President Elector

First Flight #24

Beginner FriendlyFoundry

100 EXP

View results

Previous Next

Submission Details

Severity: medium

Valid

`TYPEHASH` Constant is set to the wrong value

coffee

Summary

The TYPEHASH constant is set to the wrong value and will cause the rankCandidatesBySig function to not work correctly once it is called.

Vulnerability Details

The TYPEHASH constant is set below

bytes32 public constant TYPEHASH = keccak256("rankCandidates(uint256[])");

This is the incorrect input parameter for the rankCandidates function. Instead of being type uint256, it should be of type address[].

This constant is used in the rankCandidatesBySig function. It will not work as expected with this wrong input parameter type as the hashed value will be incorrect.

Tools Used

--Foundry

Recommendations

It is recommended to change the input parameter type when setting the TYPEHASH constant.

-bytes32 public constant TYPEHASH = keccak256("rankCandidates(uint256[])");

+bytes32 public constant TYPEHASH = keccak256("rankCandidates(address[])");

Updates

Lead Judging Commences

inallhonesty Lead Judge about 1 year ago

Submission Judgement Published

Validated

Assigned finding tags:

Typehash hashes the wrong function input.

Rewards breakdown

nSLOC

140

This contest has a flat reward structure with the following payouts:

High

100 EXP

Medium

20 EXP

Low

2 EXP

Live

The contest is live. Earn rewards by submitting a finding.

Judging

Submissions are being carefully reviewed by our judges.

View all submissions

Appeals

This is your time to appeal against judgements on your submissions.

Appeals Review

Appeals are being carefully reviewed by our judges.

Rewards Distribution

The contest is complete and the rewards are being distributed.

View results

Support

FAQs

Can't find an answer? Chat with us on Discord, Twitter or Linkedin.