Loops with no upper limit set can cause a revert due to lack of gas, or exceed the gas limit of the block, making it impossible to execute the function.
Vulnerability Detail
getTotalDeposit(address _account) loops through the number of deposits associated with the account.
There is no limit to the number of these deposits set, which can cause revert due to insufficient gas or exceeding the block gas limit.
Impact
Gas fees are lost or functions cannot be performed.
innertia
low
Unlimited loop processing
Summary
Loops with no upper limit set can cause a revert due to lack of gas, or exceed the gas limit of the block, making it impossible to execute the function.
Vulnerability Detail
getTotalDeposit(address _account)loops through the number of deposits associated with the account. There is no limit to the number of these deposits set, which can cause revert due to insufficient gas or exceeding the block gas limit.Impact
Gas fees are lost or functions cannot be performed.
Code Snippet
https://github.com/sherlock-audit/2022-10-merit-circle/blob/main/merit-liquidity-mining/contracts/TimeLockPool.sol#L250
Tool used
Manual Review
Recommendation
Limit the number of deposits a user can register or use an offset.