The _calculateMaxEndTime
function may produce an incorrect maxEndTime
due to the unsafe cast from uint256 to uint128, leading to inaccurate results in the getPeriodReward
function and affecting user rewards.
The maxEndTime
is casted to uint128
without any checks. If the result of payoutStart_ + maxIntervals_ * interval_
exceeds type(uint128).max
, it will lead to an incorrect maxEndTime
.
For instance, if initialAmount_ = 1e15 ETH
, decreaseAmount_ = 1 wei
, and interval_ = 3000 Hours
, then maxIntervals_ = 1e33
and maxIntervals_ * interval_ = 1.08e40
, surpassing type(uint128).max
and resulting in a casted smaller value.
The getPeriodReward
result is computed based on the maxEndTime
, and the casted maxEndTime
might result in an incorrect reward value.
The _calculateMaxEndTime
function may produce an incorrect maxEndTime
, leading to inaccurate results in the getPeriodReward
function and affecting user rewards.
Manual Review
Check the result of maxIntervals_ * interval_
, if it's bigger than type(uint128).max
, just return the type(uint128).max
.
The contest is live. Earn rewards by submitting a finding.
This is your time to appeal against judgements on your submissions.
Appeals are being carefully reviewed by our judges.