Core Contracts

Summary

The veRAACToken::lock() function allows users to overwrite their existing lock by creating a new one with a shorter duration, enabling early unlocking of tokens and increasing vote power.

Vulnerability Details

The veRAACToken::lock() function allows users to create a new lock, which overwrites any existing lock they have. This design flaw enables users to lock tokens with a maximum duration of MAX_LOCK_DURATION - 1, vote with large voting power, and then shorten the lock duration to MIN_LOCK_DURATION to unlock their tokens earlier than expected.

The issue arises from the ability to reduce the lock duration after initially committing to a longer lock, which effectively gives users the benefit of voting with large power while maintaining the flexibility to unlock tokens early. This undermines the intended behavior of the lock mechanism, which aims to ensure that tokens are locked for a sufficient period to reflect their voting power.

The ability to overwrite the lock in this manner creates a loophole in the voting system, where users can take advantage of larger vote power for a shorter token lock duration.

Impact

By exploiting the ability to overwrite lock durations, users can:

• Increase their vote power without maintaining the required lock duration.

• Unlock tokens earlier than expected, bypassing the intended design of the locking mechanism.

• Distort governance by allowing users to vote with inflated vote power for a shorter time commitment, potentially manipulating governance outcomes.

Tools Used

vscode

Recommendations

Ensure that users cannot overwrite their existing lock unless certain conditions are met. One approach could be to prevent the lock from being updated unless the new lock is for a duration longer than the previous one.