DAO v1.1 Public Testing Report

CKB Community Fund DAO
2

I noticed that the is one attack vector I mentioned quite a few times, but not mentioned here:

  1. An undetectable malicious attacker takes control of voting infrastructure (these things happen)
  2. Voter try to vote on a proposal of crucial importance (it could be a meta-rule change or stewards electtion)
  3. Attacker selectively do not send the whitelist inclusion proof to voter
  4. Voter cannot vote
  5. Attacker wins vote
  6. Voter tries to prove that he was prevented from voting
  7. Community Audit tool cannot prove that he was denied voting

@_magicsheep if you remember we talked about it on January, right before a DAO v1.1 AMA: Telegram: View @NervosNetwork

May I ask how was this attack addressed or documented?

Love & Peace, Phroi

PS:

1 Like
[ANN]The Babel Reunited translation plugin has started public beta testing in the DAO category
[ANN]The Babel Reunited translation plugin has started public beta testing in the DAO category