_getDeltaTimestamp()
function could potentially underflow if lastTimestamp
is greater than block.timestamp
.
The _getDeltaTimestamp()
function calculates the difference between the current block timestamp
and the lastTimestamp
stored in the contract:
Under normal circumstances, block.timestamp
should always be greater than or equal to lastTimestamp
because block.timestamp
represents the current time, and lastTimestamp
should logically be a time in the past when the last relevant action occurred.
However, if the lastTimestamp
is set to a future time (a time greater than block.timestamp
), the subtraction uint40(block.timestamp) - lastTimestamp
would cause an underflow.
All functions that rely on this function to calculate the deltaTimestamp
such as readTwaReserves()
, readInstantaneousReserves()
etc would therefore revert and halt execution.
Manual Review
Add a require
statement to ensure that lastTimestamp
is not greater than the current block.timestamp
.
The contest is live. Earn rewards by submitting a finding.
This is your time to appeal against judgements on your submissions.
Appeals are being carefully reviewed by our judges.