Skip to content

Latest commit

 

History

History
51 lines (26 loc) · 1.86 KB

File metadata and controls

51 lines (26 loc) · 1.86 KB

Tricky Sage Stallion

Medium

isParticipant() returns incorrect true for users who sold all their votes

Summary

The sellVotes() function does not update the isParticipant mapping after a participant sells all their votes. Consequently, the isParticipant() function incorrectly returns true for users who have exited the reputation market, leading to inaccurate participant tracking.

Root Cause

The isParticipant mapping is used to determine if a user is an active participant in the reputation market. The ReputationMarket#L120 states "Use isParticipant to check if they've sold all their votes".

  // append only; don't bother removing. **Use isParticipant to check if they've sold all their votes.**
  mapping(uint256 => address[]) public participants;
  // profileId => participant => isParticipant
  mapping(uint256 => mapping(address => bool)) public isParticipant;

However, since sellVotes() does not update this mapping when a participant sells all their votes, users remain marked as participants even after exiting the market.

Internal pre-conditions

No response

External pre-conditions

No response

Attack Path

No response

Impact

This leads to incorrect participant tracking, causing logical inconsistencies about participant activity.

PoC

No response

Mitigation

Update the isParticipant mapping in the sellVotes() function to set the participant's status to false if they sell all their votes.