FLO-30: depositLimit() Prevents Full Exhaustion of Capacity and Creates Transaction Order Dependency #239
Description
Severity: Informational
Files Affected
cadence/contracts/FlowALPv1.cdc
Description
The depositLimit() function enforces a maximum deposit size per transaction to prevent single users from monopolizing the pool's liquidity capacity. It calculates this limit by multiplying the depositLimitFraction by the currently available depositCapacity. Because the available capacity decreases with every accepted deposit, the maximum allowed deposit size shrinks dynamically. This creates an asymptotic degradation where the deposit limit becomes infinitesimally small as the pool fills, making it mathematically impossible to fully exhaust the capacity. Furthermore, this design makes the deposit limit highly dependent on transaction ordering within a block; transactions processed earlier receive a substantially higher limit than those processed later, penalizing users arbitrarily based on network inclusion order and unnecessarily forcing normal deposits into the asynchronous queuedDeposits mapping.
Recommendation
Refactor the depositLimit() calculation to multiply the fraction by the static depositCapacityCap instead of the dynamically shrinking depositCapacity. This ensures the per-transaction limit remains a constant, predictable value (e.g., exactly 5% of the total bucket size) regardless of transaction ordering, while effectively preventing a single transaction from draining the entire capacity at once.
Parent Issue: #209