Flexible Voting Bugfix and Adoption Update

On Aprli 4th, 2023, ScopeLift released v1.0.0 of Flexible Voting, our extension to the OpenZeppelin governance contracts used by many DAOs. The release had been audited by OpenZeppelin.

In early June 2023, ScopeLift was contacted by developers from Frax Finance, who had incorporated Flexible Voting in their governance architecture. During an audit of their governance contracts by Trail of Bits, a previously unknown bug was found in the v1.0.0 release of Flexible Voting.

Vulnerability and Fix

The bug discovered by Trail of Bits was an edge case related to signature based voting. Voting by signature is not the primary way most delegates express votes onchain, but it is an option enabled by the Governor contract and is sometimes used by DAOs to offer "free" voting by subsidizing relayers to pay for gas and submit signature based votes on behalf of token holders.

Because the Flexible Voting Governor allows rolling voting—that is, delegates can cast multiple votes until all of their voting weight has been used—a replay vulnerability was introduced. In particular, it would be possible for a vote to be replayed if the following conditions were met:

The delegate voted via signature using the castVoteWithReasonAndParamsBySig method The delegate cast a vote that assigned less than or equal to 50% of their available voting weight Replaying the signature vote would not put the delegate's total voting power over 100%, after accounting for other votes cast To resolve the issue, a nonce was added when voting fractionally by signature. When casting a fractional vote by signature the nonce must be included in the params past to the castVoteWithReasonAndParamsBySig method.

The fix was reviewed by OpenZeppelin and the updated version of their audit report includes a summary of the bug and subsequent fix.

The bug described above did not affect any live contracts onchain as far as we are aware. Moving forward, v1.0.0 should be considered deprecated. Only the v1.1.0 release of the GovernorCountingFractional contract should be used.

Adoption

As mentioned earlier, Frax Finance is adopting Flexible Voting as part of their governance architecture. They join Gitcoin and PoolTogether—both of which have contracted with ScopeLift for Governor upgrades—as DAOs poised to adopt Flexible Voting in the near future (pending approval by their communities).

Several other DAOs are in earlier stages of considering an upgrade to Flexible Voting. We're looking forward to seeing Flexible Voting live in production for a number of DAOs in the near future. Expect more updates on this front soon!