Pull-based withdrawal pattern
Summary
The Perpetual Vault Protocol does not implement a pull-based withdrawal pattern, which could lead to potential DoS attacks if the contract holds a large amount of tokens.
Vulnerability Details
In the PerpetualVault contract, the withdraw function processes withdrawals directly without using a pull-based mechanism. This means that the contract itself is responsible for transferring the tokens to the user, which could be manipulated by an attacker to cause a DoS if the contract holds a significant amount of tokens.
Impact
A DoS attack could prevent users from withdrawing their funds, effectively locking their assets in the contract. This could lead to significant user frustration and potential loss of trust in the protocol.
Tools Used
Manual code review
Recommendations
Implement a pull-based withdrawal pattern where users can claim their funds from a separate contract or function. This would distribute the gas cost and reduce the risk of DoS attacks.
Lead Judging Commences
Suppositions
There is no real proof, concrete root cause, specific impact, or enough details in those submissions. Examples include: "It could happen" without specifying when, "If this impossible case happens," "Unexpected behavior," etc. Make a Proof of Concept (PoC) using external functions and realistic parameters. Do not test only the internal function where you think you found something.
Prize pool breakdown
Live
The contest is live. Earn rewards by submitting a finding.
Appeals
This is your time to appeal against judgements on your submissions.
Appeals Review
Appeals are being carefully reviewed by our judges.