Core Contracts

Summary :-

The mint() function in the RToken contract casts amountToMint from uint256 to uint128 using toUint128(). If amountToMint exceeds the maximum value of uint128, it will revert due to an overflow check. This issue could impact contract functionality if not properly validated before casting.

Vulnerability Details :-

The function includes the following line :

_mint(onBehalfOf, amountToMint.toUint128());

Here, amountToMint is a uint256 value, but _mint() expects a uint128. The conversion uses OpenZeppelin's SafeCast.toUint128(), which reverts if amountToMint is greater than 2^128 - 1 (i.e., 340,282,366,920,938,463,463,374,607,431,768,211,455).

While SafeCast prevents silent overflows by reverting, an unchecked mint amount from an external call or calculation error could unexpectedly trigger reverts, leading to unexpected failures in contract execution.

Impact :-

• Transactions attempting to mint amounts exceeding uint128 will revert, potentially blocking large deposits.

• If a large liquidity index results in scaling amountToMint beyond uint128, users might not be able to mint even though they have valid deposits.

Tools Used :-

Manual code review

Recommendations :-

• Pre-validate amountToMint before casting:

if (amountToMint > type(uint128).max) revert InvalidAmount();

• Ensure liquidity index scaling doesn’t push values beyond uint128 limits.

• Consider alternative approaches if large minting amounts are required, such as using uint256 for _mint().