Open code423n4 opened 3 years ago
broccoli
In the swap function of ConcentratedLiquidityPool, the following line of code seems to handle the timestamp overflow problem happening in year 2106:
swap
ConcentratedLiquidityPool
uint256 diff = timestamp - uint256(lastObservation); /// @dev Underflow in 2106.
However, the subtraction is not within an unchecked statement. Thus an integer underflow still occurs when the block.timestamp overflows the maximum of uint256.
unchecked
block.timestamp
uint256
Referenced code: ConcentratedLiquidityPool.sol#L314
Add an unchecked statement around the referenced line of code.
Handle
broccoli
Vulnerability details
Impact
In the
swapfunction ofConcentratedLiquidityPool, the following line of code seems to handle the timestamp overflow problem happening in year 2106:However, the subtraction is not within an
uncheckedstatement. Thus an integer underflow still occurs when theblock.timestampoverflows the maximum ofuint256.Proof of Concept
Referenced code: ConcentratedLiquidityPool.sol#L314
Recommended Mitigation Steps
Add an
uncheckedstatement around the referenced line of code.