Submission Details
Severity:
[H-1] `s_previousVoteEndTimeStamp` is not initiated
[H-1] s_previousVoteEndTimeStamp is not initiated
Description: s_previousVoteEndTimeStamp is not initiated :
In the constructor we don't initialized s_previousVoteEndTimeStamp. So s_previousVoteEndTimeStamp is 0. The following check in the function selectPresident() will always be true.
if (
block.timestamp - s_previousVoteEndTimeStamp <=
i_presidentalDuration
) {
revert RankedChoice__NotTimeToVote();
}
Impact: We can break the first election of president with that. We can rankCandidate() and selectPresident() directly after to make my voted candidate president directly.
Proof of Code:
Code
Add the following code to the `RankedChoiceTest.t.sol` file. function testFirstElectionDoNotNeedToWaitMinimumDuration() public {
assert(rankedChoice.getCurrentPresident() != candidates[0]);
orderedCandidates = [candidates[0], candidates[1], candidates[2]];
uint256 startingIndex = 0;
uint256 endingIndex = 24;
for (uint256 i = startingIndex; i < endingIndex; i++) {
vm.prank(voters[i]);
rankedChoice.rankCandidates(orderedCandidates);
}
vm.warp(block.timestamp + rankedChoice.getDuration());
rankedChoice.selectPresident();
assertEq(rankedChoice.getCurrentPresident(), candidates[0]);
}
Recommended Mitigation:
Please initialize s_previousVoteEndTimeStamp to block.timestamp in the constructor.
Updates
Lead Judging Commences
inallhonesty about 1 year ago
Submission Judgement Published Assigned finding tags:
`s_previousVoteEndTimeStamp` variable not being initialized correctly
Rewards breakdown
nSLOC
140This contest has a flat reward structure with the following payouts:
100 EXP
20 EXP
2 EXP
Live
The contest is live. Earn rewards by submitting a finding.
Appeals
This is your time to appeal against judgements on your submissions.
Appeals Review
Appeals are being carefully reviewed by our judges.