60,000 USDC
Submission Details
Severity:
Disabled tokens are not removed from the collection
Summary
_whiteListCollection does not remove collection from _collections array.
function _whiteListCollection(address collection, bool enable) internal {
if (enable && !_whiteList[collection]) {
bool toAdd = true;
uint256 i = 0;
while(i < _collections.length) {
if (collection == _collections[i]) {
toAdd = false;
break;
}
i++;
}
if (toAdd) {
_collections.push(collection);
}
}
_whiteList[collection] = enable;
}
Vulnerability Details
When whitelist for a collection is disabled it’s not removed from the array and will cause it only to grow in size and consume a lot of gas to be iterated in getWhiteListedCollections
function getWhiteListedCollections() external view returns (address[] memory) {
uint256 offset = 0;
uint256 nbElem = _collections.length;
// solidity doesn't support dynamic length array in memory
address[] memory ret = new address[](nbElem);
for (uint256 i = 0; i < nbElem ;++i) {
address cur = _collections[i];
if (_whiteList[cur]) {
ret[offset] = cur;
offset += 1;
}
}
// resize output array
assembly {
mstore(ret, offset)
}
return ret;
}
Impact
High gas consumption on the lookup function due to not removing non-whitelisted token from the _collections array.
Tools Used
Manual Review
Recommendations
When enabled = false, consider removing the collection from the array as well.
Updates
Lead Judging Commences
n0kto about 1 year ago
Submission Judgement Published Reason: Known issue
Assigned finding tags:
invalid-unwhitelist-on-L1-do-not-pop-from-array
LightChaser: Low-19, Gas-10
Prize pool breakdown
Total prize
60,000 USDC
nSLOC
2,30126 USDC / LOC
50,000 USDC
5,500 USDC
4,500 USDC
Live
The contest is live. Earn rewards by submitting a finding.
Appeals
This is your time to appeal against judgements on your submissions.
Appeals Review
Appeals are being carefully reviewed by our judges.