Core Contracts
Regnum Aurum Acquisition Corp
HardhatReal World AssetsNFT
77,280 USDC
View results
Previous Next
Submission Details
Severity: low
Valid

`GaugeController::vote` Allows Voting on Inactive Gauges

0xdarko

Summary

Users are allowed to cast votes on inactive gauges which are useless and should be checked to prevent.

Vulnerability Details

[](https://github.com/Cyfrin/2025-02-raac/blob/89ccb062e2b175374d40d824263a4c0b601bcb7f/contracts/core/governance/gauges/GaugeController.sol#L190-L200)

In GaugeController::vote, the function only verifies if a gauge exists via isGauge() but doesn't check if the gauge is active. However, throughout the rest of the contract, inactive gauges are excluded from key operations:

function vote(address gauge, uint256 weight) external override whenNotPaused {
@> if (!isGauge(gauge)) revert GaugeNotFound(); // only checks if exists
// Missing: if (!gauges[gauge].isActive) revert GaugeNotActive();
if (weight > WEIGHT_PRECISION) revert InvalidWeight();
uint256 votingPower = veRAACToken.balanceOf(msg.sender);
if (votingPower == 0) revert NoVotingPower();
uint256 oldWeight = userGaugeVotes[msg.sender][gauge];
userGaugeVotes[msg.sender][gauge] = weight;
// @audit - we update gauge weight without checking if its live
_updateGaugeWeight(gauge, oldWeight, weight, votingPower);

This creates an inconsistency with other functions that do check for active status:

  • distributeRewards() requires isActive

  • getTotalWeight() only counts active gauges

  • _distributeToGauges() only distributes to active gauges

Impact

  • The votes will update the gauge's weight but have no effect on reward distribution

  • This creates a confusing user experience where votes appear successful but have no actual impact

  • Users' voting power is locked into gauges that don't participate in the system

Tools Used

Foundry

Recommendations

Inside of vote add the following check:

function vote(address gauge, uint256 weight) external override whenNotPaused {
if (!isGauge(gauge)) revert GaugeNotFound(); // only checks if exists
+ if (!gauges[gauge].isActive) revert GaugeNotActive();
if (weight > WEIGHT_PRECISION) revert InvalidWeight();
uint256 votingPower = veRAACToken.balanceOf(msg.sender);
if (votingPower == 0) revert NoVotingPower();
uint256 oldWeight = userGaugeVotes[msg.sender][gauge];
userGaugeVotes[msg.sender][gauge] = weight;
_updateGaugeWeight(gauge, oldWeight, weight, votingPower);
Updates

Lead Judging Commences

inallhonesty Lead Judge about 1 month ago
Submission Judgement Published
Validated
Assigned finding tags:

GaugeController::vote allows users to waste voting power on inactive gauges that don't receive rewards

inallhonesty Lead Judge about 1 month ago
Submission Judgement Published
Validated
Assigned finding tags:

GaugeController::vote allows users to waste voting power on inactive gauges that don't receive rewards

Support

FAQs

Can't find an answer? Chat with us on Discord, Twitter or Linkedin.