141345
commented
1 year ago invalid
Closed code423n4 closed 1 year ago
141345
commented
1 year ago invalid
c4-pre-sort
commented
1 year ago 141345 marked the issue as duplicate of #260
c4-judge
commented
1 year ago 0xean marked the issue as unsatisfactory: Invalid
Lines of code
https://github.com/code-423n4/2023-07-arcade/blob/f8ac4e7c4fdea559b73d9dd5606f618d4e6c73cd/contracts/ArcadeTreasury.sol#L303-L323
Vulnerability details
Description
The setGSCAllowance function in the ArcadeTreasury contract contains an unchecked cast of block.timestamp to uint48, which can lead to an overflow vulnerability. The function updates the GSC (Generalized State Channel) allowance for a specific token. However, block.timestamp is a uint256 value representing the current block timestamp in seconds since the epoch. When casting block.timestamp to uint48, it is essential to ensure that the value is within the valid range (0 to 2^48-1), as exceeding this range will cause an overflow and wrap-around behavior. An attacker could potentially exploit this vulnerability to manipulate the GSC allowance or disrupt the contract's intended functionality.
Impact
If the block.timestamp value exceeds the valid range for uint48, the cast will result in an overflow, leading to unintended behavior, potentially disrupting the contract's allowance management. An attacker may exploit this vulnerability to bypass intended restrictions on the GSC allowance or cause unpredictable states in the contract.
Tools Used
Manual Review
Recommended Mitigation Steps
To mitigate this potential vulnerability, you should ensure that the block.timestamp value is within the valid range before performing the cast. One way to do this is by checking if block.timestamp is less than or equal to uint48(-1) before casting it to uint48.
// Check if block.timestamp is within the valid range before casting require(block.timestamp <= uint48(-1), "Invalid block.timestamp value");
Assessed type
Under/Overflow