Core Contracts

Regnum Aurum Acquisition Corp

HardhatReal World AssetsNFT

77,280 USDC

View results

Previous Next

Submission Details

Severity: high

Invalid

Unsafe Typecasting Vulnerability in VotingPowerLib

0xblackadam

Description

The VotingPowerLib contract contains a critical vulnerability in the getCurrentPower() function where unsafe typecasting from int128 to uint256 via uint128 could result in incorrect voting power calculations. The function casts negative voting power values to unsigned integers without proper validation, potentially resulting in large positive voting power values.

function getCurrentPower(

VotingPowerState storage state,

address account,

uint256 timestamp

) internal view returns (uint256) {

RAACVoting.Point memory point = state.points[account];

if (point.timestamp == 0) return 0;

if (timestamp < point.timestamp) {

return uint256(uint128(point.bias));

}

// ...

}

Impact

Negative voting power could be interpreted as extremely large positive values
Potential manipulation of governance voting weights
Incorrect voting power calculations leading to governance attacks
Possible circumvention of voting power decay mechanisms
Could affect protocol-wide voting outcomes and decision-making

Fix Recommendation

Use OpenZeppelin's SafeCast:

import "@openzeppelin/contracts/utils/math/SafeCast.sol";

function getCurrentPower(

VotingPowerState storage state,

address account,

uint256 timestamp

) internal view returns (uint256) {

RAACVoting.Point memory point = state.points[account];

if (point.timestamp == 0) return 0;

if (timestamp < point.timestamp) {

// Use SafeCast to prevent overflow

return SafeCast.toUint256(SafeCast.toUint128(point.bias));

}

// ...

}

Tools Used

Manual Review
Foundry Testing Framework
OpenZeppelin SafeCast Library

Updates

Lead Judging Commences

inallhonesty Lead Judge 7 months ago

Submission Judgement Published

Invalidated

Reason: Non-acceptable severity

Prize pool breakdown

Total prize

77,280 USDC

nSLOC

3,864

20 USDC / LOC

High Medium

74,000

Low

3,280

Live

The contest is live. Earn rewards by submitting a finding.

Judging

Submissions are being carefully reviewed by our judges.

View all submissions

Appeals

This is your time to appeal against judgements on your submissions.

Appeals Review

Appeals are being carefully reviewed by our judges.

Rewards Distribution

The contest is complete and the rewards are being distributed.

View results

Support

FAQs

Can't find an answer? Chat with us on Discord, Twitter or Linkedin.

Give us feedback!