DeFiHardhat
21,000 USDC
View results
Submission Details
Severity: medium
Invalid

Lack of Gas Limit Control in sunrise Function leading to potentioal DOS

Summary

The sunrise function in the SeasonFacet contract lacks control over gas consumption, which may lead to potential out-of-gas errors or excessive gas usage.

Vulnerability Details

The sunrise function executes several operations in a single transaction, including

  • updating the Season,

  • performing oracle calculations,

  • incentivizing the caller, and

  • emitting events.
    However, it does not limit the gas consumption of these operations. As a result, if any of these operations consume an excessive amount of gas, the transaction may fail due to an out-of-gas error, or the caller may incur unexpectedly high gas fees.

Impact

The lack of gas limit control in the sunrise function may result in:

  • Out-of-gas errors: If the gas consumed by the function exceeds the block gas limit, the transaction will fail, causing potential disruption to users and applications relying on this functionality.

  • Excessive gas fees: Users invoking the sunrise function may incur higher-than-expected gas fees if the function consumes a significant amount of gas.

Tools Used

Manual code review

Recommendations

  • Implement gas limit controls: Set reasonable gas limits for each operation within the sunrise function to prevent excessive gas consumption.

Updates

Lead Judging Commences

giovannidisiena Lead Judge about 1 year ago
Submission Judgement Published
Invalidated
Reason: Too generic

Support

FAQs

Can't find an answer? Chat with us on Discord, Twitter or Linkedin.