First Flight #13: Baba Marta

First Flight #13

Beginner FriendlyFoundryGameFi

100 EXP

View results

Previous Next

Submission Details

Severity: low

Invalid

Single user can create multiple wallets to vote in `MartenitsaVoting::voteForMartenitsa` function which can lead to manipulation of the voting and picking unfair winner.

mirkopezo

Summary

Single address can vote only once. But anyone can create multiple wallets to vote for specific token, which leads to manipulation of voting.

Vulnerability Details

Single user can create many EOA wallets for free and then call MartenitsaVoting::voteForMartenitsa function with each wallet to vote for specific token.

@> function voteForMartenitsa(uint256 tokenId) external {

require(!hasVoted[msg.sender], "You have already voted");

require(block.timestamp < startVoteTime + duration, "The voting is no longer active");

list = _martenitsaMarketplace.getListing(tokenId);

require(list.forSale, "You are unable to vote for this martenitsa");

hasVoted[msg.sender] = true;

voteCounts[tokenId] += 1;

_tokenIds.push(tokenId);

}

Impact

Voting can be easily manipulated by creating many wallets and voting for specific token. Which makes voting logic invalid and voting is main purpose of this MartenitsaVoting contract.

Proof of Concept

User creates 100 EOA wallets
Calls MartenitsaVoting::voteForMartenitsa function with each wallet to vote for token id 0
Now token id 0 has 100 votes

Place the following test into MartenitsaVoting.t.sol.

function testVoteForMartenitsaManipulation() public listMartenitsa {

voting.startVoting();

for (uint256 i; i < 100; i++) {

vm.prank(address(uint160(i)));

voting.voteForMartenitsa(0);

}

assert(voting.getVoteCount(0) == 100);

}

Tools Used

Manual review

Recommendations

Voting logic needs to be changed completely. In voting there shouldn't be logic that every address can vote once.

Updates

Lead Judging Commences

bube Lead Judge over 1 year ago

Submission Judgement Published

Invalidated

Reason: Design choice

Assigned finding tags:

Multiple addresses

mirkopezo Submitter

over 1 year ago

bube Lead Judge

over 1 year ago

bube Lead Judge over 1 year ago

Submission Judgement Published

Invalidated

Reason: Design choice

Assigned finding tags:

Multiple addresses

Rewards breakdown

nSLOC

239

This contest has a flat reward structure with the following payouts:

High

100 EXP

Medium

20 EXP

Low

2 EXP

Live

The contest is live. Earn rewards by submitting a finding.

Judging

Submissions are being carefully reviewed by our judges.

View all submissions

Appeals

This is your time to appeal against judgements on your submissions.

Appeals Review

Appeals are being carefully reviewed by our judges.

Rewards Distribution

The contest is complete and the rewards are being distributed.

View results

Support

FAQs

Can't find an answer? Chat with us on Discord, Twitter or Linkedin.