_addNewSupportedAsset() function adds new asset to supportedAssetList array. The problem is that this array is always increasing. It cannot be decreased. This means that risk of dos exist because this array is used in getRSETHPrice() function. If to many items will be added to supportedAssetList then loop in getRSETHPrice() may run out of gas
Lines of code
https://github.com/code-423n4/2023-11-kelp/blob/main/src/LRTConfig.sol#L80-L89
Vulnerability details
Impact
_addNewSupportedAsset() function adds new asset to supportedAssetList array. The problem is that this array is always increasing. It cannot be decreased. This means that risk of dos exist because this array is used in getRSETHPrice() function. If to many items will be added to supportedAssetList then loop in getRSETHPrice() may run out of gas
Proof of Concept
Tools Used
Manual Review
Recommended Mitigation Steps
Add function that can remove items from the array
Assessed type
DoS