c4-judge
commented
1 year ago trust1995 marked the issue as unsatisfactory: Insufficient proof
Closed code423n4 closed 1 year ago
c4-judge
commented
1 year ago trust1995 marked the issue as unsatisfactory: Insufficient proof
Lines of code
https://github.com/code-423n4/2023-05-maia/blob/main/src/talos/TalosStrategyVanilla.sol#L111
Vulnerability details
Impact
Downcasting fees collection value from uint256 to uint128 may result in loss of fees for protocol. User and protocol both will get less value in fees when value potentially exceeds uint128 limit and overflow.
Proof of Concept
https://github.com/code-423n4/2023-05-maia/blob/main/src/talos/TalosStrategyVanilla.sol#L111
Tools Used
VSCode
Recommended Mitigation Steps
Avoid downcasting by using method type(uint256).max instead of type(uint128).max.
Assessed type
Under/Overflow