An attacker can delegate multiple times, for each delegation adding extra voting power. Meaning that he can delegate to himself 100 times to have 100x voting power. This allows the attacker to easily force any proposal, as he can have more votes than the Ve total supply.
KenzoAgada
commented
2 years ago
Lines of code
https://github.com/code-423n4/2022-07-golom/blob/e5efa8f9d6dda92a90b8b2c4902320acf0c26816/contracts/vote-escrow/VoteEscrowDelegation.sol#L71
Vulnerability details
Impact
An attacker can delegate multiple times, for each delegation adding extra voting power. Meaning that he can delegate to himself 100 times to have 100x voting power. This allows the attacker to easily force any proposal, as he can have more votes than the Ve total supply.
Proof of Concept
https://gist.github.com/0xpiglet/d194ebead29d1e5bb27ebe1bf2d9e2fb
Tools Used
Recommended Mitigation Steps
When delegating, it should clear the old delegation before delegating the power to someone else.