The RankedChoice
contract is vulnerable to replay attacks due to its rankCandidatesBySig
function not including mechanisms to prevent the reuse of signatures. This vulnerability allows an attacker to exploit valid signatures from previous transactions to submit multiple votes, potentially altering the election results.
The rankCandidatesBySig
function in the RankedChoice
contract allows users to submit their ranked list of candidates using a signature. However, the current implementation does not include a mechanism to prevent the reuse of a valid signature. This opens the possibility of a replay attack, where an attacker could reuse a previously valid signature to submit the same vote multiple times.
An attacker can potentially manipulate the voting process by re-submitting previously signed votes, thereby altering the election outcome. This vulnerability undermines the integrity of the voting process by allowing vote duplication.
A voter signs a ranked list of candidates and submits it via rankCandidatesBySig
.
An attacker intercepts this transaction and re-submits the same signature multiple times.
The contract accepts the signature repeatedly, since no nonce or s_voteNumber
is used to invalidate reused signatures.
Nonce Implementation: Include a nonce for each voter, ensuring that each vote submission is unique. If a signature is reused, the nonce would prevent it from being accepted again.
Example:
Include s_voteNumber
in Signature: Incorporating the s_voteNumber
(current election round) in the signature hash ensures that each election requires a new signature. This strengthens security by tying signatures to specific voting periods.
The contest is live. Earn rewards by submitting a finding.
This is your time to appeal against judgements on your submissions.
Appeals are being carefully reviewed by our judges.