Submission Details
Severity:
An attacker can reuse a voter's signature and call `RankedChoice::rankCandidatesBySig` in different elections
Summary
An attacker can store the signature used in the RankedChoice::rankCandidatesBySig function and reuse it to call RankedChoice::rankCandidatesBySig in different elections, effectively overwriting the voter's vote.
Impact
If the voter doesn’t cast a vote in a future election, the attacker can vote on their behalf using the candidates from previous elections (where the voter signed the voting message).
If the voter does vote, the attacker can modify their candidate list.
Recommendations
The hashed message should also include s_voteNumber so the signature cannot be reused in different elections:
- bytes32 public constant TYPEHASH = keccak256("rankCandidates(uint256[])");
+ bytes32 public constant TYPEHASH = keccak256("rankCandidates(address[], uint256)");
function rankCandidatesBySig(address[] memory orderedCandidates, bytes memory signature) external {
- bytes32 structHash = keccak256(abi.encode(TYPEHASH, orderedCandidates));
+ bytes32 structHash = keccak256(abi.encode(TYPEHASH, orderedCandidates, s_voteNumber));
bytes32 hash = _hashTypedDataV4(structHash);
address signer = ECDSA.recover(hash, signature);
_rankCandidates(orderedCandidates, signer);
}
Updates
Lead Judging Commences
inallhonesty about 1 year ago
Submission Judgement Published Assigned finding tags:
Replay Attack - The same signature can be used over and over
Rewards breakdown
nSLOC
140This contest has a flat reward structure with the following payouts:
100 EXP
20 EXP
2 EXP
Live
The contest is live. Earn rewards by submitting a finding.
Appeals
This is your time to appeal against judgements on your submissions.
Appeals Review
Appeals are being carefully reviewed by our judges.