The Standard
The Standard
DeFiHardhat
20,000 USDC
View results
Previous Next
Submission Details
Severity: low
Invalid

LiquidationPool::distributeAssets is vulnerable to DOS attack

ravikiranweb3

Summary

Unbounded array size could result in DOS attack. This issue exist in many functions in the LiquidationPool contract as listed below.

a) distributeAssets
b) distributeFees

Vulnerability Details

Unbounded array can grow very large over time and leads to DOS attack. The arrays when looped over with computations in each loop, the size of array could lead to scenario where the gas required may exceed the block gas limit leading to denial of service.

Example, look at the LiquidationPool::distributeAssets() function, in which,

function distributeAssets(ILiquidationPoolManager.Asset[] memory _assets, uint256 _collateralRate, uint256 _hundredPC) external payable {
consolidatePendingStakes();
(,int256 priceEurUsd,,,) = Chainlink.AggregatorV3Interface(eurUsd).latestRoundData();
uint256 stakeTotal = getStakeTotal();
uint256 burnEuros;
uint256 nativePurchased;
==> @audit, the holders array can grow very large and until all the holders are processed successfully, this transaction will revert.
that means at some point, the distribute Asset will stop working.
for (uint256 j = 0; j < holders.length; j++) {
}

Impact

Loss of functionality

Tools Used

Manual Review

Recommendations

It is advised to review the logic so that users can process and claim rewards instead of protocol trying to process rewards for all holders in a single call.
This will eliminate the case where DOS can be eliminated.

Updates

Lead Judging Commences

hrishibhat Lead Judge over 1 year ago
Submission Judgement Published
Invalidated
Reason: Known issue
Assigned finding tags:

informational/invalid

Support

FAQs

Can't find an answer? Chat with us on Discord, Twitter or Linkedin.