Flow
Sablier
FoundryDeFi
20,000 USDC
View results
Previous Next
Submission Details
Severity: low
Invalid

Potential Overflow in Protocol Revenue Calculation

brene

Summary

In the _withdraw function, accumulating the protocol fee into protocolRevenue[token] without overflow checks poses a risk. This approach can lead to integer overflow, especially if large values accumulate over time or if there are high transaction volumes. An overflow could result in inaccurate fee calculations, compromising the contract's integrity and reliability.

Vulnerability Details

In Solidity, integer overflow can occur when the value of a variable exceeds the maximum limit of its data type.

// ... SNIP ...
if (protocolFee > ZERO) {
// Calculate the protocol fee amount and the net withdraw amount.
(protocolFeeAmount, amount) = Helpers.calculateAmountsFromFee({ totalAmount: amount, fee: protocolFee });
// Safe to use unchecked because addition cannot overflow.
>> unchecked {
// Effect: update the protocol revenue.
>> protocolRevenue[token] += protocolFeeAmount;
}
}
// ... SNIP ...

The above uses unchecked, which disables overflow checks, making it possible for protocolRevenue[token] to exceed the maximum limit of uint256.

Impact

If an overflow occurs, protocolRevenue[token] would wrap around to zero or another unintended value, potentially misrepresenting the actual accumulated protocol fees.

Tools Used

Manual Review

Recommendations

Implement a safer approach by using SafeMath for addition operations. This ensures that protocolRevenue[token] won’t exceed its limit, preventing unintended value wraps.

Updates

Lead Judging Commences

inallhonesty Lead Judge 8 months ago
Submission Judgement Published
Invalidated
Reason: Incorrect statement

Support

FAQs

Can't find an answer? Chat with us on Discord, Twitter or Linkedin.