Closed sherlock-admin closed 9 months ago
Invalid, in the test the recipient user1 is delegating to 3 separate delegatees based on token blanace in vesting contract so voting power is reflected correctly.
2 comment(s) were left on this issue during the judging contest.
_rahul commented:
Watson misunderstood how delegation works.
pratraut commented:
'invalid due to owner who is deploying escrow contract is TRUSTED entity'
itsabinashb
high
VotingEscrow::Unexpected behaviour in voting power
Summary
An user can delegate more than 1 delegatee and increase the voting power each of them, this increment is malicious because the total voting power will be far more than that user's locked amount.
Vulnerability Detail
The system allows a user to delegate more than 1 delegatee. That user can partially claim his amount and use those amount to fund the escrow contract and delegate a new delegatee as many times as he wants until his token balance becomes 0. We can see it in test case. To conduct the test we will have to modify the
TestUtil.sol
file, just comment out this and this line, make a test file inside test folder and paste this test case:The result is:
Here we can clearly see that total voting power provided by user1 is
(1000000000000000000+2000000000000000000+3000000000000000000) = 6000000000000000000
i.e 6 ether but he vested only 3 ether.Impact
An user can maliciously delegate multiple delegatee and increase total voting power far more than his locked amount.
Code Snippet
Tool used
Manual Review, Foundry
Recommendation
Add some logic which implements a restriction on multiple delegation.