Assessment reports>MightyNetERC1155Claimer>Medium findings>Possible DOS while claiming ERC-1155
Category: Business Logic

Possible DOS while claiming ERC-1155

Medium Severity
Medium Impact
Medium Likelihood

Description

The claimWhitelist array stores the MerkleProofWhitelist struct containing the root hash of the Merkle tree. Each element in the array corresponds to a specific number of claimable tokens, and the Merkle tree contains addresses eligible to mint that number of tokens.

If this array is large enough, the users that have a large amount of claimable tokens would need to spend too much gas to claim their tokens or the function claim might entirely revert for them due to exceeding the gas limit, as the code loops through the dynamic array.

function claim(bytes32[] calldata merkleProof){
...
    uint256 size = claimWhitelist.length;
	bool whitelisted = false;
	uint256 toMint = 0;
	for (; toMint < size; ++toMint) {
		if (claimWhitelist[toMint].isWhitelisted(msg.sender, merkleProof)) {
			whitelisted = true;
			break;
		}
	}
...
}

Impact

The transaction might fail if the claimWhitelist array becomes too large and the gas exceeds the maximum gas limit. Additionally, users with a substantial number of claimable tokens would be required to spend a significant amount of gas to execute the transaction successfully. This gas consumption can become burdensome for users with a large number of tokens to claim.

Recommendations

Consider modifying the claim function to accept the mint amount as an argument and use it directly to calculate the array index where isWhitelisted should be called. This adjustment can improve the efficiency of the function and avoid unnecessary iterations through the claimWhitelist array, especially in scenarios with a large number of claimable tokens.

Remediation

Mighty Bear Games provided the following response:

We have assessed the gas costs associated with claiming different amounts of ERC-1155 tokens, and our findings indicate that the increase in cost follows a linear pattern. We have taken this into consideration while designing the claiming process. Additionally, it is important to note that we have set a limit on the maximum number of tokens that can be claimed to just 3.

Zellic © 2024Back to top ↑