Polkassembly Logo

OpenGov
View All Small Tipper

Finding and fixing a vulnerability in broker-pallet

inSmall Tipper
3 years ago
retroactive
development
Executed

The new broker pallet, responsible for handling the Coretime procurement logic, had a vulnerability that allowed users to assign Coretime they no longer owned. This is, obviously, quite problematic. The issue is described in more detail here: https://github.com/paritytech/polkadot-sdk/pull/2811 This is a small tip request for finding reporting and fixing the issue.

Comments (1)

3 years ago

Fine for now, but i think once the salary kicks in, we should stop tipping fellowship members.

Polkassembly is now a read-only archive. Commenting is disabled.

Requested

DOT
100.00 DOT

Proposal Passed

Help Center

Report an Issue
Feedback
Terms and Conditions
Github

Our Services

Docs
Terms of Website
Privacy Policy

Polkassembly · Archived 2026 · polkassembly.io

Terms and ConditionsTerms of Website
Privacy Policy