Unbounded loop in `whiteListCollection` function can result in whitelist functionality being locked forever
Summary :
The whiteList function in the Bridge contract allows owner to whitelist any NFT collection. This function makes call to an internal function _whiteListCollection which is having an unbounded loop which iterates through _collections array to find whether the NFT collection that is to be whitelisted exists in the collections array or not.Although whiteList function is a permissioned function so that only the owner can whitelist NFT collection however if the owner account got compromised or not mindful of the number of NFT Collections being whitelisted it is possible to put it in a state where no new NFT collections could be whitelisted.
Vulnerability Details :
The above function makes call to _whiteListCollection function.
The _whiteListCollection have an unbounded loop which iterates through entire _collection array to check whether collection that need to be whitelisted is present in _collection array or not. If the number of items in _collection array gets too large this function call will revert with out of gas error.
Impact :
Loss of ability of Bridge to whitelist new colections
Tools Used :
Manual Code Review
Recommendations :
Add a method to remove unusable collections from _collections array
Lead Judging Commences
finding-collections-always-withelisted-on-both-chain-withdraw-impossible-collections-array-will-be-OOG
Likelyhood: High, once the whitelist option is disabled, collections will grow. Impact: High, withdraw won’t be possible because of Out-Of-Gas.
Prize pool breakdown
Live
The contest is live. Earn rewards by submitting a finding.
Appeals
This is your time to appeal against judgements on your submissions.
Appeals Review
Appeals are being carefully reviewed by our judges.