Skip to content
This repository has been archived by the owner on Jan 12, 2025. It is now read-only.

PeterSR - Start new voting period could be called during active period #407

Closed
sherlock-admin3 opened this issue Jul 15, 2024 · 1 comment
Closed

PeterSR - Start new voting period could be called during active period #407

sherlock-admin3 opened this issue Jul 15, 2024 · 1 comment
Labels
Non-Reward This issue will not receive a payout

Comments

@sherlock-admin3
Copy link
Contributor

sherlock-admin3 commented Jul 15, 2024
edited by WangSecurity
Loading

PeterSR

Medium

Start new voting period could be called during active period

Summary

In the current implementation, there is a missing check for ensuring that a new voting period cannot be started while an existing voting period is still ongoing. This can lead to inconsistencies in the voting process.

Vulnerability Detail

The vulnerability arises from the absence of a check in the Voter::startNewVotingPeriod function to verify whether the current voting period has ended before starting a new one. Without this check, a new voting period can be started even if the previous one has not concluded, leading to potential inconsistencies in the voting process.

https://github.com/sherlock-audit/2024-06-magicsea/blob/main/magicsea-staking/src/Voter.sol#L107-L115

Proof of Concept

Add this test to Voter.t.sol:

function testStartVotingPeriodWhenOldIsNotFinished() public {
    vm.prank(DEV);
    _voter.startNewVotingPeriod();

    assertEq(1, _voter.getCurrentVotingPeriod());

    (uint256 startTime, uint256 endTime) = _voter.getPeriodStartEndtime(1);
    assertGt(endTime, startTime);

    vm.prank(DEV);
    vm.expectRevert();
    _voter.startNewVotingPeriod();
}

Impact

  • Inability to Use Votes: Users may be unable to cast their votes correctly if the voting periods overlap or are not properly managed.

  • Loss of Rewards: Bribers may not allocate rewards for votes that are cast during overlapping or improperly managed voting periods. This can lead to users missing out on rewards they would have otherwise earned.

Code Snippet

function startNewVotingPeriod() public onlyOwner {
        _currentVotingPeriodId++;

        VotingPeriod storage period = _startTimes[_currentVotingPeriodId];
        period.startTime = block.timestamp;
        period.endTime = block.timestamp + _periodDuration;

        emit VotingPeriodStarted();
    }

Tool used

Manual Review

Recommendation

Add this line of code in the Voter::startNewVotingPeriod function:

function startNewVotingPeriod() public onlyOwner {
+        require(
+            _currentVotingPeriodId == 0 || _votingEnded(),
+            "Voting is still ongoing"
+        );
        _currentVotingPeriodId++;

        VotingPeriod storage period = _startTimes[_currentVotingPeriodId];
        period.startTime = block.timestamp;
        period.endTime = block.timestamp + _periodDuration;

        emit VotingPeriodStarted();
}
@github-actions github-actions bot added duplicate High A High severity issue. labels Jul 21, 2024
@sherlock-admin3 sherlock-admin3 added the Duplicate A valid issue that is a duplicate of an issue with `Has Duplicates` label label Jul 22, 2024
@sherlock-admin4 sherlock-admin4 changed the title Glorious Bronze Ladybug - Start new voting period could be called during active period PeterSR - Start new voting period could be called during active period Jul 29, 2024
@sherlock-admin4 sherlock-admin4 added the Reward A payout will be made for this issue label Jul 29, 2024
@chinmay-farkya chinmay-farkya mentioned this issue Aug 2, 2024
Open
@WangSecurity WangSecurity removed High A High severity issue. Duplicate A valid issue that is a duplicate of an issue with `Has Duplicates` label labels Aug 13, 2024
@sherlock-admin2 sherlock-admin2 added Non-Reward This issue will not receive a payout and removed Reward A payout will be made for this issue labels Aug 13, 2024
@WangSecurity
Copy link

Invalid based on the comment #166 (comment).

Sign up for free to subscribe to this conversation on GitHub. Already have an account? Sign in.
Assignees
No one assigned
Labels
Non-Reward This issue will not receive a payout
Projects
None yet
Milestone
No milestone
Development

No branches or pull requests
4 participants
@WangSecurity @sherlock-admin2 @sherlock-admin3 @sherlock-admin4