# Private Club

## Idea

The essence of this chall is the "block gas limit" DoS part. There are two things to mention:

1. I thought keep calling `addMemberByAdmin()` can achieve DoS, but that is not true. You will end up with a huge dynamic array, which costs too much gas on further `push()` operations when user4 calls `becomeMember()`. This is because gas usage grows exponentially when you access huge index in an array, that's how EVM was designed to discourge the use of huge arrays. In fact we should keep calling `becomeMember()` to achieve DoS since it uses low-level call which is expensive.
2. Remember to include `gas: blockGasLimit` when you call `becomeMember()`. We are simulating DoS, not achieving actual DoS. Can't really achieve the real DoS since user4 needs to call `becomeMember()`, we don't want this call to revert.

The rest of this chall is easy enough.

## PoC

{% embed url="<https://github.com/ret2basic/QuillCTF-PoC/blob/main/PrivateClub/test/PrivateClub.t.sol>" %}
PrivateClub PoC
{% endembed %}


---

# Agent Instructions: Querying This Documentation

If you need additional information that is not directly available in this page, you can query the documentation dynamically by asking a question.

Perform an HTTP GET request on the current page URL with the `ask` query parameter:

```
GET https://ret2basic.gitbook.io/ctfwriteup/web3-ctf/quillctf/private-club.md?ask=<question>
```

The question should be specific, self-contained, and written in natural language.
The response will contain a direct answer to the question and relevant excerpts and sources from the documentation.

Use this mechanism when the answer is not explicitly present in the current page, you need clarification or additional context, or you want to retrieve related documentation sections.