Summary

Vulnerability Details

The _writeCheckpoint method is used to store the state of checkpoints in a mapping _checkpoints. The length of the checkpoints grows linearly with each function call that changed the balance or delegation data to update checkpoint, which means it is unbounded. This can cause potential gas cost issues during execution of transaction as the loops may exceed within the block gas limit causing the transaction to fail.

Impact

Tools Used

Recommendations

Consider revising the logic of storing past voting state. You could limit the number of checkpoints stored, or implement a checkpoint pruning mechanism, or consider optimizing storage using an exernal database instead of on-chain storage to avoid high gas cost in the future if the transactional size becomes too large.

Also, avoid making assumptions about response times for external calls or the time needed to process transactions, especially where loops are involved. To protect against unexpected behavior, ensure your smart contract manages execution and termination conditions correctly.

Remember, the length of an array or mapping can increase in the future and always run out of gas at certain extent. Therefore, these loops can become a DoS (Denial of Service) vector on a contract, especially if the contract is critical to other systems and cannot afford to crash.