Submission Details
Severity:
Producers can manipulate the vote by generating new addresses.
Summary
Because anyone can vote.Producers can manipulate the vote by generating new addresses.
Vulnerability Details
function voteForMartenitsa(uint256 tokenId) external {
require(!hasVoted[msg.sender], "You have already voted");
require(block.timestamp < startVoteTime + duration, "The voting is no longer active");
list = _martenitsaMarketplace.getListing(tokenId);
require(list.forSale, "You are unable to vote for this martenitsa");
hasVoted[msg.sender] = true;
voteCounts[tokenId] += 1;
_tokenIds.push(tokenId);
}
Because anyone can vote.Producers can manipulate the vote by generating new addresses.
POC:
function testManipulateVoteCount() public listMartenitsa {
address addr1 = makeAddr("addr1");
address addr2 = makeAddr("addr2");
address addr3 = makeAddr("addr3");
vm.prank(addr1);
voting.voteForMartenitsa(0);
vm.prank(addr2);
voting.voteForMartenitsa(0);
vm.prank(addr3);
voting.voteForMartenitsa(0);
assert(voting.getVoteCount(0) == 3);
}
add this test function in MartenitsaVoting.t.sol,
then run forge test --mt testManipulateVoteCount
Impact
High
Tools Used
Foundry
Recommendations
Add restrictions to vote
Updates
Lead Judging Commences
bube over 1 year ago
Submission Judgement Published Reason: Design choice
Assigned finding tags:
Multiple addresses
Rewards breakdown
nSLOC
239This contest has a flat reward structure with the following payouts:
100 EXP
20 EXP
2 EXP
Live
The contest is live. Earn rewards by submitting a finding.
Appeals
This is your time to appeal against judgements on your submissions.
Appeals Review
Appeals are being carefully reviewed by our judges.