Potentially Inefficient Block Lookup in find_known_block_number Summary
Summary
The find_known_block_number(_before: uint256 = 0) function is not optimized for on-chain use and may introduce unnecessary gas costs, especially if used improperly.
Vulnerability Details
This function attempts to find a known block number but lacks efficiency optimizations. Since no implementation details are provided in the interface, the actual execution cost will depend on its implementation in the oracle contract.
Potential risks include:
High gas costs: If the function iterates excessively or lacks an optimized search mechanism, it could make transactions significantly more expensive.
Unintended gas exhaustion: If external contracts rely on this function, they could run into gas limits, making transactions fail unexpectedly.
Impact
Possible Exploits: None directly, but inefficient usage could increase transaction costs and affect overall system performance.
Tools Used
Manual code review
Gas cost estimation
Recommendations
Ensure the implementation uses an efficient search algorithm (e.g., binary search over stored block numbers instead of a linear search).
Document the expected gas costs for this function to inform developers of potential inefficiencies.
Consider implementing an off-chain mechanism to assist with lookups, reducing on-chain computational load.
Prize pool breakdown
Live
The contest is live. Earn rewards by submitting a finding.
Appeals
This is your time to appeal against judgements on your submissions.
Appeals Review
Appeals are being carefully reviewed by our judges.