Potential Overflow in fund.amount_raised Calculation (Arithmetic Not Checked)
Summary
The fund.amount_raised += amount operation does not use a safe arithmetic method like checked_add. In extreme edge cases, this might allow an overflow scenario.
Vulnerability Details
Rust’s default for integer overflow in a non–release mode is to panic, but in some compilation settings (and especially in older Solana program contexts), it can wrap around silently.
If
fund.amount_raisedwere to approachu64::MAX, the next addition could wrap to a small number.
Impact
Corrupted Logic: A wrap-around might cause the contract to incorrectly think
goalis not met (or is re-met, etc.).
Edge Attack Vector: Though highly unlikely in normal usage, it remains a theoretical exploit for extremely large sums.
Tools Used
Analysis of arithmetic operations in the contribute function.
Comparison with the best-practices of using secure mathematics in on-chain Rust code.
Recommendations
Use checked_add when updating fund.accumt_raised and handle the overflow error (returning, for example, ErrorCode::CalculationOverflow).
Add unit tests that check the behavior at the maximum possible values.
Appeal created
[Invalid] Arithmetic overflow in `contribute` function
The max value of u64 is: 18,446,744,073,709,551,615 or around 18.4 billion SOL, given that the total supply of SOL on Solana is 512.50M, the scenario when the `contribute` function will revert due to overflow is very very unlikely to happen. Therefore, this is informational finding.
Rewards breakdown
Live
The contest is live. Earn rewards by submitting a finding.
Appeals
This is your time to appeal against judgements on your submissions.
Appeals Review
Appeals are being carefully reviewed by our judges.