This repository has been archived by the owner on May 26, 2023. It is now read-only.
Robert - Block All Refunds By Adding Many Deposits #332
Comments
github-actions
bot
added
Duplicate
Sign up for free
to subscribe to this conversation on GitHub.
Already have an account?
Sign in.
Robert
high
Block All Refunds By Adding Many Deposits
Summary
Although the amount of token addresses are limited to avoid DoS, the amount of deposits are not limited.
To receive a refund, every deposit must be looped through to determine how much of the token balance is currently able to be refunded. This array can be arbitrarily increased to make it out-of-gas on every attempt to get a refund, therefore completely DoSing a user's ability to get a refund.
When combined with a DoS on claims, this will permanently lose all funds in the contract.
Vulnerability Detail
Impact
High because it can lead to permanent loss of all funds.
Code Snippet
https://github.com/sherlock-audit/2023-02-openq/blob/main/contracts/DepositManager/Implementations/DepositManagerV1.sol#L172
https://github.com/sherlock-audit/2023-02-openq/blob/main/contracts/Bounty/Implementations/BountyCore.sol#L341
These lines show where claims require this loop to be run and the loop that is being run.
Tool used
Manual Review
Recommendation
I'm not sure exactly what would be best for you guys, but maybe a minimum amount of tokens to be deposited, a maximum amount of deposits, or another way of determining locked funds amount that doesn't require a loop.
Duplicate of #77
The text was updated successfully, but these errors were encountered: