Sparkn

Summary

The vulnerability pertains to the _distribute function within the protocol. In
scenarios where a large number of winners is permitted, the function's execution
may iterate over an extensive array of data, causing potential performance degradation. Notably, the absence of an upper limit on the number of winners could result in a Denial of Service (DoS) scenario, impairing the core functionality of the protocol – the fair distribution of rewards to the designated winners. Consequently, this vulnerability could undermine the protocol's operational efficiency and reliability.

Vulnerability Details

We need a set of values for winners array and percentages array, that satisfies
the conditions in the function and makes the length of the array very long.
COMMISSION_FEE is 500 and BASIS_POINTS is 10000.

Impact

The following alteration of the createData() function allows us to make a winners array of 10,000 users. From there, we proceed to create a percentages_ array of 10,000 elements as well.

Furthermore, we run a for loop to equally distribute the percentages among the winners array. This could also be an uneven, as long as the sum adds up to 9500 Points.

So now every winner has a corresponding percentage of 0.95%.

To demonstrate the impact, we can run any test case in the pre-defined tests that uses the createData() function, to prove that the loop iteration uses large amount of gas as compared to having a small number of winners.

Tools Used

Manual Review

Recommendations

• Implement a Cap on Winners: Introduce an upper limit on the number of winners for any given contest in the Distributor.sol contract that can be included in a distribution. This cap should be determined based on the protocol's capacity and resources, aiming to strike a balance between fair distribution and system performance.