First Flight #13: Baba Marta
First Flight #13
Beginner FriendlyFoundryGameFi
100 EXP
View results
Previous Next
Submission Details
Severity: medium
Invalid

In `MartenitsaVoting` contract previous users vote count is not updating.

badal_sharma09

Description: The contract allows the users to participate in voting for martenitsa tokens listed on the marketplace (only producers can add their MartenitsaTokens for voting). After the voting period ends, the owner can announce the winner based on the number of votes, and the winner receives a HealthToken as a reward. However, In MartenitsaVoting::announceWinner the function is not resetting the voteCounts mapping counts because of that the previous voting counts remains always saved in the voteCounts mapping. for example, the next time when the voting for martenitsa tokens starts the previous user chasy who is in [0] number had 10 votes and he won. After that the next vote for martenitsa tokens is listed on the marketplace and the user jack who is in [0] number has
receives only 2 votes and user titi who is in [1] number receives 10 votes but Jack wins who has only 2 votes but the previous voteCounts mapping has already saved 10 votes and now jack have total 12 votes that's the reason he wins.

function announceWinner() external onlyOwner {
require(block.timestamp >= startVoteTime + duration, "The voting is active");
uint256 winnerTokenId;
uint256 maxVotes = 0;
for (uint256 i = 0; i < _tokenIds.length; i++) {
if (voteCounts[_tokenIds[i]] > maxVotes) {
maxVotes = voteCounts[_tokenIds[i]];
winnerTokenId = _tokenIds[i];
}
}
list = _martenitsaMarketplace.getListing(winnerTokenId);
_healthToken.distributeHealthToken(list.seller, 1);
emit WinnerAnnounced(winnerTokenId, list.seller);
}

Impact: In the MartenitsaVoting contract previous users' vote count is not updating because this voteCounts mapping is no longer usable and the contract just becomes trash.

Proof Of Concept: Paste this test to your test folder and run the test.

function test_voteCountNotUpdated() public {
// First voting is started for bracelet
vm.startPrank(chasy);
martenitsaToken.createMartenitsa("bracelet");
marketplace.listMartenitsaForSale(0, 1 wei);
vm.stopPrank();
vm.prank(bob);
// now, vote count is 1
voting.voteForMartenitsa(0);
vm.warp(block.timestamp + 1 days + 1);
vm.recordLogs();
uint256 voteCount = voting.getVoteCount(0);
voting.announceWinner();
assertEq(voteCount, 1);
Vm.Log[] memory entries = vm.getRecordedLogs();
address winner = address(uint160(uint256(entries[0].topics[2])));
assert(winner == chasy);
//Second voting is started
vm.warp(block.timestamp);
voting.startVoting();
vm.startPrank(chasy);
martenitsaToken.createMartenitsa("bracelet");
marketplace.listMartenitsaForSale(0, 1 wei);
vm.stopPrank();
vm.prank(jack);
voting.voteForMartenitsa(0);
// previous vote count is not reset that's why the vote count is 2 not 1
uint256 voteCount1 = voting.getVoteCount(0);
vm.warp(block.timestamp + 1 days + 1);
vm.recordLogs();
voting.announceWinner();
assertEq(voteCount1, 2);
console.log("Vote count:", voteCount);
console.log("Vote count:", voteCount1);
}

Recommendation: Delete all the participant's votes from the voteCounts mapping so that next time the vote count starts from the start not from the midpoint.

Updates

Lead Judging Commences

bube Lead Judge over 1 year ago
Submission Judgement Published
Invalidated
Reason: Design choice

Support

FAQs

Can't find an answer? Chat with us on Discord, Twitter or Linkedin.