ghoul-sol
commented
3 years ago While true, estimated gas to update speed for 50 markets is 3377184 gas. Current block gas limit is 14,999,986, that means we could in theory, get away with updating as many as 222 markets. This is definitely something to keep in mind along the way, however, in my opinion it's a non-critical issue, low at most.
cemozerr
Handle
@cmichelio
Vulnerability details
Vulnerability Details
The
Comptroller.refreshCompSpeedsInternalfunction iterates over all markets and does expensive computations like updating all borrower / supply indices.Impact
When the total number of markets is high, this iteration could exceed the total block gas amount breaking the functionality and making it impossible to update the reward distribution speed.
Recommended Mitigation Steps
Keep the number of markets low and/or adjust the function to be processable in several transactions.