Open code423n4 opened 2 years ago
An overflow in the powers would be a significant bug, while it would require some pretty dramatic issues no the go module side there is value in checking in. I agree with the severity
duplicate of #38
reopening as per judges assessment as "primary issue" on findings sheet
Handle
shw
Vulnerability details
Impact
SafeMath library functions are not always used in the
Gravity
contract's arithmetic operations, which could cause integer underflow/overflows. Using SafeMath is considered a best practice that could completely prevent underflow/overflows and increase code consistency.Proof of Concept
Referenced code: Gravity.sol#L202 Gravity.sol#L586
Recommended Mitigation Steps
Consider using the SafeMath library functions in the referenced lines of code.