Description

The treasury coins support any number of user-provided CREATE_COIN conditions, simply prepending one of its own recreate itself. Although it prevents users from splitting the treasury coin with the exact same puzzle hash, users may still create new, different treasury coins.

This is an issue because treasury-coin validity is lineage based. Specifically, there are states like LAUNCHER_ID and RING_PREV_LAUNCHER_ID that enforce important protocol invariants, such as in puzzles that require knowledge of the entire treasury's balance.

Impact

Users can create small pockets of treasury coins that look like the entire thing. This could result in auctions being started despite the real treasury balance being too high.

Recommendations

We recommend implementing stronger condition filtering on the coin.

Remediation

This issue has been acknowledged by Voltage Technologies Ltd., and a fix was implemented in commit d98ddd52↗.