The Gov.protocolRemove function iterates over all elements of the tokensSherX array.
Impact
The transactions could fail if the arrays get too big and the transaction would consume more gas than the block limit.
This will then result in a denial of service for the desired functionality and break core functionality.
The severity is low as only governance can whitelist these tokens but not the protocols themselves.
Handle
cmichel
Vulnerability details
The
Gov.protocolRemovefunction iterates over all elements of thetokensSherXarray.Impact
The transactions could fail if the arrays get too big and the transaction would consume more gas than the block limit. This will then result in a denial of service for the desired functionality and break core functionality.
The severity is low as only governance can whitelist these tokens but not the protocols themselves.
Recommendation
Keep the array size small.