Closed sherlock-admin2 closed 7 months ago
krkba
high
finalizeSpecimenSession
In the finalizeSpecimenSession function, there is a loop that could potentially run for a very long time if blockHashesRaw is large
blockHashesRaw
Denial of Service (DoS) attack.
https://github.com/sherlock-audit/2023-11-covalent/blob/main/cqt-staking/contracts/BlockSpecimenProofChain.sol#L397-L429
Manual Review
Limit the size of this array or using a pattern that doesn't require looping over every element.
1 comment(s) were left on this issue during the judging contest.
takarez commented:
valid: medium(2)
Invalid, since specimenhashes are limited by quorum, this is highly unlikely if not impossible.
krkba
high
Potential DOS attack in
finalizeSpecimenSession
krkba
Summary
Vulnerability Detail
In the
finalizeSpecimenSession
function, there is a loop that could potentially run for a very long time ifblockHashesRaw
is largeImpact
Denial of Service (DoS) attack.
Code Snippet
https://github.com/sherlock-audit/2023-11-covalent/blob/main/cqt-staking/contracts/BlockSpecimenProofChain.sol#L397-L429
Tool used
Manual Review
Recommendation
Limit the size of this array or using a pattern that doesn't require looping over every element.