Description:Description\
The relayer restricted function startOutgoingTxSerializing() can be DoS-d there are enough withdraw transactions that they would consume the block.gaslimit in startOutgoingTxSerializing -> popBufferedTransfersToBatch. This can be either unintentional or intenional with an attacker blocking this mechanism by spam withdrawing the minWithdrawalLimit. Note that tx fees are very cheap on Oasis Sapphire so this attack could be feasible. The root of the issue is that there is no upper limit on queue which means it can be infinitely large.
Recommendation\
Consider to mitigate this issue by setting an upper bound on the queue
Github username: -- Twitter username: -- Submission hash (on-chain): 0xbb704fa46a101f03e21d390f5d3d219ed52b972d85b338f57454a1750d675a5b Severity: medium
Description: Description\ The relayer restricted function
startOutgoingTxSerializing()
can be DoS-d there are enough withdraw transactions that they would consume theblock.gaslimit
instartOutgoingTxSerializing
->popBufferedTransfersToBatch
. This can be either unintentional or intenional with an attacker blocking this mechanism by spam withdrawing theminWithdrawalLimit
. Note that tx fees are very cheap onOasis Sapphire
so this attack could be feasible. The root of the issue is that there is no upper limit onqueue
which means it can be infinitely large.Recommendation\ Consider to mitigate this issue by setting an upper bound on the
queue