Summary

The selectPresident() function in the RankedChoice contract uses block.timestamp for a critical time-based comparison. This usage can potentially be manipulated by miners, leading to unexpected behavior in the contract's execution.

Vulnerability Details

The function relies on block.timestamp to determine if sufficient time has passed since the last vote. Miners can manipulate block.timestamp within a small range, potentially affecting the timing of president selection.

RankedChoice.selectPresident() (src/RankedChoice.sol#57-90) uses timestamp for comparisons
Dangerous comparisons:
- block.timestamp - s_previousVoteEndTimeStamp <= i_presidentalDuration (src/RankedChoice.sol#60-62)
Reference: https://github.com/crytic/slither/wiki/Detector-Documentation#block-timestamp

Impact

Miners could potentially influence the timing of president selection by slightly adjusting the block timestamp.

This manipulation could allow for selecting a president earlier or later than intended by the contract's design.

In close timing scenarios, it might be possible to unfairly trigger or prevent the selection process

Tools Used

slither .

Recommendations

Use Block Numbers: Replace timestamp-based calculations with block number-based calculations. Block numbers are more resistant to miner manipulation.