Users cannot utilize their full voting power if they vote before increasing their veRAACTokens
Summary
If a user votes on a proposal and subsequently increases their veRAACTokens, they will not be able to utilize their full voting power due to a restriction in the castVote() function of Governance.sol.
Vulnerability Details
Users who possess veRAACTokens can vote on governance proposals. The increase() function in veRAACToken.sol allows users to lock additional RAACTokens in exchange for more veRAACTokens, thereby increasing their voting power. However, if a user has already voted, their voting power does not update accordingly. This is due to a check in Governance.sol::castVote() that prevents them from utilizing their newly acquired veRAACTokens.
Reference - Governance.sol#L192-L194
Impact
Users who increase their veRAACTokens after voting are unable to apply their updated voting power to the proposal.
PoC
Consider the following scenario:
Alice locks 100 RAACTokens in veRAACToken.sol and receives 100 veRAACTokens.
Alice votes on a proposal with 100 veRAACTokens.
Immediately afterward, Alice locks an additional 100 RAACTokens, increasing her veRAACToken balance to 200.
However, Alice’s vote remains counted based on her initial 100 veRAACTokens, and she cannot update her voting power for the same proposal.
Tools Used
Manual review
Recommendations
Allow users to update their vote if their voting power changes before the proposal ends.
Prize pool breakdown
Live
The contest is live. Earn rewards by submitting a finding.
Appeals
This is your time to appeal against judgements on your submissions.
Appeals Review
Appeals are being carefully reviewed by our judges.