We can see that The create Withdraw Request lacks any condition checks, so it easy to create a large number of invalid requests. This leads to two adverse consequences: the keeper wastes gas executing or canceling these requests, and due to the large number of invalid requests occupying the keeper’s resources, it becomes difficult for valid requests to be serviced, resulting in a DoS.
Impact
This leads to two adverse consequences: the keeper wastes gas executing or canceling these requests, and due to the large number of invalid requests occupying the keeper’s resources, it becomes difficult for valid requests to be serviced, resulting in a DoS.
ZeroTrust
Medium
The create Withdraw Request lacks any condition checks, making it easy to create a large number of invalid requests
Summary
The create Withdraw Request lacks any condition checks, making it easy to create a large number of invalid requests
Vulnerability Detail
We can see that The create Withdraw Request lacks any condition checks, so it easy to create a large number of invalid requests. This leads to two adverse consequences: the keeper wastes gas executing or canceling these requests, and due to the large number of invalid requests occupying the keeper’s resources, it becomes difficult for valid requests to be serviced, resulting in a DoS.
Impact
This leads to two adverse consequences: the keeper wastes gas executing or canceling these requests, and due to the large number of invalid requests occupying the keeper’s resources, it becomes difficult for valid requests to be serviced, resulting in a DoS.
Code Snippet
https://github.com/sherlock-audit/2024-05-elfi-protocol/blob/main/elfi-perp-contracts/contracts/process/AssetsProcess.sol#L157
Tool used
Manual Review
Recommendation
Add valid request checks in the createWithdrawRequest function.
Duplicate of #96