The protocol uses potentially dangerous downcasting to uint32 for retrieving time when need it. Downcasting the block timestamp to uint32 will cause an overflow and protocol misbehavior from the 07 February 2106.
Although the likelihood of this issue is low the potential threat would appear decades in future. I recommand to use bigger data type (eg. using uint40 seems to be way enougth)
Lines of code
https://github.com/code-423n4/2023-01-drips/blob/main/src/Drips.sol#L1129
Vulnerability details
Impact
The protocol uses potentially dangerous downcasting to uint32 for retrieving time when need it. Downcasting the block timestamp to uint32 will cause an overflow and protocol misbehavior from the 07 February 2106.
Proof of Concept
In Drips.sol contract L1129
Example in Drips.sol for getting the current cycle start timestamp L1135
Tools Used
Reading the code
Recommended Mitigation Steps
Although the likelihood of this issue is low the potential threat would appear decades in future. I recommand to use bigger data type (eg. using uint40 seems to be way enougth)