GitHub
https://github.com/Cyfrin/2024-07-zaros/blob/d687fe96bb7ace8652778797052a38763fbcbb1b/src/perpetuals/leaves/GlobalConfiguration.sol#L130

Summary

The removeCollateralFromLiquidationPriority function in the GlobalConfigurationBranch contract relies on the values function from EnumerableSet.AddressSet to copy the entire collateralLiquidationPriority set from storage to memory. This operation is gas-intensive and designed primarily for view accessors. If the collateralLiquidationPriority set contains a large number of entries, the function may fail due to out-of-gas errors, causing the entire transaction to revert.

Impact

Using the values function within a state-changing function poses a significant risk of transaction failure due to high gas consumption. The values function copies the entire storage to memory, which can be expensive and is typically used for view accessors to avoid gas costs. As stated in the natspac docs:

Given there are no restrictions on adding entries to collateralLiquidationPriority, if a large number of entries are removed, the removeCollateralFromLiquidationPriority function might fail due to out-of-gas errors caused by copying the set to memory and iterating over it. This can disrupt the protocol's operation & user experience by causing transaction failures.

Recommendation

The issue can be mitigated by implementing a maximum limit on collateralLiquidationPriority This way the gas limit can never be reached, resulting in prevention of the possible DOS.