Skip to content
This repository has been archived by the owner on Jun 2, 2024. It is now read-only.

ZanyBonzy - change_gauge_weight can be front ran to gain extra voting power #96

Closed
sherlock-admin2 opened this issue Nov 29, 2023 · 0 comments
Closed

ZanyBonzy - change_gauge_weight can be front ran to gain extra voting power #96

sherlock-admin2 opened this issue Nov 29, 2023 · 0 comments
Labels
Non-Reward This issue will not receive a payout

Comments

@sherlock-admin2
Copy link
Contributor

sherlock-admin2 commented Nov 29, 2023
edited
Loading

ZanyBonzy

medium

change_gauge_weight can be front ran to gain extra voting power

Summary

Users can front-run calls to the change_gauge_weight and gain extra voting power.

Vulnerability Detail

In a case where the admin decides to increase/decrease gauge weight, a user actively monitoring the mempool can front run the call. He can remove his votes from the gauge, reducing the weight prior to the admin changing gauge weight. Once admin changes gauge weight, the user then votes for the gauge, increasing the gauge weight to more than was expected to be.

  • Alice has a gauge and has contributed for 1000 weight;
  • She notices the admin calling change_gauge_weight function with a value of 500 weight;
  • She frontruns the call, and removes all of her weight. The gauge weight is now 0;
  • The admin's function gets executed and the gauge weight is now 500;
  • Alice votes once again for the gauge with the same 1000 weight. The total gauge weight is now 1500, 1000 more than the admin had planned.

Impact

Code Snippet

https://github.com/sherlock-audit/2023-11-convergence/blob/e894be3e36614a385cf409dc7e278d5b8f16d6f2/sherlock-cvg/contracts/Locking/GaugeController.vy#L593

Tool used

Manual Review

Recommendation

Use increase/decrease methods to change weight instead of a set value.

Duplicate of #122
@github-actions github-actions bot closed this as completed Dec 2, 2023
@github-actions github-actions bot added Medium A valid Medium severity issue Duplicate A valid issue that is a duplicate of an issue with `Has Duplicates` label labels Dec 2, 2023
@sherlock-admin2 sherlock-admin2 changed the title Joyous Fuzzy Cobra - change_gauge_weight can be front ran to gain extra voting power ZanyBonzy - change_gauge_weight can be front ran to gain extra voting power Dec 24, 2023
@sherlock-admin2 sherlock-admin2 added the Reward A payout will be made for this issue label Dec 24, 2023
@Czar102 Czar102 removed the Medium A valid Medium severity issue label Jan 13, 2024
@sherlock-admin sherlock-admin added Non-Reward This issue will not receive a payout and removed Reward A payout will be made for this issue labels Jan 13, 2024
@sherlock-admin2 sherlock-admin2 removed the Duplicate A valid issue that is a duplicate of an issue with `Has Duplicates` label label Jan 14, 2024
Sign up for free to subscribe to this conversation on GitHub. Already have an account? Sign in.
Assignees
No one assigned
Labels
Non-Reward This issue will not receive a payout
Projects
None yet
Milestone
No milestone
Development

No branches or pull requests
3 participants
@Czar102 @sherlock-admin @sherlock-admin2