Part 2
Zaros
PerpetualsDEXFoundrySolidity
70,000 USDC
View results
Previous Next
Submission Details
Severity: low
Invalid

Data Truncation in getWethRewardDataRaw Function

satoshisbestfriend

Summary

The getWethRewardDataRaw function casts potentially large uint256 values to uint128, risking data truncation and inaccurate reward calculations.

Vulnerability Details

The getWethRewardDataRaw function retrieves WETH reward data for a given market by casting uint256 storage variables (availableProtocolWethReward and wethRewardPerVaultShare) to uint128. This casting can lead to data truncation if the values exceed the uint128 limit, resulting in incorrect data being returned. This breaks the security guarantee of accurate data representation and can lead to misinterpretations by users relying on this data for reward calculations.

Impact

Although the risk is quite LOW, this can still lead to incorrect reward calculations and financial discrepancies. Users and systems relying on the truncated data may make incorrect decisions, affecting the integrity and reliability of the reward distribution process.

Tools Used

Manual Review

Recommendations

Ensure that the values being cast to uint128 do not exceed the uint128 limit, or use uint256 for the return types to prevent truncation.

function getWethRewardDataRaw(uint128 marketId)
external
view
returns (uint256 availableProtocolWethReward, uint256 wethRewardPerVaultShare) // Use uint256 to prevent truncation
{
Market.Data storage market = Market.loadExisting(marketId);
availableProtocolWethReward = market.availableProtocolWethReward;
wethRewardPerVaultShare = market.wethRewardPerVaultShare;
}
Updates

Lead Judging Commences

inallhonesty Lead Judge 10 months ago
Submission Judgement Published
Invalidated
Reason: Non-acceptable severity

Support

FAQs

Can't find an answer? Chat with us on Discord, Twitter or Linkedin.

Give us feedback!