[H-02] The `SmartVaultManagerV5::mint` function does not impose a quantity limit on the `vault` created for each address, allowing users to create an unlimited number of `vaults`.
Description:
The SmartVaultManagerV5::mint function imposes no restrictions on the number of vaults that can be created per address. This means that users can create vaults without any limitations, severely deviating from the expected behavior of the functionality and potentially leading to the occurrence of DOS attacks.
Impact:
Impact-01: Unlimited creation of
vaultsby users will result in DOS attacks when calling theSmartVaultManagerV5::vaultsfunction.Impact-02: Users can create
vaultswithout any limitations, severely disrupting the functionality of the protocol.
Proof of Concept:
Sorry, I currently don't know how to use Foundry to write POC. I will describe the attack scenario in detail:
User Alex can create
vaultswithout any limitation through theSmartVaultManagerV5::mintfunction (assuming the created number ofvaultsis sufficient to trigger a DOS).Then, when he calls the
SmartVaultManagerV5::vaultsfunction, theforloop in this function iterates through all thevaultscreated by users.This leads to a successful implementation of a DOS attack.
Recommended Mitigation:
Limit the number of vault creations per address, for example, the maximum allowed quantity of vaults created should not exceed 50.
Prize pool breakdown
Live
The contest is live. Earn rewards by submitting a finding.
Appeals
This is your time to appeal against judgements on your submissions.
Appeals Review
Appeals are being carefully reviewed by our judges.