Submission Details
Severity:
Recording a vote has no access control, allowing anyone to call it for anyone
Summary
Recording a vote has no access control, allowing anyone to call it for anyone
Vulnerability Details
function recordVote(address voter, uint256 proposalId) external {
if (_hasVotedOnProposal[voter][proposalId]) revert AlreadyVoted();
_hasVotedOnProposal[voter][proposalId] = true;
uint256 power = getVotingPower(voter);
emit VoteCast(voter, proposalId, power);
}
The function has no access control and can be called by anyone for any voter and any proposal ID. This allows malicious actors to record votes for random proposal IDs and can range all sorts of impacts for the protocol.
Impact
Anyone can record a vote for anyone else, this breaks the idea behind voting.
Tools Used
Manual Review
Recommendations
Use msg.sender.
Updates
Lead Judging Commences
inallhonesty 7 months ago
Submission Judgement Published Assigned finding tags:
veRAACToken::recordVote lacks access control, allowing anyone to emit fake events
inallhonesty 7 months ago
Submission Judgement Published Assigned finding tags:
veRAACToken::recordVote lacks access control, allowing anyone to emit fake events
Appeal created
s4muraii77
7 months ago
inallhonesty
7 months ago
inallhonesty 6 months ago
Submission Judgement Published Assigned finding tags:
veRAACToken::recordVote lacks access control, allowing anyone to emit fake events
Prize pool breakdown
Total prize
77,280 USDC
nSLOC
3,86420
USDC / LOC
74,000
3,280
Live
The contest is live. Earn rewards by submitting a finding.
Appeals
This is your time to appeal against judgements on your submissions.
Appeals Review
Appeals are being carefully reviewed by our judges.