Summary
Public prediction-history requests populate a process-global Map with attacker-controlled cache keys and no eviction policy, creating an unbounded memory growth path.
Evidence
Why this matters
A public endpoint with an unbounded in-memory cache allows repeated requests for unique tokenId values to grow process memory until the instance is recycled or terminated.
Attack or failure scenario
An automated client cycles through arbitrary token IDs. Even if upstream returns errors for many values, successful or semi-successful responses accumulate distinct cache entries. Memory use grows over time, leading to degraded performance or process restarts under sustained churn.
Root cause
Cache design assumes a small trusted keyspace, but the route accepts untrusted public parameters and stores them indefinitely within the server process.
Recommended fix
- Bound cache size with LRU or TTL eviction.
- Validate
tokenId against known or recent markets before caching.
- Add route-level throttling for public callers.
- Consider moving this cache to a managed shared store with explicit limits.
Acceptance criteria
- The route no longer permits unbounded growth from arbitrary
tokenId values.
- Cache behavior has explicit size/TTL limits and eviction tests.
- Invalid or unknown IDs are rejected before expensive fetch/cache work.
Suggested labels
- reliability
- performance
- production-readiness
- bug
Priority
P1 (High)
Severity
High — a public parameter can drive unbounded process memory growth.
Confidence
Confirmed — the cache and key construction are explicit in source.
Summary
Public prediction-history requests populate a process-global
Mapwith attacker-controlled cache keys and no eviction policy, creating an unbounded memory growth path.Evidence
${tokenId}:${range}for every requested token.tokenIdtaken directly from the query string.Why this matters
A public endpoint with an unbounded in-memory cache allows repeated requests for unique
tokenIdvalues to grow process memory until the instance is recycled or terminated.Attack or failure scenario
An automated client cycles through arbitrary token IDs. Even if upstream returns errors for many values, successful or semi-successful responses accumulate distinct cache entries. Memory use grows over time, leading to degraded performance or process restarts under sustained churn.
Root cause
Cache design assumes a small trusted keyspace, but the route accepts untrusted public parameters and stores them indefinitely within the server process.
Recommended fix
tokenIdagainst known or recent markets before caching.Acceptance criteria
tokenIdvalues.Suggested labels
Priority
P1 (High)
Severity
High — a public parameter can drive unbounded process memory growth.
Confidence
Confirmed — the cache and key construction are explicit in source.