The swap function relies on an unbounded loop.
An attacker could disrupt swap operations by forcing the loop to go through too many operations, potentially trapping the swap due to a lack of gas.
Bound the loops and document the bounds.
- ToB Audit Uniswap V3 Finding 6
- Denial-of-Service
- Medium Severity
- Unbounded Loop
- Attacker/Malicious Miner
- Bound Loops
- Document Bounds
- Youtube Reference
- Medium Risk severity finding from ToB’s Audit of Uniswap V3