itsmetechjay
commented
3 years ago Withdrawn by warden. Per pauliax: "Submitted this to the wrong contest. Should be for PoolTogether"
Closed code423n4 closed 3 years ago
itsmetechjay
commented
3 years ago Withdrawn by warden. Per pauliax: "Submitted this to the wrong contest. Should be for PoolTogether"
Handle
pauliax
Vulnerability details
Impact
function calculateNextBeaconPeriodStartTime accepts _time as a type of uint256 but later explicitly casts it to uint64. While this function is not used internally, it behaves incorrectly when passed a value that uint64 does not hold (for such values it will return a max value of uint64). I don't see a reason why you can't directly accept uint64 here.
Recommended Mitigation Steps
Change parameter type to uint64.