Part 2

Zaros
PerpetualsDEXFoundrySolidity
70,000 USDC
View results
Submission Details
Severity: low
Invalid

[L-1] Missing Asset Sanitization Enables Dust Attacks in CreditDelegationBranch

Summary

Functions like updateMarketCreditDelegations lack zero-check guards, allowing attackers to spam with dust amounts.

Vulnerability Details

Affected Code:

function updateVaultCreditCapacity(uint128 vaultId) external {
// No check for vaultId validity
// Spam with non-existent vaults bloats storage
}

Impact

Storage Bloat: Gas griefing attacks

Governance Paralysis: Voting systems impacted

Tools Used

Manual review

Recommendations

require(vaultId <= maxVaultId, "Invalid vault");
require(amount > MIN_OPERATION_AMOUNT, "Dust attack");
Updates

Lead Judging Commences

inallhonesty Lead Judge 5 months ago
Submission Judgement Published
Invalidated
Reason: Lack of quality

Support

FAQs

Can't find an answer? Chat with us on Discord, Twitter or Linkedin.