Platform: Code4rena
Start Date: 21/11/2022
Pot Size: $90,500 USDC
Total HM: 18
Participants: 101
Period: 7 days
Judge: Picodes
Total Solo HM: 4
Id: 183
League: ETH
Rank: 66/101
Findings: 1
Award: $53.49
🌟 Selected for report: 0
🚀 Solo Findings: 0
🌟 Selected for report: 0xSmartContract
Also found by: 0xAgro, 0xNazgul, 0xPanda, 0xbepresent, 0xfuje, Awesome, B2, Bnke0x0, Deivitto, Diana, Funen, Jeiwan, JohnSmith, Josiah, R2, RaymondFam, Rolezn, Sathish9098, Waze, adriro, aphak5010, brgltd, btk, carrotsmuggler, ch0bu, chaduke, codeislight, codexploder, cryptostellar5, csanuragjain, danyams, datapunk, delfin454000, deliriusz, eierina, erictee, fatherOfBlocks, gz627, gzeon, hansfriese, hihen, jadezti, joestakey, keccak123, martin, nameruse, oyc_109, pedr02b2, perseverancesuccess, rbserver, rotcivegaf, rvierdiiev, sakshamguruji, shark, simon135, subtle77, unforgiven, xiaoming90, yixxas
53.4851 USDC - $53.49
Referenced Code:
AutoPxGlp.sol: https://github.com/code-423n4/2022-11-redactedcartel/blob/main/src/vaults/AutoPxGlp.sol
AutoPxGmx.sol: https://github.com/code-423n4/2022-11-redactedcartel/blob/main/src/vaults/AutoPxGmx.sol
In both _userAccrue( ) and _globalAccrue( ), block.timestamp is converted to a uint32 via solmate's SafeCast library. However, block.timestamp will be greater than uint32 in ~83 years, which very well could be within our lifetimes. At this point, block.timestamp.safeCastTo32( ) will revert.
Given that AutoPxGlp.sol uses _userAccrue( ) and _globalAccrue( ) in afterDeposit( ), afterWithdraw( ), and afterTransfer( ), all funds in the contract will be frozen and no new funds will able to be deposited. All rewards in PirexRewards.sol( ) will not be able to be claimed.
Referenced Code:
PirexRewards.sol: https://github.com/code-423n4/2022-11-redactedcartel/blob/main/src/PirexRewards.sol
SafeCastLib.sol: https://github.com/transmissions11/solmate/blob/main/src/utils/SafeCastLib.sol
#0 - c4-judge
2022-12-04T20:39:42Z
Picodes marked the issue as grade-b