Unsafe Casting in _unlocked_shares
Summary
_unlocked_sharesfunction missing safeguards against timestamp underflows.This could lead to transaction reverts and disrupt critical protocol functions if timestamps are improperly managed.
Vulnerability Details
The _unlocked_shares function calculates unlocked shares using:
No check ensures ts (current timestamp) ≥ last_profit_update.
Risk Scenario:
If
last_profit_updateis accidentally/maliciously set to a future timestamp (e.g., due to admin error or governance attack),ts - last_profit_updateunderflows.Vyper/Solidity reverts on underflow (due to checked arithmetic), causing transaction failures in functions relying on
_unlocked_shares.
Example:
last_profit_update =1773217672 (future timestamp: 2026).Current
ts = 1773217672 - 100→ subtraction underflows.Transaction reverts, halting price updates or profit distribution.
Impact
Denial-of-Service (DoS): Core functionalities (e.g., price updates) may fail, leading to stale data.
Reputation Damage: Frequent reverts break user trust.
Tools Used
Manual Code Review
Recommendations
Implement a check at the beginning of the _unlocked_shares function to ensure that ts is always greater than or equal to last_profit_update.
Add Timestamp Validation:
Include a check to ensure ts ≥ last_profit_update
Prize pool breakdown
Live
The contest is live. Earn rewards by submitting a finding.
Appeals
This is your time to appeal against judgements on your submissions.
Appeals Review
Appeals are being carefully reviewed by our judges.