Core Contracts
Regnum Aurum Acquisition Corp
HardhatReal World AssetsNFT
77,280 USDC
View results
Previous Next
Submission Details
Severity: low
Invalid

Inconsistent State Updates in `GaugeController::vote` Function

auditbyte

Summary

The GaugeController::vote function updates the userGaugeVotes state variable before calling _updateGaugeWeight. If _updateGaugeWeight fails due to underflow or other errors, the userGaugeVotes state will still be updated, leading to an inconsistent state. This violates the checks-effects-interactions pattern and could result in a corrupted contract state.

Vulnerability Details

The vulnerability lies in the following code:

function vote(address gauge, uint256 weight) external override whenNotPaused {
if (!isGauge(gauge)) revert GaugeNotFound();
if (weight > WEIGHT_PRECISION) revert InvalidWeight();
uint256 votingPower = veRAACToken.balanceOf(msg.sender);
if (votingPower == 0) revert NoVotingPower();
uint256 oldWeight = userGaugeVotes[msg.sender][gauge];
userGaugeVotes[msg.sender][gauge] = weight;
_updateGaugeWeight(gauge, oldWeight, weight, votingPower);
emit WeightUpdated(gauge, oldWeight, weight);
}

The userGaugeVotes state is updated before calling _updateGaugeWeight. If _updateGaugeWeight fails due to underflow or other errors, the userGaugeVotes state will remain updated, leading to inconsistency. If _updateGaugeWeight fails, the contract state will be left in an inconsistent state, making it difficult to recover or debug.

Impact

Inconsistent state updates make it challenging to recover or debug the contract, increasing the risk of permanent damage

Tools Used

Manual code review

Recommendations

Follow the checks-effects-interactions pattern by updating the state only after all validations and calculations are complete.

Updates

Lead Judging Commences

inallhonesty Lead Judge 6 months ago
Submission Judgement Published
Invalidated
Reason: Incorrect statement

Support

FAQs

Can't find an answer? Chat with us on Discord, Twitter or Linkedin.