`LendingPool::getUserCollateralValue()` Potential DoS due to Loop on unbound array.
Summary
LendingPool::getUserCollateralValue() runs a for loop on a mapping userData to get all the NFTs owned by the user. when this will be called for a user with large number of tokens it will lead to DoS. And user will have to reduce their tokens to accesss other features in the protocol since this function is also called by other functions such as borrow() , withdrawNFT().
Vulnerability Details
LendingPool::getUserCollateralValue() runs a for loop on a mapping userData to get all the NFTs owned by the user, If user owns a huge amount of tokens calling this function with that user's address as parameter can lead to Dos.
The only way to then stop this would be when the user send their NFTs to other addresses As there is no direct way for a protocol Admin to burn/transfer User's tokens.
Impact
DoS
Bad User Experience
Lead Judging Commences
LendingPool: Unbounded NFT array iteration in collateral valuation functions creates DoS risk, potentially blocking liquidations and critical operations
LightChaser L-36 and M-02 covers it.
LendingPool: Unbounded NFT array iteration in collateral valuation functions creates DoS risk, potentially blocking liquidations and critical operations
LightChaser L-36 and M-02 covers it.
Prize pool breakdown
Live
The contest is live. Earn rewards by submitting a finding.
Appeals
This is your time to appeal against judgements on your submissions.
Appeals Review
Appeals are being carefully reviewed by our judges.