Use checked_add and checked_sub to Prevent Arithmetic Overflows
Summary
The smart contract performs arithmetic operations (addition and subtraction) without using Rust’s built-in safety checks (checked_add and checked_sub). This could lead to arithmetic overflow, causing unintended behavior, especially when dealing with large values of SOL.
Vulnerability Details
In functions such as contribute, refund, and withdraw, direct arithmetic operations are used to update balances:
While subtraction uses checked_sub in some cases, addition operations like increasing amount_raised should also use checked_add to prevent integer overflow.
Impact
If a contributor donates an excessively large amount,
amount_raisedcould overflow, causing incorrect fund tracking.
If a subtraction results in a negative value, it could cause a panic or unexpected behavior in transaction execution.
Potentially leads to loss of funds if the contract starts miscalculating balances.
Tools Used
Manual code review
Rust compiler warnings for unsafe arithmetic
Static analysis
Recommendations
Use
checked_addandchecked_subfor all arithmetic operations. Example fix forcontribute:
Ensure all balance updates follow safe arithmetic operations.
Appeal created
[Invalid] Arithmetic overflow in `contribute` function
The max value of u64 is: 18,446,744,073,709,551,615 or around 18.4 billion SOL, given that the total supply of SOL on Solana is 512.50M, the scenario when the `contribute` function will revert due to overflow is very very unlikely to happen. Therefore, this is informational finding.
Rewards breakdown
Live
The contest is live. Earn rewards by submitting a finding.
Appeals
This is your time to appeal against judgements on your submissions.
Appeals Review
Appeals are being carefully reviewed by our judges.