Attacker can cause DoS
Summary
An attacker can cause a Denial of Service (DoS) by abusing the holders and pendingStakes arrays. The code structure in LiquidationPoolManager.sol and LiquidationPool.sol facilitates this attack, leading to a significant risk of DoS.
Vulnerability Details
Attacker-created addresses can call LiquidationPool::increasePosition, adding entries to holders and pendingStakes. The following functions exhibit a high number of loops, traversing the same arrays:
| Contract Name | Function name | Number of loops | Arrays traversed |
|---|---|---|---|
| LiquidationPool | increasePosition | 7 | holders(3), pendingStakes(4) |
| LiquidationPool | distributeFees | 4 | holders(2), pendingStakes(2) |
| LiquidationPool | distributeAssets | 6 | holders(2), pendingStakes(2), _assets(2) |
| LiquidationPoolManager | runLiquidation | 12 | holders(4), pendingStakes(4), _assets(2), tokens(2) |
The significant number of loops occurs due to suboptimal code structuring, resulting in multiple traversals of the same arrays.
Impact
The vulnerability allows an attacker to execute a DoS attack against key functions, disrupting normal operations.
Tools Used
Manual Review
Recommendations
Consider optimizing the code in each vulnerable function to ensure efficient array traversal. Specifically, focus on preventing multiple traversals of the same arrays within the functions.
Prize pool breakdown
Live
The contest is live. Earn rewards by submitting a finding.
Appeals
This is your time to appeal against judgements on your submissions.
Appeals Review
Appeals are being carefully reviewed by our judges.