Assessment reportsPublic findings
Back to Zellic site
Assessment reports>Definitive LLSD>Discussion>Transfer-limit griefing
GeneralOverview
Findings
Low (1)
DiscussionCentralization riskNo salts when calculating hashesTransfer-limit griefing
Threat ModelWhat are threat models?LLSD_EthereumAaveV3Balancer_wstETH_WETH.solMultiUserLLSDStrategy.sol
Audit ResultsSummary

Transfer-limit griefing

Currently, a transfer limit is in place to limit transfers per block (by default 1); this however opens up an avenue for DOS attacks. A user could DOS the protocol by repeatedly submitting a transaction until its deadline is over as there is no nonce system to prevent. However, this would be very costly to maintain and not profitable.

function _enforceTransferLimits() private {
	if (block.number != _latestTransfersBlockNumber) {
		_latestTransfersBlockNumber = block.number;
		delete _transfersThisBlock;
	}
	_transfersThisBlock += 1;
	if (_transfersThisBlock > MAX_TRANSFERS_PER_BLOCK) {
		revert TransfersLimitExceeded();
	}
}
Zellic © 2024Back to top ↑