The Governor contract contains special functions to set it as the admin of the Timelock.
Only the admin can call Timelock.cancelTransaction.
There are no functions in Governor that call Timelock.cancelTransaction.
This makes it impossible for Timelock.cancelTransaction to ever be called.
- Short term, add a function to the Governor that calls
Timelock.cancelTransaction. - It is unclear who should be able to call it, and what other restrictions there should be around cancelling a transaction. Long term, consider letting Governor inherit from
Timelock. - This would allow a lot of functions and code to be removed and significantly lower the complexity of these two contracts.
- ToB Audit Origin Dollar Finding 6
- Denial-of-Service
- High Severity
- Governor -> Timelock
cancelTransaction()- Add Governor Function Inheritance
- Youtube Reference
- High Risk severity finding from ToB’s Audit of Origin Dollar