Beanstalk Part 1
Beanstalk
DeFiHardhatOracleProxyUpdates
100,000 USDC
View results
Previous Next
Submission Details
Severity: low
Invalid

Unbounded whitelisted tokens length can cause `InitBipSeedGauge.sol::init` to become unusable

erictee

Summary

Looping through an unbounded length can cause functions to revert of out of gas. As a result, InitBipSeedGauge.sol::init function will become unusable and in a state of denial of service.

Vulnerability Details

In LibWhitelistedTokens.sol::addWhitelistStatus:

function addWhitelistStatus(address token, bool isWhitelisted, bool isWhitelistedLp, bool isWhitelistedWell) internal {
AppStorage storage s = LibAppStorage.diamondStorage();
s.whitelistStatuses.push(Storage.WhitelistStatus(
token,
isWhitelisted,
isWhitelistedLp,
isWhitelistedWell
));
emit AddWhitelistStatus(token, s.whitelistStatuses.length - 1, isWhitelisted, isWhitelistedLp, isWhitelistedWell);
}

New tokens can be added to the whitelistStatuses through the above functions.

In InitBipSeedGauge.sol::init:

function init() external {
//REDACTED by erictee
address[] memory siloTokens = LibWhitelistedTokens.getWhitelistedTokens();
//REDACTED by erictee
for (uint i = 0; i < siloTokens.length; i++) {
//REDACTED by erictee
}
//REDACTED by erictee
}

Impact

If at some point there are now a large number of whitelisted tokens, iterating over them will become very costly and can result in a gas cost that is over the block gas limit. This will mean that a transaction cannot be executed anymore, leaving InitBipSeedGauge.sol::init function in a state of DoS.

Tools Used

Manual analysis

Recommendations

Consider setting the maximum number of whitelisted tokens can be added to the array. (Example: 20)

Updates

Lead Judging Commences

giovannidisiena Lead Judge over 1 year ago
Submission Judgement Published
Invalidated
Reason: Too generic
Assigned finding tags:

InitBipSeedGauge DoS

Support

FAQs

Can't find an answer? Chat with us on Discord, Twitter or Linkedin.