Dos attack vulnerability, LiquidationPool.sol
Summary
Unique holders of staking positions are held in an array holders in LiquidationPool.sol, this can be subject to Denial of Service attacks
Vulnerability Details
Holding users in an array and going through them in a for loop costs a lot of gas, especially if a malicious user tries to create several positions with minimal TST and since the only check is
this holders vulnerability is exploited wherever there are for loops on the holders array:
function distributeFees(uint256 _amount) external onlyManager ( managers won't be able to distribute fees if this array is too long)
function distributeAssets(ILiquidationPoolManager.Asset[] memory _assets, uint256 _collateralRate, uint256 _hundredPC) external payable
function increasePosition(uint256 _tstVal, uint256 _eurosVal) external
function decreasePosition(uint256 _tstVal, uint256 _eurosVal) external
after such a DOS attack users won't be able to receive fees and increase/decrease their staking amount which essentially forces their funds to be locked into the contract.
Recommendations
To deal with figuring out unique holders of position a mapping would be suggested, as for fee distribution a seperate function could be written
which let's users claim thier fees and assets much like how the claimRewards function has been written.
Prize pool breakdown
Live
The contest is live. Earn rewards by submitting a finding.
Appeals
This is your time to appeal against judgements on your submissions.
Appeals Review
Appeals are being carefully reviewed by our judges.