code423n4 commented 1 year ago

Lines of code

https://github.com/code-423n4/2023-07-amphora/blob/daae020331404647c661ab534d20093c875483e1/core/solidity/contracts/core/VaultController.sol#L278-L291

Vulnerability details

Impact

Attacker can push as many mintVault() as he can. if the governance wants to process the mints after attacker mints, they also need to spend a lot of gas in order to process attacker mints first. So other users can't be able to mint vault because governance needs to process so many mints by attacker first.

Proof of Concept

Bob is attacker and want to attack protocol.
He spends 1 million dollar gas in order to push many mints as he can.
Governance needs 1 million dollar gas for processing attacker mints.
If governance doesn't have that much gas, can lead to dos attack.
So other users cant mint vault.

Tools Used

Manual Review

Recommended Mitigation Steps

Consider implementing logic to avoid this issue like: every address can mint only one vault. or time limit for each minting.

Assessed type

DoS

c4-pre-sort commented 1 year ago

minhquanym marked the issue as low quality report

minhquanym commented 1 year ago

Invalid

c4-judge commented 1 year ago

dmvt marked the issue as unsatisfactory: Invalid

code-423n4 / 2023-07-amphora-findings

DoS attack possible in mintVault() function #424