Closed code423n4 closed 1 year ago
https://github.com/code-423n4/2023-05-maia/blob/main/src/talos/TalosStrategyVanilla.sol#L111
Downcasting fees collection value from uint256 to uint128 may result in loss of fees for protocol. User and protocol both will get less value in fees when value potentially exceeds uint128 limit and overflow.
VSCode
Avoid downcasting by using method type(uint256).max instead of type(uint128).max.
Under/Overflow
trust1995 marked the issue as unsatisfactory: Insufficient proof
Lines of code
https://github.com/code-423n4/2023-05-maia/blob/main/src/talos/TalosStrategyVanilla.sol#L111
Vulnerability details
Impact
Downcasting fees collection value from uint256 to uint128 may result in loss of fees for protocol. User and protocol both will get less value in fees when value potentially exceeds uint128 limit and overflow.
Proof of Concept
https://github.com/code-423n4/2023-05-maia/blob/main/src/talos/TalosStrategyVanilla.sol#L111
Tools Used
VSCode
Recommended Mitigation Steps
Avoid downcasting by using method type(uint256).max instead of type(uint128).max.
Assessed type
Under/Overflow