Medium Multiple lenders can't claim their incentives.

Summary

Multiple lenders performing DDoS attacks on DebitaIncentives::ClaimIncentives will cause other users to be unable to claim their incentives.

Root Cause

in "DebitaIncentives.sol"L142 claimIncentives has no restrictions over each lender or borrower ID

Internal pre-conditions

No response

External pre-conditions

No response

Attack Path

No response

Impact

Multiple lenders with different wallet addresses, who have engaged in lending and borrowing activities at a specific epoch time, can collectively launch a DDoS attack to prevent other users from claiming incentives before the deadline.

PoC

No response

Mitigation

use Access control checks for lenders or borrowers.

Provide feedback

Saved searches

Use saved searches to filter your results more quickly

089.md

089.md

Medium Multiple lenders can't claim their incentives.

Summary

Root Cause

Internal pre-conditions

External pre-conditions

Attack Path

Impact

PoC

Mitigation

Files

089.md

Latest commit

History

089.md

File metadata and controls

Medium Multiple lenders can't claim their incentives.

Summary

Root Cause

Internal pre-conditions

External pre-conditions

Attack Path

Impact

PoC

Mitigation