Fit White Dog
Medium
The threshold validation logic where it incorrectly validates the threshold against required signatures using an equality check (!=) instead of checking if the threshold is too low (<). This causes the contract to revert valid threshold configurations that are higher than the minimum required signatures.
The affected code is responsible for validating the threshold setting in the Safe contract. The threshold determines the number of owner signatures required to execute transactions.
The current implementation contains the following issues:
- Comments specify checking for lower thresholds
- Implementation rejects higher thresholds
- Logic contradicts documented behavior
- Should use < (less than) operator
- Current logic rejects valid higher thresholds
Manual Review
Current Behavior: The contract currently uses != to check if the threshold equals the required number of valid signatures. This results in a revert if the threshold is either lower or higher than the required number of valid signatures.
Expected Behavior: The contract should only revert if the threshold is lower than the required valid signatures. It should allow a higher threshold since that would still be a valid, stricter configuration.
Instance: If there are 3 owners and the required valid signatures are 2, the contract should allow a threshold of 2 or higher (3, for example). However, the current logic incorrectly reverts when the threshold is set to 3.
Update the Validation Logic: Replace the != operator with < to enforce the correct threshold validation: if (threshold < _getRequiredValidSignatures(owners.length)) revert ThresholdTooLow();