100.00 DOT

845.72$

completed

Finding and fixing a vulnerability in broker-pallet

The new broker pallet, responsible for handling the Coretime procurement logic, had a vulnerability that allowed users to assign Coretime they no longer owned. This is, obviously, quite problematic.

A relatively small tip for an important discovery in the polkadot-sdk code. Oliver, commented that tips like these are fine for now but fellowship members, once they start earning their salary through the treasury, tips like these should stop.