First Flight #6: Voting Booth

First Flight #6

Beginner FriendlyFoundry

100 EXP

View results

Previous Next

Submission Details

Severity: low

Valid

rewardPerVoter is subject to rounding errors

bra0xit

Summary

The rewardPerVoter value is subject to rounding errors - which might lead to locked funds on behalf of the vote proposal creator. This might also lead to attacker being able to withdraw these funds from the contract or lead to an error in a future calculated amount.

Vulnerability Details

In all except for the last voter, this calculation is made:

        uint256 rewardPerVoter = totalRewards / totalVotes;

Which is prone to rounding errors - which might lead to funds not getting paid out to the users who voted for but instead get locked up in the contract.

Impact

Might lead to locked funds or attackers being able to withdraw funds at a later date.

Tools Used

Recommendations

Use OpenZeppelin math library to make sure the rounding is as perfect (as close to zero) as can be.

Updates

Lead Judging Commences

0xnevi Lead Judge over 1 year ago

Submission Judgement Published

Validated

Assigned finding tags:

VotingBooth._distributeRewards(): Dust amount can still remain in contract

Rewards breakdown

This contest has a flat reward structure with the following payouts:

High

100 EXP

Medium

20 EXP

Low

2 EXP

Live

The contest is live. Earn rewards by submitting a finding.

Judging

Submissions are being carefully reviewed by our judges.

View all submissions

Appeals

This is your time to appeal against judgements on your submissions.

Appeals Review

Appeals are being carefully reviewed by our judges.

Rewards Distribution

The contest is complete and the rewards are being distributed.

View results

Support

FAQs

Can't find an answer? Chat with us on Discord, Twitter or Linkedin.