Platform: Code4rena
Start Date: 07/04/2023
Pot Size: $47,000 USDC
Total HM: 20
Participants: 120
Period: 6 days
Judge: GalloDaSballo
Total Solo HM: 4
Id: 230
League: ETH
Rank: 83/120
Findings: 1
Award: $23.08
🌟 Selected for report: 0
🚀 Solo Findings: 0
🌟 Selected for report: sashik_eth
Also found by: 0x4non, 0x6980, 0xAgro, Cryptor, Kaysoft, Kenshin, Madalad, SaeedAlipoor01988, Sathish9098, W0RR1O, adriro, ayden, btk, catellatech, codeslide, devscrooge, georgits, giovannidisiena, lukris02, matrix_0wl, sayan, tnevler, tsvetanovv
23.0813 USDC - $23.08
Judge has assessed an item in Issue #891 as 3 risk. The relevant finding follows:
[L-1]: Unsafe casting may overflow Context:
virtualBaseTokenReserves += uint128(netInputAmount - feeAmount - protocolFeeAmount); L230 virtualNftReserves -= uint128(weightSum); L231 virtualBaseTokenReserves -= uint128(netOutputAmount + protocolFeeAmount + feeAmount); L323 virtualNftReserves += uint128(weightSum); L324 Description:
While Solidity 0.8.x checks for overflows on arithmetic operations, it does not do so for casting.
Recommendation:
Use OpenZeppelin’s SafeCast library to prevent unexpected overflows.
#0 - c4-judge
2023-05-04T16:55:46Z
GalloDaSballo marked the issue as duplicate of #167
#1 - c4-judge
2023-05-04T16:56:31Z
GalloDaSballo marked the issue as satisfactory