Due to a bug in the frontend, which has now been fixed, some SubDAOs were created with themself set as their contract-level admin (instead of their parent DAO). The security risk is minor and easy to fix. Keep reading for a brief explanation and guide on how to fix it.
What does this mean?
When you create a SubDAO, there are two different admins that need to be configured.
The first one, built into the smart contract code, allows the parent DAO to execute messages on behalf of the SubDAO. This is what gives the parent DAO operational authority over the SubDAO.
The second one, built into the CosmWasm module on the chain, controls who is allowed to migrate the smart contract code itself. This is what gives a DAO sovereignty.
Crucially, SubDAOs are not supposed to be self-sovereign. This power allows a SubDAO to update its code and separate from its parent DAO without the parent DAO’s consent.
Is my SubDAO affected?
When you go to your SubDAO’s page, a banner appears at the top explaining the issue and prompting you to fix it. If you don’t see a banner, your SubDAO is not affected.
How do I fix it?
If you are a member of the SubDAO or parent DAO, simply click the banner. Doing so will open the proposal creation page in whichever DAO you’re a member of.
If you’re a member of the SubDAO, you should see an action automatically added to the proposal that looks like this:
If you’re a member of the parent DAO but not the SubDAO, you should see an action that looks like this instead:
Because the parent DAO has operational authority over its SubDAOs, it can perform the fix on behalf of its SubDAOs, as seen above.
Now just publish the proposal, vote on it, and execute it, and your SubDAO will be fixed!
SubDAOs created in the future will not experience this issue.
Credit
Thanks to Lorenzo Giovenali for discovering and reporting this issue.
