Looping over unbounded arrays can lead to DoS in `CommunityVCS::deposit`
Summary
In CommunityVCS contract, there is no upper bound on the number of CommunitVaults it can deploy. This can lead to CommunityVCS::deposit function in a state of DoS due to looping over an unbounded array and running out of block gas limit.
Vulnerability Details
CommunityVCS::performUpkeep function allows for more vaults to be deployed using chainlink automation. This can lead to creation of multiple vaults and while looping over all vaults.
When CommunityVCS::deposit is called from the staking pool, it makes a delegatecall to VaultDepositController::deposit which calls VaultDepositController::_depositToVaults function where it loops over all the remaining vaults after the depositIndex. This could lead the transaction to run out of gas and cause in a DoS.
Relevant Links
https://github.com/Cyfrin/2024-09-stakelink/blob/main/contracts/linkStaking/CommunityVCS.sol#L85-L115
https://github.com/Cyfrin/2024-09-stakelink/blob/main/contracts/linkStaking/base/VaultControllerStrategy.sol#L87-L103
https://github.com/Cyfrin/2024-09-stakelink/blob/main/contracts/linkStaking/base/VaultControllerStrategy.sol#L172-L292
Impact
Inoperability of CommunityVCS due to DoS
Tools Used
Manual Review
Recommendations
Impose an upper bound on the max vaults the CommunityVCS will deploy and manage.
Prize pool breakdown
Live
The contest is live. Earn rewards by submitting a finding.
Appeals
This is your time to appeal against judgements on your submissions.
Appeals Review
Appeals are being carefully reviewed by our judges.