Trick or Treat

First Flight #27

Beginner FriendlyFoundry

100 EXP

View results

Previous Next

Submission Details

Severity: low

Invalid

Potential expensive loop vulnerability in SpookySwap contract

PureSecurity

Summary

The SpookySwap contract has a design that could lead to an expensive loop vulnerability involving treats stored in the treatNames array. As new treats are added, treatNames grows in size, increasing the computational cost of any function that iterates through this array. Without constraints on the number of treats or optimized handling, this could result in significant gas costs or even failed transactions as the array size increases. This vulnerability impacts contract scalability and usability, potentially deterring user interaction due to high gas costs or out-of-gas errors.

Vulnerability Details

Key Issue:

The treatNames array is updated each time a new treat is added, but it is not limited or optimized for size. If a function requires iterating over all treats (e.g., for retrieval or management), the cost of this loop scales linearly with the number of treats, potentially making the function prohibitively expensive.

Example Scenario:

Initial Setup: The contract owner adds numerous treats, significantly increasing the size of treatNames.
Execution: A function that needs to access or modify treat data attempts to loop through treatNames.
Outcome: As the array grows, the loop becomes too costly to complete within Ethereum’s block gas limit, leading to high gas fees or failed transactions.

Impact

Gas Limit Exceedance: Functions that loop over all treats may exceed Ethereum’s block gas limit as the array grows, causing transactions to fail.
High Gas Costs: Even successful transactions may become extremely costly if they involve looping through a large number of treats.
Reduced Usability and Scalability: High gas costs or failed transactions deter user interactions, limiting the contract’s scalability and user experience.

Tools Used

Manual Review.

Recommendations

To mitigate this vulnerability, consider the following strategies:

Avoid Full Array Loops: Minimize or eliminate any functions that require looping through the entire treatNames array. Where possible, use direct mapping references instead of looping.
Cap on Maximum Number of Treats: Consider setting a maximum limit on the number of treats that can be added or periodically clean up the array by removing outdated entries. This will help manage the size of treatNames and prevent excessive gas costs over time.

Updates

Appeal created

bube Lead Judge 9 months ago

Submission Judgement Published

Invalidated

Reason: Non-acceptable severity

Rewards breakdown

nSLOC

109

This contest has a flat reward structure with the following payouts:

High

100 EXP

Medium

20 EXP

Low

2 EXP

Live

The contest is live. Earn rewards by submitting a finding.

Judging

Submissions are being carefully reviewed by our judges.

View all submissions

Appeals

This is your time to appeal against judgements on your submissions.

Appeals Review

Appeals are being carefully reviewed by our judges.

Rewards Distribution

The contest is complete and the rewards are being distributed.

View results

Support

FAQs

Can't find an answer? Chat with us on Discord, Twitter or Linkedin.