Submission Details
Severity:
Unsafe typecast
The typecast in question is from int256 to uint256, which is potentially problematic because it assumes that the int256 value is always non-negative. If totalRESDLSupplyChange were negative, casting it directly to uint256 would result in an incorrect, very large positive number due to how two's complement arithmetic works in Solidity.
if (totalRESDLSupplyChange > 0) {
reSDLSupplyByChain[sourceChainSelector] += uint256(totalRESDLSupplyChange);
} else if (totalRESDLSupplyChange < 0) {
reSDLSupplyByChain[sourceChainSelector] -= uint256(-1 * totalRESDLSupplyChange);
}
```
To address this, the code should be refactored to avoid direct casting of a potentially negative int256 to uint256. Instead, the code should handle the negative case explicitly, ensuring that the conversion to uint256 only occurs for a positive value.
```
if (totalRESDLSupplyChange > 0) {
reSDLSupplyByChain[sourceChainSelector] += uint256(totalRESDLSupplyChange);
} else if (totalRESDLSupplyChange < 0) {
uint256 positiveChange = uint256(-totalRESDLSupplyChange);
if (reSDLSupplyByChain[sourceChainSelector] < positiveChange) {
revert("SupplyChangeUnderflow"); // Custom error for underflow
}
reSDLSupplyByChain[sourceChainSelector] -= positiveChange;
}
```
This change ensures that the negative int256 value is first made positive before casting to uint256, and it also checks explicitly for underflow when subtracting from reSDLSupplyByChain.
Prize pool breakdown
Total prize
27,500 USDC
nSLOC
1,41419 USDC / LOC
25,000 USDC
2,500 USDC
Live
The contest is live. Earn rewards by submitting a finding.
Appeals
This is your time to appeal against judgements on your submissions.
Appeals Review
Appeals are being carefully reviewed by our judges.