Redundant Votes
Summary
In the Governance.sol contract the castVote function is missing a check for proposal.canceled, which can lead to redundant votes being cast on canceled proposals.
Vulnerability Details
The vulnerability arises from the absence of a check for the proposal.canceled flag in the castVote function. When a proposal is canceled, it should no longer accept votes. However, without this check, users can still cast votes on canceled proposals, leading to unnecessary and redundant voting activity.
Impact
The impact of this vulnerability is significant in terms of governance efficiency and user experience. Allowing votes on canceled proposals can lead to confusion among users and unnecessary processing within the governance system. It can also skew the voting results and metrics, as canceled proposals should not be included in active voting tallies. Over time, this can undermine the integrity of the governance process and lead to potential disputes or misunderstandings among participants.
Tools Used
Manual Review
Recommendations
To mitigate this vulnerability, add a check for the proposal.canceled flag in the castVote function. This will ensure that votes are only cast on active proposals, maintaining the integrity and efficiency of the governance process. The updated function should look like this:
This change will prevent redundant votes on canceled proposals and ensure that the governance system operates as intended.
Lead Judging Commences
Governance::castVote lacks canceled/executed proposal check, allowing users to waste gas voting on proposals that can never be executed
Governance::castVote lacks canceled/executed proposal check, allowing users to waste gas voting on proposals that can never be executed
Prize pool breakdown
Live
The contest is live. Earn rewards by submitting a finding.
Appeals
This is your time to appeal against judgements on your submissions.
Appeals Review
Appeals are being carefully reviewed by our judges.