Unrestricted Gas Usage in ```writeMessageInSharedSpace``` Function of Soulmate Contract
Summary
The writeMessageInSharedSpace function in the Soulmate contract lacks any gas limits or restrictions on the length or complexity of the input message. This vulnerability can be exploited by malicious actors to launch denial-of-service (DoS) attacks, consuming excessive gas and potentially disrupting network performance, transaction processing, and user experience.
Vulnerability Details
The function does not enforce any gas limits or resource constraints on the message string.
Attackers can exploit this by submitting messages with:
Excessive length, exceeding the block gas limit and causing transaction failures.
High computational complexity, requiring significant gas for processing and slowing down the network.
Impact
High gas usage can lead to network congestion, impacting transaction processing times and user experience for all applications on the blockchain.
Tools Used
Manual Review
Recommendations
Set a reasonable maximum gas limit for the writeMessageInSharedSpace function to prevent excessively expensive transactions.
Rewards breakdown
Live
The contest is live. Earn rewards by submitting a finding.
Appeals
This is your time to appeal against judgements on your submissions.
Appeals Review
Appeals are being carefully reviewed by our judges.