Submission Details
Severity:
Users with zero voting power can vote on proposals
Summary
Users with zero voting power can successfully vote on proposals.
Vulnerability Details
There's a function recordVote inside veRAACToken.sol which records votes for a proposal:
function recordVote(
address voter,
uint256 proposalId
) external {
if (_hasVotedOnProposal[voter][proposalId]) revert AlreadyVoted();
_hasVotedOnProposal[voter][proposalId] = true;
uint256 power = getVotingPower(voter);
emit VoteCast(voter, proposalId, power);
}
As you can see, there is no check to verify if the user has any voting power. The function only checks the voting power after the user has successfully voted, and then it emits the voting power.
Impact
This vulnerability allows users with zero voting power to cast votes, potentially distorting the voting process.
Tools Used
Manual Review
Recommendations
function recordVote(
address voter,
uint256 proposalId
) external {
+ require(getVotingPower(voter) > 0, "no voting power");
if (_hasVotedOnProposal[voter][proposalId]) revert AlreadyVoted();
_hasVotedOnProposal[voter][proposalId] = true;
- uint256 power = getVotingPower(voter);
emit VoteCast(voter, proposalId, power);
}
Prize pool breakdown
Total prize
77,280 USDC
nSLOC
3,86420 USDC / LOC
74,000
3,280
Live
The contest is live. Earn rewards by submitting a finding.
Appeals
This is your time to appeal against judgements on your submissions.
Appeals Review
Appeals are being carefully reviewed by our judges.