTimelockControl_init(_timelock);
51    __Ownable_init();
52    __UUPSUpgradeable_init();
53    steerTimelock = _steerTimeLock;
54    giveVotingPowerDuringDeployment(_voters);
55}
56
57function _authorizeUpgrade(address newImplementation)
58    internal
59    override
60    onlyOwner
61{}

Recommendation:

We advise either the ownership of the contract to be transferred to its timelock or the contract itself to no longer be upgradeable, the latter of which we advise as governance processes should remain as immutable as possible in the lifetime of a project.

Alleviation (0ed41ccc18a72b7e559b8d79ab7ba6172362ee3b):

The Steer Protocol has stated that they wish to retain the current ownership and upgradeability system in place as they may require new features to be introduced to the governance module prior to its eventual complete decentralization and ownership transfer. As a result, we consider this exhibit acknowledged.

IGE-02M: Abnormally Small Voting Delay

Type	Severity	Location
Logical Fault		InternalGovernance.sol:L41

Description:

The voting delay of the InternalGovernance contract is 1 block which is an abnormally low voting delay that hurts the operational integrity of the system.

Impact:

As an example, a user can take a significant loan albeit for a meagre two blocks after which they return it with minimal mark-up but completely compromise the voting process of the Steer Protocol.

Example:

Copy
40__GovernorSettings_init(
41    1, /* 1 block of voting delay*/
42    45818, /* 1 week of voting period*/
43    100e18 /* Voters need 100 tokens to vote */
44);

Recommendation:

We advise the voting delay to be adjusted to a higher value as it is currently possible for well-funded attackers to completely compromise the governance integrity of the contract.

Alleviation (200f275c40cbd4798f4a416c044ea726755d4741):

The voting delay has been increased to 3600 blocks which are equivalent to roughly 12 hours of a delay, significantly increasing the operational security of the governance module and alleviating this exhibit.