# Governance audit fixes ## 1. Liquidity Pool providers can create an infinite amount of delegated vote power This issue was fixed by using a snapshot of the voting power. The two main commits are: [34a6c1422c7d1f7f5630c955da058bfccb430376](https://github.com/gyrostable/governance/pull/45/commits/34a6c1422c7d1f7f5630c955da058bfccb430376) and [84cfe67c9c23ade939a8880eea0fd2a42155f266](https://github.com/gyrostable/governance/pull/45/commits/84cfe67c9c23ade939a8880eea0fd2a42155f266). For full context, see [PR 45](https://github.com/gyrostable/governance/pull/45/commits/84cfe67c9c23ade939a8880eea0fd2a42155f266). ## 2. Voting power can be reused for proposal voting Same fix as issue 1. ## 3. Voting power of users is not being correctly stored when votes are cast Fixed in [d45556d49a78375d7857ee5620f9fcc3c8c604a0](https://github.com/gyrostable/governance/commit/d45556d49a78375d7857ee5620f9fcc3c8c604a0). ## 4. Any user can mint a RecruitNFT after the first valid mint Fixed in [903a32055fdc01a751e0e4274a4f6ef6b47941cd](https://github.com/gyrostable/governance/commit/903a32055fdc01a751e0e4274a4f6ef6b47941cd). ## 5. Burn actions affect users with withdrawal waiting time completed We accept the risk here and this will be documented appropriately. ## 6. Function claimNFT(...) can be frontrun Fixed in [c575f30c3831180135a2c16b1ae93b15c4db43ee](https://github.com/gyrostable/governance/commit/c575f30c3831180135a2c16b1ae93b15c4db43ee). ## 7. Function setSchedule(...) always reverts after it is called once Fixed in [7921df3bd8f0a8ecfe964c63bb19e8fda5cd1db0](https://github.com/gyrostable/governance/commit/7921df3bd8f0a8ecfe964c63bb19e8fda5cd1db0). ## 8. Underflow in WrappedERC20WithEMA for withdraw transactions Fixed in [dbb48bc87db0a0095cb961292c518c3be7e5f739](https://github.com/gyrostable/governance/commit/dbb48bc87db0a0095cb961292c518c3be7e5f739). ## 9. WrappedERC20WithEMA can lock underlying tokens if elapsed time windows exceed 41 Fixed in [dbb48bc87db0a0095cb961292c518c3be7e5f739](https://github.com/gyrostable/governance/commit/dbb48bc87db0a0095cb961292c518c3be7e5f739) (same commit as fix for 8.). ## 10. Function _updateEMA() may fail when windowWidth is set to a low value Fixed in [290f0944b684aee89fda1d49626aeb202e64b585](https://github.com/gyrostable/governance/commit/290f0944b684aee89fda1d49626aeb202e64b585). ## 11. Users cannot withdraw all their assets from GydRecovery Fixed in [30cda8992712e484c992a99a84f93422f7813398](https://github.com/gyrostable/protocol/commit/30cda8992712e484c992a99a84f93422f7813398). ## 12. int256 unsafely casted to uint256 during EMA calculations Fixed in [dbb48bc87db0a0095cb961292c518c3be7e5f739](https://github.com/gyrostable/governance/commit/dbb48bc87db0a0095cb961292c518c3be7e5f739) (same commit as fix for 8.). ## 13. Max supply of recruitNFT cannot be reached Fixed in [df51e0b25177f40b4d04b9d7d84574c65fb64c00](https://github.com/gyrostable/governance/commit/df51e0b25177f40b4d04b9d7d84574c65fb64c00). ## 14. The function setSchedule(...) accepts scheduleEndsAt equal to scheduleStartsAt Fixed in [232e5cedafa01872235382c8eb387256f876294e](https://github.com/gyrostable/governance/commit/232e5cedafa01872235382c8eb387256f876294e). ## 15. Users are forced to delegate voting power in LPVault Fixed in [c6abf7ddfe657105cec9404642fa03f979a7ca09](https://github.com/gyrostable/governance/commit/c6abf7ddfe657105cec9404642fa03f979a7ca09). ## 16. Using delete on a Solidity array won’t decrease its length Fixed in [c1cbddac8031dd22e5a6f5cd655cee002b559d8f](https://github.com/gyrostable/governance/commit/c1cbddac8031dd22e5a6f5cd655cee002b559d8f). ## 17. Wrong value used in _getSelector(...) Fixed in [55c8ac615e266f94c33aeb3c47c04248916f0aff](https://github.com/gyrostable/governance/commit/55c8ac615e266f94c33aeb3c47c04248916f0aff). ## 18. DataTypes.Status defaults to Active Fixed in [eb89183c9979ab5efe3949e0ee575d494720635c](https://github.com/gyrostable/governance/commit/eb89183c9979ab5efe3949e0ee575d494720635c). ## 19. claimNFT(...) does not properly check multiplier Fixed in [12fd96390171075c311de2544d1cb5ec12e8cf0f](https://github.com/gyrostable/governance/commit/12fd96390171075c311de2544d1cb5ec12e8cf0f). ## 20. State variable owner is shadowed in the function claimNFT(...) Fixed in [ba613d2dc810e4cf67fedf1e28ff12e1031d4693](https://github.com/gyrostable/governance/commit/ba613d2dc810e4cf67fedf1e28ff12e1031d4693). ## 21. Transaction status is not checked Fixed in [f7929a9f7c645619c376e5d8bc68cba83cd7e6b6](https://github.com/gyrostable/governance/commit/f7929a9f7c645619c376e5d8bc68cba83cd7e6b6).
Last changed by  
Gyroscope
Gyroscope protocol
70

Read more

Protocol audit fixes

Fixed in c03689dd8198b362d9f504b450356e787a794939

8/9/2023
Gyroscope Senior Smart Contract Engineer Job Description

Gyroscope is an all-weather stablecoin. It's backed by a reserve portfolio that diversifies all DeFi risks - such as regulatory and governance risks - not just price risk. A Gyro Dollar can be minted for a price near $1 and can be redeemed for an amount near $1 in reserve assets, as determined through a new Automated Market Maker (AMM) design that balances risk in the system and concentrates liquidity around the $1 peg. More information about the protocol is available here, with the documentation here. Gyroscope has already gone through a testnet, a prototype launch, as well as several audits and we are targeting a launch by end of Q2 2023. We are a team of around 8 people and many of us are finishing or have completed PhDs in Computer Science and Mathematics. We are looking for a passionate smart-contract engineer to join us. You will be working closely with our other smart contract engineers to build and test Gyroscope's smart contracts. Role Work on and enhance the design of the protocol's smart contracts

5/12/2023
Gyroscope Lead Frontend Engineer Job Description

Gyroscope is an all-weather stablecoin. It's backed by a reserve portfolio that diversifies all DeFi risks - such as regulatory and governance risks - not just price risk. A Gyro Dollar can be minted for a price near $1 and can be redeemed for an amount near $1 in reserve assets, as determined through a new Automated Market Maker (AMM) design that balances risk in the system and concentrates liquidity around the $1 peg. More information about the protocol is available here, with the documentation here. After a very successful testnet we are now looking forward to launching on mainnet. We're a team of around 6 and most of us are finishing or have completed PhDs in Computer Science and Mathematics. We are looking for a passionate front-end engineer to join us. You will be leading front-end development and will work closely with our smart contract engineers and design team to build and improve the Gyroscope frontend. We're planning to release V1 in Q4 2021. Role

7/27/2021
Read more from Gyroscope
Published on HackMD