The rankCandidates()
and rankCandidatesBySig()
functions allow a voter to submit an array of ordered candidates for ranking. However, the contract does not enforce that each candidate can only be ranked once by a voter. A voter can include the same candidate multiple times in their ranking list, giving an unfair advantage to that candidate.
If a voter ranks the same candidate multiple times, that candidate may receive an inflated number of votes, affecting the fairness of the election. This could lead to skewed results, where candidates are unfairly prioritized due to duplicate entries.
'''
address;
orderedCandidates[0] = address(0x123);
orderedCandidates[1] = address(0x123);
orderedCandidates[2] = address(0x456);
rankedChoice.rankCandidates(orderedCandidates);
'''
In this scenario, the same candidate (0x123
) is ranked twice, giving it an unfair advantage.
Manual Review
Implement a check within _rankCandidates()
and rankCandidatesBySig()
to ensure that no candidate appears more than once in the orderedCandidates
array. An easy way to do this is by iterating over the array and checking for duplicates before recording the ranking.
The contest is live. Earn rewards by submitting a finding.
This is your time to appeal against judgements on your submissions.
Appeals are being carefully reviewed by our judges.