Summary

The enterRaffle() function contains a nested for loop which will consume a large amount of gas and it will not allow people to participate in the raffle after some limit of people entered into it.

Vulnerability Details

If x number of people entered the raffle that will cause the function to have a time complexity of O(x^2) and that will for sure lead to consumption of a large amount of gas and after some limit of people entered the raffle it will consume the whole gas and will not allow new people to participate into it.

Impact

Only allow few people to participate in the raffle ans inposes large amount of gas fees on the participants.

Tools Used

Manual Review

Recommendations

• To use a mapping mechanism which tracks if a particular people entered or not.

• So, we can have a counter for each round starting from 1 and a mapping(address user => uint256 latestRoundParticipated).

• If a new person participates we will assign the current round counter to their mapping and if they again calls the enter raffle function for the same round we will check in to their mapping and if it comes out that their value from mapping is equal to current round that means they already participated. This way we can onboard more players to enter in to our raffle.