Unbounded pendingStakes could cause some important functions to revert in `LiquidationPool.sol`
Summary
An unbounded pendingStakes array in LiquidationPool.sol may cause some functions to revert.
Vulnerability Details
The increasePosition function could be called multiple times and increase the number of pendingStakes drastically before some pendingStakes are consolidated. If the number of pendingStakes is too large then functions that iterate through them revert due to an out of gas error, and all functions that rely on those functions would also revert. Since consolidatePendingStakes iterates through them and is the only function that reduces pendingStakes, the number of pendingStakes cannot be reduced.
Impact
Functions that rely on iterating over the pendingStakes array would fail when called due to an out of gas error and break important functionality in LiquidationPool.
Tools Used
Manual Review.
Recommendations
Consider limiting the amount of pendingStakes or add functionality to consolidate or remove a limited amount of pendingStakes at a time instead of the entire array.
Prize pool breakdown
Live
The contest is live. Earn rewards by submitting a finding.
Appeals
This is your time to appeal against judgements on your submissions.
Appeals Review
Appeals are being carefully reviewed by our judges.