Description

The selectPresident() function is responsible for tallying the votes and selecting the president based on the candidate rankings submitted by voters. However, possible MEV bot attacks or front-running attacks by validators make this process vulnerable.

Here’s how the attack could occur:

When a user calls the selectPresident() function, the transaction is sent to the mempool where it awaits processing. A validator monitoring the mempool can observe this transaction and calculate the result of the election. If the validator is unsatisfied with the winner, they could attempt to front-run the transaction by prioritizing additional valid voting transactions before the selectPresident() transaction is executed, since there is no voting period lock implemented and voters could any time change their own candidate rankings by simply calling rankCandidates. This could alter the vote counts and change the outcome of the election, allowing the malicious validator to influence the result in favor of their preferred candidate.

The attack is technically possible, but a malicious validator would have to get other voters to quickly submit their vote transactions to change or influence the number of votes in favor of their candidate before selectPresident() is executed. This is not trivial and requires a lot of cooperation. This behavior could undermine the fairness of the election and allow for potential tampering with the results.

Impact

The impact of this vulnerability is serious because it allows validators with control over the transaction order and their cooperators to potentially manipulate the outcome of the election.

Tools Used

Manual review, vscode

Recommended Mitigation

One possible solution is to use an MEV blocker, which is essentially a specialized RPC endpoint, such as https://cow.fi/mev-blocker. The RPC works by managing a permissionless network of validators and hiding transactions from the public mempool. The MEV bots cannot frontrun or sandwich these user transactions.