Submission Details
Severity:
Voter can vote for the same candidate 10 times
Summary
No check preventing a voter from ranking the same candidate in all 10 positions of their vote. Result is that the same candidate receives 10 votes.
Vulnerability Details
function _selectPresidentRecursive( //@audit critical vote counting logic.
address[] memory candidateList,
uint256 roundNumber
) internal returns (address[] memory) {
if (candidateList.length == 1) {
return candidateList;
}
// Tally up the picks
for (uint256 i = 0; i < VOTERS.length; i++) {
for (
uint256 j = 0;
j < s_rankings[VOTERS[i]][s_voteNumber].length;
j++
) {
address candidate = s_rankings[VOTERS[i]][s_voteNumber][j];
if (_isInArray(candidateList, candidate)) { //@audit there should be a check here to ensure no repeated candidates.
s_candidateVotesByRound[candidate][s_voteNumber][
roundNumber
] += 1;
break;
} else {
continue;
}
}
}
Impact
The result is the same candidate receives 10 votes in a single ranking casted by a an approved voter.
Tools Used
Manual Review
Recommendations
Implement a check that ensures that every candidate ranked by an approved voter is unique.
Updates
Lead Judging Commences
inallhonesty about 1 year ago
Submission Judgement Published Assigned finding tags:
rankCandidates() allows duplicate votes inside the `orderedCandidates` array
Appeal created
inallhonesty about 1 year ago
Submission Judgement Published Reason: Incorrect statement
Assigned finding tags:
rankCandidates() allows duplicate votes inside the `orderedCandidates` array
Rewards breakdown
nSLOC
140This contest has a flat reward structure with the following payouts:
100 EXP
20 EXP
2 EXP
Live
The contest is live. Earn rewards by submitting a finding.
Appeals
This is your time to appeal against judgements on your submissions.
Appeals Review
Appeals are being carefully reviewed by our judges.