President Elector
First Flight #24
Beginner FriendlyFoundry
100 EXP
View results
Previous Next
Submission Details
Severity: high
Invalid

Return Value Of zero (0) not checked from Ecrecover

horpheyhemmy

Summary

function RankedChoice::rankCandidatebySig uses the solidity precompile function ecrecover , however the return value of 0 is not checked for.

Vulnerability Details

" The ecrcover recover the address associated with the public key from elliptic curve signature or return zero on error."

According to the solidity docs. see --- https://docs.soliditylang.org/en/v0.8.9/units-and-global-variables.html?highlight=ecrecover#mathematical-and-cryptographic-functions

Upon error you can supply invalid input parameters to the RankedChoice::rankCandidatebySig function then the check is matched and the signature checker is bypassed.

``

function rankCandidatesBySig(
address[] memory orderedCandidates,
bytes memory signature
) external {
bytes32 structHash = keccak256(abi.encode(TYPEHASH, orderedCandidates));
bytes32 hash = _hashTypedDataV4(structHash);
address signer = ECDSA.recover(hash, signature);
_rankCandidates(orderedCandidates, signer);
}

Enabling an attacker to DDOS the election and influence the result of the election.

Impact

An attacker can determine the Election Outcome and elect whoever they want

Tools Used

Manual Analysis

Recommendations

The check require(signer != address(0), "Invalid signature")should be added to the return value of the signature recovered using ecrecover before the external interaction _rankCandidates(orderedCandidates, signer)is done.

require(signer != address(0), "Invalid signature");
_rankCandidates(orderedCandidates, signer); ``
Updates

Lead Judging Commences

inallhonesty Lead Judge 12 months ago
Submission Judgement Published
Invalidated
Reason: Incorrect statement

Support

FAQs

Can't find an answer? Chat with us on Discord, Twitter or Linkedin.