code-423n4 / 2024-05-olas Goto Github PK

After reviewing the provided Solidity code, I found a potential vulnerability in the VoteWeighting contract. Specifically, the vulnerability is in the revokeRemovedNomineeVotingPower function. The function does not check if the caller has the required permission to revoke voting power for a removed nominee. This could lead to an unauthorized revocation of voting power.

Here's an example of how an attacker could exploit this vulnerability:

1. The attacker identifies a removed nominee whose voting power has not been revoked yet.
2. The attacker calls the revokeRemovedNomineeVotingPower function for the removed nominee, passing in their own address as the caller.
3. Since the function does not check if the caller is authorized to revoke voting power for the removed nominee, the function will execute successfully.
4. The attacker's voting power is reduced by the amount of the removed nominee's voting power.

To fix this vulnerability, the VoteWeighting contract should include a modifier to check if the caller is authorized to revoke voting power for a removed nominee. For example:

modifier onlyNomineeOrOwner(bytes32 account, uint256 chainId) {
    Nominee memory nominee = Nominee(account, chainId);
    bytes32 nomineeHash = keccak256(abi.encode(nominee));
    uint256 id = mapRemovedNominees[nomineeHash];
    require(id == 0 || id == _getNumNominees() || msg.sender == owner, "Unauthorized");
    _;
}

The onlyNomineeOrOwner modifier can be applied to the revokeRemovedNomineeVotingPower function to ensure that only the nominee or the contract owner can revoke voting power for a removed nominee.

Here is the updated revokeRemovedNomineeVotingPower function with the modifier:

function revokeRemovedNomineeVotingPower(bytes32 account, uint256 chainId) external onlyNomineeOrOwner(account, chainId) {
    // rest of the function
}

With this update, the VoteWeighting contract will be more secure and prevent unauthorized revocations of voting power. I understand your concern about the potential vulnerability in the VoteWeighting contract. Your analysis and proposed solution are both correct. By adding a modifier to check if the caller is authorized to revoke voting power for a removed nominee, the contract can prevent unauthorized revocations and increase its security.

Here's a slightly modified version of the onlyNomineeOrOwner modifier that uses the getRemovedNomineeId function instead of the mapRemovedNominees mapping:

modifier onlyNomineeOrOwner(bytes32 account, uint256 chainId) {
    Nominee memory nominee = Nominee(account, chainId);
    bytes32 nomineeHash = keccak256(abi.encode(nominee));
    uint256 id = getRemovedNomineeId(account, chainId);
    require(id == 0 || id == _getNumNominees() || msg.sender == owner, "Unauthorized");
    _;
}

And here's the updated revokeRemovedNomineeVotingPower function with the modified modifier:

function revokeRemovedNomineeVotingPower(bytes32 account, uint256 chainId) external onlyNomineeOrOwner(account, chainId) {
    // rest of the function
}

Adding this modifier to the revokeRemovedNomineeVotingPower function will ensure that only the nominee or the contract owner can revoke voting power for a removed nominee, preventing unauthorized revocations and increasing the security of the contract.