Description:
The SmartVaultManagerV5::mint
function imposes no restrictions on the number of vaults
that can be created per address. This means that users can create vaults
without any limitations, severely deviating from the expected behavior of the functionality and potentially leading to the occurrence of DOS attacks.
Impact:
Impact-01: Unlimited creation of vaults
by users will result in DOS attacks when calling the SmartVaultManagerV5::vaults
function.
Impact-02: Users can create vaults
without any limitations, severely disrupting the functionality of the protocol.
Proof of Concept:
Sorry, I currently don't know how to use Foundry to write POC. I will describe the attack scenario in detail:
User Alex can create vaults
without any limitation through the SmartVaultManagerV5::mint
function (assuming the created number of vaults
is sufficient to trigger a DOS).
Then, when he calls the SmartVaultManagerV5::vaults
function, the for
loop in this function iterates through all the vaults
created by users.
This leads to a successful implementation of a DOS attack.
Recommended Mitigation:
Limit the number of vault
creations per address, for example, the maximum allowed quantity of vaults
created should not exceed 50
.
The contest is live. Earn rewards by submitting a finding.
This is your time to appeal against judgements on your submissions.
Appeals are being carefully reviewed by our judges.