Submission Details
Severity:
Unsafe `uint` to `int` conversion
Summary
Unsafe uint to int conversion
Vulnerability Details
The int type in Solidity uses the two's complement system, so it is possible to accidentally overflow a very large uint to an int, even if they share the same number of bytes (e.g. a uint256 number > type(uint128).max will overflow a int256 cast).
Consider using the SafeCast library to prevent any overflows.
Impact
Instances (7):
File: contracts/core/sdlPool/SDLPoolPrimary.sol
/// @audit uint256 -> int256
315: int256 diffTotalAmount = int256(lock.amount + lock.boostAmount) -
/// @audit uint256 -> int256
316: int256(locks[_lockId].amount + locks[_lockId].boostAmount);
File: contracts/core/sdlPool/SDLPoolSecondary.sol
/// @audit uint256 -> int256
196: queuedRESDLSupplyChange -= int256(boostAmount);
/// @audit uint256 -> int256
235: queuedRESDLSupplyChange -= int256(_amount);
/// @audit uint256 -> int256
373: queuedRESDLSupplyChange += int256(lock.amount + lock.boostAmount);
/// @audit uint256 -> int256
438: int256(lockUpdate.lock.amount + lockUpdate.lock.boostAmount) -
/// @audit uint256 -> int256
439: int256(lock.amount + lock.boostAmount);
Tools Used
Recommendations
Prize pool breakdown
Total prize
27,500 USDC
nSLOC
1,41419
USDC / LOC
25,000 USDC
2,500 USDC
Live
The contest is live. Earn rewards by submitting a finding.
Appeals
This is your time to appeal against judgements on your submissions.
Appeals Review
Appeals are being carefully reviewed by our judges.