Realms — Core Attribute Voter
About the Protocol
NFT-based voting weight plugin for the SPL Governance program, enabling Realms DAOs to use NFT holdings as voter weight.
Findings (4)
NFT ownership change without relinquishing vote leads to rent loss
When an NFT is sold or transferred after a vote is cast but before relinquish_nft_vote is called, neither the old nor the new owner can recover the rent locked in the vote record.
Proposal validation asymmetry may lead to lost rent
cast_nft_vote validates the proposal less strictly than relinquish_nft_vote, allowing vote records to be created for proposals from a different realm that can never be closed to recover rent.
Setting max_voter_weight_expiry to a non-None value increases overhead for governance users
update_max_voter_weight_record incorrectly sets the expiry to the current slot instead of None, forcing governance participants to bundle an extra instruction call in every related operation.
Not overriding get_max_size may lead to unnecessary CU consumption
nft_vote_record implements AccountMaxSize but doesn't override get_max_size(), causing account size to be determined by in-memory serialization rather than a direct return value, wasting compute units.
Ready to Secure Your Project?
Let's discuss your project and ensure your security!