The Maker Foundation, the firm behind the DAI stablecoin project, announced that it has discovered a critical issue in its governance voting contract as part of a smart contract auditing process with Coinbase and Zeppelin. Specifically, the issue could allow someone to delete votes from the contract and freeze new participants out of the contract, a source said. The foundation is advising the owners behind the approximately 190 addresses that have staked MKR in the current MakerDAO governance voting contract to "move your MKR out of the contract and back into your personal wallet immediately." The Maker Foundation has created a guide to help walk these users through the process.
According to vote.makerdao.com, there were 114,876 MKR ($63 million) tokens staked in the recent stability fee voting proposal. In a statement released by Zeppelin, "after reviewing the amended contract" the firm confirms that the "vulnerability has now been fixed" and that "the security of the MKR token contract is not affected by our findings." According to The Block's sources, the specific details of the vulnerability are not set to be released until a later date.