Core Contracts
Regnum Aurum Acquisition Corp
HardhatReal World AssetsNFT
77,280 USDC
View results
Previous Next
Submission Details
Severity: low
Valid

Unrestricted veRAACToken::recordVote Function Allowing Unauthorized Voting Marking

0xbz

Summary

The recordVote function in the veRAACToken contract is callable by anyone, it allows malicious actors to mark arbitrary addresses as having voted. This prevents legitimate users from voting.

Vulnerability Details

The recordVote function does not restrict who can call it. It only checks if the user has already voted on the specified proposal and updates the _hasVotedOnProposal mapping accordingly.

Since there is no access control and no modifiers or checks to restrict who can call it, any address can call this function with arbitrary parameters (voter and proposalId) to mark an address as having voted.

  • If _hasVotedOnProposal[voter][proposalId] is false, the function:

    • Sets it to true

    • Retrieves the voter’s power via getVotingPower

    • Emits VoteCast

  • If already true, it reverts with AlreadyVoted.

Impact

  • Malicious actors can prevent legitimate users from voting by marking their addresses as having already voted.

Tools Used

Recommendations

  • Restric access to maybe onlyVoteror onlyGovernanceor just add some form of access control

Updates

Lead Judging Commences

inallhonesty Lead Judge 4 months ago
Submission Judgement Published
Validated
Assigned finding tags:

veRAACToken::recordVote lacks access control, allowing anyone to emit fake events

Support

FAQs

Can't find an answer? Chat with us on Discord, Twitter or Linkedin.