Each voter can veto a proposal if they want by calling voteToVeto() several times to pass the passThresholdBps.
Every voter shouldnβt vote several times, otherwise, the voting system will be broken.
But voteToVeto() doesnβt check the already voted users and it can be called as many times.
The below POC shows the case.
function test_CanVoteManyTimes() public {
_assertProposalStatus(PartyGovernance.ProposalStatus.Voting);
// Vote to veto
vm.prank(voter1);
vetoProposal.voteToVeto(party, proposalId, 0);
_assertProposalStatus(PartyGovernance.ProposalStatus.Voting);
assertEq(vetoProposal.vetoVotes(party, proposalId), 1e18);
// The same voter can vote again and again
vm.prank(voter1);
vetoProposal.voteToVeto(party, proposalId, 0);
_assertProposalStatus(PartyGovernance.ProposalStatus.Defeated);
}
Manual Review
We should add a mapping like hasVoted in PartyGovernance contract to ensure each voter canβt vote several times.
The text was updated successfully, but these errors were encountered:
All reactions