Unsafe typecasting of uint256 to uint64 in SDLPool.sol::_createLock function causing the Lock startTime to be incorrect if block.timestamp is greater than type(uint64).max
Summary
Casting down a uint256 to uint64 can cause an overflow error which would make it so the startTime of the created Lock would be entirely wrong
Vulnerability Details
The SDLPool.sol::_createLock function cast a type of uint256 (block.timestamp) to a type of uint64, this type of down casting can cause an overflow error. The overflow error can occur in a scenario where the original value of the uint256 (block.timestamp) is greater than the maximum value that a uint64 can hold (18,446,744,073,709,551,615). In a scenario where such overflow happens then the startTime of the Lock created would be entirely wrong. This vulnerability would happen by Sun Jul 21 2554 23:34:33 GMT+0000
Impact
Casting down a uint256 to uint64 in SDLPool.sol::_createLock function to get the startTime on a Lock would make it so the startTime on that Lock is actually wrong in a scenario where the value of the original uint256 we are casting down to uint64 is actually larger than the maximum value that a uint64 can hold
Tools Used
Manual Review
Recommendations
The startTime field on the Lock struct should be changed to a type of uint256 so that there won't be any need to cast down the type of uint256 that would be returned when we call block.timestamp
Prize pool breakdown
Live
The contest is live. Earn rewards by submitting a finding.
Appeals
This is your time to appeal against judgements on your submissions.
Appeals Review
Appeals are being carefully reviewed by our judges.