Puppy Raffle

AI First Flight #1

Beginner FriendlyFoundrySolidityNFT

EXP

View results

Previous Next

Submission Details

Severity: high

Valid

Integer overflow

lordbolton

Root + Impact

Description

The PuppyRaffle::totalFees variable is declared as uint64, but accumulates fees calculated as uint256. When fees exceed type(uint64).max (18.4 ETH), the variable silently overflows back to zero, causing permanent loss of fee tracking and funds for the protocol owner.

contract PuppyRaffle is ERC721, Ownable {

// ...

// @> uint64 can only hold up to 18.4 ETH

@> uint64 public totalFees = 0;

function selectWinner() external {

require(block.timestamp >= raffleStartTime + raffleDuration, "PuppyRaffle: Raffle not over");

require(players.length >= 4, "PuppyRaffle: Need at least 4 players");

uint256 winnerIndex = /* ... */;

address winner = players[winnerIndex];

uint256 totalAmountCollected = players.length * entranceFee;

uint256 prizePool = (totalAmountCollected * 80) / 100;

// @> fee is uint256 (can be very large)

uint256 fee = (totalAmountCollected * 20) / 100;

// @> OVERFLOW! Casting uint256 to uint64 silently wraps around

@> totalFees = totalFees + uint64(fee);

// ... rest of function

}

The Problem:

uint64 max value: 18,446,744,073,709,551,615 wei (≈ 18.4 ETH)
With 1 ETH entrance fee and 100 players: fee = 20 ETH
After first raffle: totalFees overflows and wraps to ~1.6 ETH
Protocol owner loses 18.4 ETH immediately

Risk

Likelihood: Medium - Requires substantial raffle participation (100 players at 1 ETH or equivalent), but very likely in any successful deployment.

Impact: High - Permanent loss of protocol fees. Owner cannot recover accumulated fees above 18.4 ETH.

Proof of Concept

// SPDX-License-Identifier: MIT

pragma solidity ^0.7.6;

contract OverflowTest {

function demonstrateOverflow() external pure returns (uint64) {

// Simulate: 100 players, 1 ETH entrance fee

// Total collected: 100 ETH

// Fee (20%): 20 ETH = 20,000,000,000,000,000,000 wei

uint256 fee = 20 ether; // 20,000,000,000,000,000,000 wei

uint64 maxUint64 = type(uint64).max; // 18,446,744,073,709,551,615 wei

// fee > maxUint64, so casting causes overflow

uint64 totalFees = uint64(fee);

// Result: 1,553,255,926,290,448,385 wei (≈1.55 ETH)

// Lost: 18.4 ETH due to overflow!

return totalFees;

}

function calculateLostFees() external pure returns (uint256) {

uint256 actualFee = 20 ether;

uint64 recordedFee = uint64(actualFee);

// Amount lost to overflow

return actualFee - uint256(recordedFee); // ≈18.4 ETH lost

}

Scenario:

Deploy PuppyRaffle with entranceFee = 1 ether
100 players enter: Total = 100 ETH
selectWinner() called:
- Fee calculated: 20 ETH (20% of 100 ETH)
- Cast to uint64: Overflows to ~1.55 ETH
- Lost: ~18.45 ETH
Owner calls withdrawFees():
- Tries to withdraw 1.55 ETH instead of 20 ETH
- 18.45 ETH permanently lost

Tools Used

Manual review, Solidity type analysis

Recommended Mitigation

Change totalFees from uint64 to uint256:

contract PuppyRaffle is ERC721, Ownable {

using Address for address payable;

uint256 public immutable entranceFee;

address[] public players;

uint256 public raffleDuration;

uint256 public raffleStartTime;

address public previousWinner;

- // We do some storage packing to save gas

address public feeAddress;

- uint64 public totalFees = 0;

+ uint256 public totalFees = 0;

// ... rest of contract

function selectWinner() external {

// ... existing checks

uint256 totalAmountCollected = players.length * entranceFee;

uint256 prizePool = (totalAmountCollected * 80) / 100;

uint256 fee = (totalAmountCollected * 20) / 100;

- totalFees = totalFees + uint64(fee);

+ totalFees = totalFees + fee;

// ... rest of function

}

Why This Works:

uint256 can hold up to 2^256-1 wei (≈10^59 ETH)
No overflow possible in any realistic scenario
Slightly higher gas cost (~20k gas one-time due to storage slot change) is negligible compared to preventing fee loss

Note: The comment "We do some storage packing to save gas" is misleading - address (160 bits) + uint64 (64 bits) = 224 bits, which doesn't actually pack into a single 256-bit storage slot efficiently alongside the address. The gas savings are minimal and not worth the overflow risk.

Updates

Lead Judging Commences

ai-first-flight-judge Lead Judge about 4 hours ago

Submission Judgement Published

Validated

Assigned finding tags:

[H-05] Typecasting from uint256 to uint64 in PuppyRaffle.selectWinner() May Lead to Overflow and Incorrect Fee Calculation

## Description ## Vulnerability Details The type conversion from uint256 to uint64 in the expression 'totalFees = totalFees + uint64(fee)' may potentially cause overflow problems if the 'fee' exceeds the maximum value that a uint64 can accommodate (2^64 - 1). ```javascript totalFees = totalFees + uint64(fee); ``` ## POC <details> <summary>Code</summary> ```javascript function testOverflow() public { uint256 initialBalance = address(puppyRaffle).balance; // This value is greater than the maximum value a uint64 can hold uint256 fee = 2**64; // Send ether to the contract (bool success, ) = address(puppyRaffle).call{value: fee}(""); assertTrue(success); uint256 finalBalance = address(puppyRaffle).balance; // Check if the contract's balance increased by the expected amount assertEq(finalBalance, initialBalance + fee); } ``` </details> In this test, assertTrue(success) checks if the ether was successfully sent to the contract, and assertEq(finalBalance, initialBalance + fee) checks if the contract's balance increased by the expected amount. If the balance didn't increase as expected, it could indicate an overflow. ## Impact This could consequently lead to inaccuracies in the computation of 'totalFees'. ## Recommendations To resolve this issue, you should change the data type of `totalFees` from `uint64` to `uint256`. This will prevent any potential overflow issues, as `uint256` can accommodate much larger numbers than `uint64`. Here's how you can do it: Change the declaration of `totalFees` from: ```javascript uint64 public totalFees = 0; ``` to: ```jasvascript uint256 public totalFees = 0; ``` And update the line where `totalFees` is updated from: ```diff - totalFees = totalFees + uint64(fee); + totalFees = totalFees + fee; ``` This way, you ensure that the data types are consistent and can handle the range of values that your contract may encounter.

Rewards breakdown

This contest has a flat reward structure with the following payouts:

Live

The contest is live. Earn rewards by submitting a finding.

Judging

Submissions are being reviewed by our AI judge. Results will be available in a few minutes.

View all submissions

Rewards Distribution

The contest is complete and the rewards are being distributed.

Support

FAQs

Can't find an answer? Chat with us on Discord, Twitter or Linkedin.

Give us feedback!