Platform: Code4rena
Start Date: 28/09/2023
Pot Size: $36,500 USDC
Total HM: 5
Participants: 115
Period: 6 days
Judge: 0xDjango
Total Solo HM: 1
Id: 290
League: ETH
Rank: 61/115
Findings: 1
Award: $32.27
🌟 Selected for report: 0
🚀 Solo Findings: 0
🌟 Selected for report: 0xDetermination
Also found by: 0xblackskull, 0xweb3boy, ADM, Breeje, Pessimistic, PwnStars, SBSecurity, Satyam_Sharma, ThreeSigma, al88nsk, blutorque, debo, dethera, maanas, neumo, oakcobalt, pina, said, sces60107, tapir, tsvetanovv, xAriextz
32.2731 USDC - $32.27
Judge has assessed an item in Issue #659 as 2 risk. The relevant finding follows:
[L-01] updateScores will result in DoS if pass a user with an already updated score Impact If updateScores is called for a user who is already updated in the same round, the function will misbehave, causing it to repeat lines 205-208 until the gas limit is reached.
200: function updateScores(address[] memory users) external { if (pendingScoreUpdates == 0) revert NoScoreUpdatesRequired(); if (nextScoreUpdateRoundId == 0) revert NoScoreUpdatesRequired();
for (uint256 i = 0; i < users.length; ) {
205: address user = users[i];
206:
207: if (!tokens[user].exists) revert UserHasNoPrimeToken();
//@audit in case user who has his score updated is passed to the array i will not be incremented which will lead to the waste of gas when function is called
208: if (isScoreUpdated[nextScoreUpdateRoundId][user]) continue;
address[] storage _allMarkets = allMarkets; for (uint256 j = 0; j < _allMarkets.length; ) { address market = _allMarkets[j]; _executeBoost(user, market); _updateScore(user, market); unchecked { j++; } } pendingScoreUpdates--; isScoreUpdated[nextScoreUpdateRoundId][user] = true; unchecked { i++; } emit UserScoreUpdated(user); } }
#0 - c4-judge
2023-11-03T16:51:47Z
fatherGoose1 marked the issue as duplicate of #556
#1 - c4-judge
2023-11-03T16:51:53Z
fatherGoose1 marked the issue as satisfactory