Risk of block out of gas for too many segments in a stream
Summary
There is a risk of running out of gas in a block with too many segments in a stream.
Vulnerability Details
According to the documentation, there is a limit of 300 segments that can be contained in one stream. The deployer of the SablierV2LockupDynamic contract sets the MAX_SEGMENT_COUNT in the constructor (source code). If the deployer sets a value that is too large, attempting to create a stream with more segments than described in the documentation will result in a block out of gas exception. This requirement is due to the block gas limit. If it didn't exist and someone created a stream with an excessively large number of segments, the transaction would revert as it wouldn't fit within a block.
Impact
As a result of the issue described above, users may experience difficulty or inability to use protocol features that require traversal of all stream segments.
Tools Used
Documentation
Visual Studio Code (VSCode)
Manual Review (MR)
Recommendations
Add a check in the constructor to ensure the number of segments specified by the deployer does not exceed 300:
Prize pool breakdown
Live
The contest is live. Earn rewards by submitting a finding.
Appeals
This is your time to appeal against judgements on your submissions.
Appeals Review
Appeals are being carefully reviewed by our judges.