President Elector

First Flight #24

Beginner FriendlyFoundry

100 EXP

View results

Previous Next

Submission Details

Severity: high

Invalid

Overcounting Votes Due to Duplicate Candidate Entries in Rankings

a1111198

Summary

Voters can submit rankings that include the same candidate multiple times (e.g., [A, A, A]). The current implementation does not check for duplicate entries, which can lead to overcounting votes for that candidate and violate the principle of one person, one vote.

Vulnerability Details

Affected Function: _selectPresidentRecursive
Issue Explanation:
- No Duplicate Checks: The contract does not verify whether a voter's orderedCandidates contains unique candidates.
- Vote Overcounting: When tallying votes, the first preference of a voter is counted. However, if duplicates exist, and if the candidate is eliminated, the vote may incorrectly be transferred back to the same candidate.
- Violates Voting Principles: This behavior can give unfair advantage to candidates with duplicate entries in voter rankings.

Impact

Severity: Medium

Election Integrity: The fairness of the election is compromised due to improper vote counting.
Unintended Outcomes: Candidates may receive more votes than warranted, skewing the election results.

Tools Used

Manual Code Review: Identified lack of duplicate entry checks in voter rankings.

Recommendations

Validate Voter Rankings:
- Uniqueness Check: Ensure that each candidate appears only once in a voter's ranking.
  
  function _rankCandidates(
  address[] memory orderedCandidates,
  address voter
  ) internal {
  // Existing checks...
  require(_isUniqueArray(orderedCandidates), "Duplicate candidates in ranking");
  // Rest of the function...
  }
  function _isUniqueArray(address[] memory array) internal pure returns (bool) {
  for (uint256 i = 0; i < array.length - 1; i++) {
  for (uint256 j = i + 1; j < array.length; j++) {
  if (array[i] == array[j]) {
  return false;
  }
  }
  }
  return true;
  }
Update Vote Counting Logic:
- Modify the tallying mechanism to account for and ignore duplicate entries.
Educate Voters:
- Provide guidelines to voters on how to correctly submit their rankings without duplicates.

Updates

Lead Judging Commences

inallhonesty Lead Judge 9 months ago

Submission Judgement Published

Validated

Assigned finding tags:

rankCandidates() allows duplicate votes inside the `orderedCandidates` array

Appeal created

inallhonesty Lead Judge 9 months ago

Submission Judgement Published

Invalidated

Reason: Incorrect statement

Assigned finding tags:

rankCandidates() allows duplicate votes inside the `orderedCandidates` array

Rewards breakdown

nSLOC

140

This contest has a flat reward structure with the following payouts:

High

100 EXP

Medium

20 EXP

Low

2 EXP

Live

The contest is live. Earn rewards by submitting a finding.

Judging

Submissions are being carefully reviewed by our judges.

View all submissions

Appeals

This is your time to appeal against judgements on your submissions.

Appeals Review

Appeals are being carefully reviewed by our judges.

Rewards Distribution

The contest is complete and the rewards are being distributed.

View results

Support

FAQs

Can't find an answer? Chat with us on Discord, Twitter or Linkedin.