Liquid Staking

Stakelink
DeFiHardhatOracle
50,000 USDC
View results
Submission Details
Severity: high
Invalid

WithdrawalPool.sol - Potential DoS from unbounded loop variable.

Summary

On line 159 of the WithdrawalPool.sol there is a for loop that has an unbounded variable: withdrawalBatches.length. This variable if given a large enough array can become so gas expensive that the resulting runs could possibly result in a denial of service.

Vulnerability Details

With a large enough array passed to the for loop, you could run the potential of gas prices being too high for the continued running of the contract.

Impact

Denial of Service, resulting in too expensive for the contract to continue to run.

Tools Used

Manual Review

Recommendations

Do not use unbouded array lengths as loop variables.

Updates

Lead Judging Commences

inallhonesty Lead Judge 8 months ago
Submission Judgement Published
Invalidated
Reason: Non-acceptable severity

Support

FAQs

Can't find an answer? Chat with us on Discord, Twitter or Linkedin.