Unsafe Downcasting of `amountToMint`
Summary
The function mint casts amountToMint to uint128 before passing it to OpenZeppelin's _mint function, which expects a uint256. This unnecessary and unsafe downcast could lead to unexpected overflows if amountToMint exceeds the maximum value of uint128. While toUint128() may work under normal conditions, any unforeseen increase in amountToMint beyond 2^128 - 1 would cause a silent truncation or error, leading to unexpected behavior.
Vulnerability Details
In the following line of code:
amountToMint is a uint256, and it is explicitly cast to uint128 before being passed to _mint, which is an OpenZeppelin function that accepts a uint256. This downcasting is unnecessary and introduces a risk of truncation if amountToMint exceeds 2^128 - 1.
Since the function takes an external input (amount) and adds balanceIncrease, ensuring that amountToMint never exceeds uint128 limits is crucial.
Impact
If
amountToMintexceedsuint128, the function could revert unexpectedly, disrupting operations.Potential for silent truncation, which could lead to minting an unintended amount of debt tokens.
Limits the scalability of the contract unnecessarily.
Introduces unnecessary complexity, as OpenZeppelin's
_mintfunction already supportsuint256.
Tools Used
Manual code review
Recommendations
Remove the explicit casting to uint128 since OpenZeppelin's _mint function accepts a uint256.
Prize pool breakdown
Live
The contest is live. Earn rewards by submitting a finding.
Appeals
This is your time to appeal against judgements on your submissions.
Appeals Review
Appeals are being carefully reviewed by our judges.