Medium
1. DDos to prevent poll owner from generating mergedStateRoot
After voting is over, poll owner is supposed to call mergeMaciStateAqSubRoots(...) repeatedly, until all subtrees are merged, then owner will then call mergeMaciStateAq(...) to create mergedStateRoot.
However, the last call may always be front-run by a signup call by an unknowing or malicious user, such that subTreesMerged is no longer True.
https://github.com/privacy-scaling-explorations/maci/blob/776f9ece4191c765e59168b3214418e461af909c/contracts/contracts/trees/AccQueue.sol#L149
If the signup gate keeper maintains only limited registration quota, then this is a gas-grief attack, as mergeMaciStateAqSubRoots(...) is more expensive then a signup. However, if there is no limit on registration, the poll may be DDosed to prevent tallying.