Core Contracts
Regnum Aurum Acquisition Corp
HardhatReal World AssetsNFT
77,280 USDC
View results
Previous Next
Submission Details
Severity: high
Invalid

Voting power can be tokenized and traded

robertodf99

Summary

Both EOAs and smart contract wallets can lock tokens to acquire voting power. Allowing arbitrary smart contracts to lock tokens for voting power would create a vulnerability. Smart contracts could tokenize voting rights by creating transferable wrapper tokens, effectively creating a secondary market for votes. This would undermine the vote-escrow mechanism's core purpose of ensuring long-term alignment between voters and the protocol.

Vulnerability Details

If arbitrary smart contracts could lock tokens:

  1. They could create wrapper contracts that issue transferable tokens representing claims on the locked voting power

  2. These wrapper tokens could be freely traded, circumventing the non-transferable property of veTokens

  3. Voting power could be rapidly accumulated by wealthy actors for short-term exploitation

  4. The governance process could be controlled by a small number of participants through vote markets

Impact

Skewed voting mechanism.

Tools Used

Manual review.

Recommendations

Add a whitelist for widely used multisg wallets, if the caller is a smart contract and is not in the whitelist, revert.

Updates

Lead Judging Commences

inallhonesty Lead Judge 2 months ago
Submission Judgement Published
Invalidated
Reason: Design choice
inallhonesty Lead Judge 2 months ago
Submission Judgement Published
Invalidated
Reason: Design choice

Appeal created

robertodf99 Submitter
2 months ago
inallhonesty Lead Judge
about 2 months ago
inallhonesty Lead Judge about 2 months ago
Submission Judgement Published
Invalidated
Reason: Design choice

Support

FAQs

Can't find an answer? Chat with us on Discord, Twitter or Linkedin.