Summary

This report identifies a medium-severity vulnerability related to high gas consumption in the SablierV2LockupLinear smart contract. Specifically, the _calculateStreamedAmount function is prone to excessive gas usage, which can lead to transaction failures due to exceeding the gas limit.

Vulnerability Details

The _calculateStreamedAmount function, which calculates the amount streamed in a linear lockup, involves complex calculations using PRBMath's UD60x18 library. While precise, these operations are computationally expensive, particularly when dealing with large data sets or numerous calls, leading to potential gas limit issues.

Impact

The high gas consumption can result in:
Failed transactions, disrupting the user experience.
Increased transaction costs, making the protocol less efficient.
Potential denial of service (DoS) if the gas limit is consistently exceeded.

Tools Used

GasReporter: For measuring and reporting gas consumption in function calls.

Recommendations

Optimize Calculations: Simplify or refactor complex arithmetic operations in _calculateStreamedAmount.
Batch Processing: Implement batch processing for large data sets to spread gas costs over multiple transactions.