Core Contracts
Regnum Aurum Acquisition Corp
HardhatReal World AssetsNFT
77,280 USDC
View results
Previous Next
Submission Details
Severity: low
Valid

Voting on Cancelled Proposals

s0x0mtee

Summary

The castVote function in the Governance contract allows users to cast votes on proposals that have already been cancelled. This can lead to unnecessary gas costs for users who may not be aware that the proposal they are voting on is no longer valid.

Vulnerability Details

In the castVote function, there is no check to prevent voting on proposals that have been cancelled. The relevant code snippet is as follows:

function castVote(uint256 proposalId, bool support) external override returns (uint256) {
ProposalCore storage proposal = _proposals[proposalId];
if (proposal.startTime == 0) revert ProposalDoesNotExist(proposalId);
if (block.timestamp < proposal.startTime) {
revert VotingNotStarted(proposalId, proposal.startTime, block.timestamp);
}
if (block.timestamp > proposal.endTime) {
revert VotingEnded(proposalId, proposal.endTime, block.timestamp);
}
ProposalVote storage proposalVote = _proposalVotes[proposalId];
if (proposalVote.hasVoted[msg.sender]) {
revert AlreadyVoted(proposalId, msg.sender, block.timestamp);
}
uint256 weight = _veToken.getVotingPower(msg.sender);
if (weight == 0) {
revert NoVotingPower(msg.sender, block.number);
}
proposalVote.hasVoted[msg.sender] = true;
if (support) {
proposalVote.forVotes += weight;
} else {
proposalVote.againstVotes += weight;
}
emit VoteCast(msg.sender, proposalId, support, weight, "");
return weight;
}

Impact

Users can incur gas costs when attempting to vote on proposals that have been cancelled, leading to a poor user experience and potential financial loss. This could also lead to confusion regarding the status of proposals and the voting process.

Tools Used

  • Manual code review

Recommendations

To mitigate this issue, a check should be added to the castVote function to ensure that the proposal has not been cancelled before allowing a vote to be cast. The updated code snippet could look like this:

if (proposal.canceled) {
revert ProposalCanceled(proposalId);
}

This check should be added after verifying that the proposal exists and before checking the voting time constraints.

Updates

Lead Judging Commences

inallhonesty Lead Judge 7 months ago
Submission Judgement Published
Validated
Assigned finding tags:

Governance::castVote lacks canceled/executed proposal check, allowing users to waste gas voting on proposals that can never be executed

inallhonesty Lead Judge 7 months ago
Submission Judgement Published
Validated
Assigned finding tags:

Governance::castVote lacks canceled/executed proposal check, allowing users to waste gas voting on proposals that can never be executed

Support

FAQs

Can't find an answer? Chat with us on Discord, Twitter or Linkedin.

Give us feedback!