```epoch``` overflow in ```FjordStaking``` leads to incorrect staking and reward calculations
Summary
The FjordStaking contract uses a uint16 type for the epoch variables which tracks the current epoch cycle. The epoch duration is currently set to 7 days. However, if the epoch duration is reduced to a shorter period, such as 6 hours or 1 hour, the uint16 variable overflow. If the uint16 maximum value (65535) is reached and an attempt is made to increment it, the transaction will revert due to the built-in overflow checks (solidity version > 0.8.0). This means that any operation that would cause the epoch variable to exceed its maximum value will fail, and no state changes will be applied.
Vulnerability Details
The uint16 type can hold a maximum value of 65535. With the current epoch duration of 7 days, this allows the contract to run for approximately 1257 years without overflow. However, if the epoch duration is reduced for some reason by the team to 6 hours or 1 hour, the contract will overflow in approximately 44.9 years and 7.48 years, respectively. This overflow will cause the transactions to revert (Solidity version used > 0.8.0), preventing any further state changes.
Impact
The overflow corrupts the epoch data, leading to incorrect staking and reward calculations.
Likelihood: very low.
Impact: high.
Tools Used
Manual review
Recommendations
Use a larger integer type for the epoch variable, such as uint32.
Prize pool breakdown
Live
The contest is live. Earn rewards by submitting a finding.
Appeals
This is your time to appeal against judgements on your submissions.
Appeals Review
Appeals are being carefully reviewed by our judges.