Attackers can mint vaults to a victim to gas grief them
Summary
When a user mints a vault and the tries to send it, the _afterTokenTransfer of the ERC721 vault token is invoked. This is shown in the snippet below.
This calls the transferTokenId function, which actually loops over all the user's owned tokens. It eventually calls removeTokenId in SmartVaultIndex.sol as shown below.
While this function is out of scope, it is being called by the in-scope contract. The function above loops over all the vaults of the user. Thus if the user owns a lot of vaults, this can balloon the gas cost for transfers. Since there is no limit to the amount of vaults a user can own, this can also consume more gas than the eth gas limit and thus always revert.
Further, a malicious user can target a victim and mint and send vault tokens to the victim, inflating their list of vaults. This will inflate the gas costs of the victim, and might even lock them out of transferring the vault erc721 tokens if the gas costs exceed the block limit.
Since this allows an attacker to block transfers of another user, this is of critical severity.
Vulnerability Details
The griefing can be done as follows.
Alice owns a vault, and want to transfer/sell it.
Bob mints 10000 vaults to himself and transfers them to Alice.
Alice either has a huge gas bill when she tries to transfer the vault, or she is unable to transfer the vault at all.
Impact
Potential out of gas griefing attack.
Tools Used
Manual Review
Recommendations
Add a limit for the amount of vaults a particular user can own.
Prize pool breakdown
Live
The contest is live. Earn rewards by submitting a finding.
Appeals
This is your time to appeal against judgements on your submissions.
Appeals Review
Appeals are being carefully reviewed by our judges.