Closed code423n4 closed 2 years ago
This does not makes sense in this case, as hash transform bytes32
to uint256
, which is totally compatible. Int variables in Solidity are not used.
hash
is bytes32. It has the same size as uint (uint256). It's safe to cast without additional checks.
Agree with the sponsor that the cast is safe, marking as invalid
Lines of code
https://github.com/skalenetwork/ima-c4-audit/blob/11d6a6ae5bf16af552edd75183791375e501915f/contracts/schain/bls/SkaleVerifier.sol#L100
Vulnerability details
use openzeppilin's safeCast in: