Slow Tan Swallow
High
When vouching the creator who we vouch for is checked for if it has more than the max allowed vouchers. If it does the TX revert, not allowing us to vouch for him.
if (vouchIdsForSubjectProfileId[subjectProfileId].length >= maximumVouches) {
revert MaximumVouchesExceeded(
vouchIdsForSubjectProfileId[subjectProfileId].length,
"Exceeds subject vouch limit"
);
}However this can be abused, by simply creating multiple accounts and vouching for a said creator with the minimum allowed amount (ABSOLUTE_MINIMUM_VOUCH_AMOUNT) which is 0.0001 ETH in order to prevent other honest vouchers who would have vouched bigger amounts (1 ETH or 10 ETH).
Max allowed vouches per creator
if (vouchIdsForSubjectProfileId[subjectProfileId].length >= maximumVouches) {
revert MaximumVouchesExceeded(
vouchIdsForSubjectProfileId[subjectProfileId].length,
"Exceeds subject vouch limit"
);
}No response
No response
- User does not like a creator and wants to DOS him and his vouchers
- User creates multiple profiles and vouches for said creator with the min allowed amount
- Since the chain is base and the min allowed amount is so little, it will take a few bucks to fully prevent a user from receiving vouches with actual value
Users who are vouched for might have limited (or none) real vouchers. maximumVouches can be any number with the highest being 256, which means that the lower this number is, the easier for a user to be DOS in such a way.
No response
Either allow infinite vouchers, where vouchers are minted 4626 vault shares (in order for vouchersPoolFee to work properly), or allow users to remove some of their vouchers.