bareli - out of gas can happen due to totalValueLocked.

[sherlock-admin]

bareli

medium

out of gas can happen due to totalValueLocked.

Summary

totalValueLocked calculation may cause DOS attack.

Vulnerability Detail

@> for (uint128 i = 0; i < validatorsN; i++) { Validator storage v = _validators[i]; Staking storage s = v.stakings[delegator]; totalValueLocked = _sharesToTokens(s.shares, v.exchangeRate); if (v._address == delegator) totalValueLocked += v.commissionAvailableToRedeem; Unstaking[] memory unstakings = v.unstakings[delegator]; uint256 unstakingsN = unstakings.length; @> for (uint256 j = 0; j < unstakingsN; j++) { totalValueLocked += unstakings[j].amount; } }

Impact

due to too much loop contact may get out of gas.

Code Snippet

https://github.com/sherlock-audit/2023-11-covalent/blob/main/cqt-staking/contracts/OperationalStaking.sol#L844

Tool used

Manual Review

Recommendation

use the mapping to calculate the totalValueLocked.

[sherlock-admin2]

1 comment(s) were left on this issue during the judging contest.

takarez commented:

invalid

[nevillehuang]

Invalid, OOG is highly unlikely given validators can only be added by trusted staking manager via addValidators()