Core Contracts
Regnum Aurum Acquisition Corp
HardhatReal World AssetsNFT
77,280 USDC
View results
Previous Next
Submission Details
Severity: low
Valid

Lack access control in veRAACToken Contract

certikfire

Summary

A critical vulnerability has been identified in the recordVote function of the veRAACToken contract. The function lacks access control mechanisms, allowing any external actor to record votes on behalf of any address. This poses a significant risk to the integrity of the voting system.

Vulnerability Details

The vulnerable function is located in contracts/core/tokens/veRAACToken.sol:

function recordVote(
address voter,
uint256 proposalId
) external {
if (_hasVotedOnProposal[voter][proposalId]) revert AlreadyVoted();
_hasVotedOnProposal[voter][proposalId] = true;
uint256 power = getVotingPower(voter);
emit VoteCast(voter, proposalId, power);
}

Key issues identified:

  • No access control modifiers (e.g., onlyGovernance)

  • No validation of the voter address

  • No validation of proposal existence or voting period

  • Any external actor can call this function for any address

Impact

The vulnerability can lead to several severe consequences:

1. Vote Manipulation: Attackers can record votes for any address without authorization

  • Denial of Service: Legitimate voters can be prevented from voting by maliciously marking them as "already voted"

  • Event Spam: Malicious actors can generate excessive VoteCast events

  • Governance Disruption: If other contracts rely on these voting records, the entire governance system could be compromised

Tools Used

  • Manual code review

  • Static analysis

  • Control flow analysis

Updates

Lead Judging Commences

inallhonesty Lead Judge 3 months ago
Submission Judgement Published
Validated
Assigned finding tags:

veRAACToken::recordVote lacks access control, allowing anyone to emit fake events

Support

FAQs

Can't find an answer? Chat with us on Discord, Twitter or Linkedin.