Judge has assessed an item in Issue #957 as 2 risk. The relevant finding follows:
function testVirtualRewardOverflow() public {
// prepare arrays that are used multiple times in the test
AddedReward[] memory addedRewards = new AddedReward;
addedRewards[0] = AddedReward(poolIDs[0], 10 ether);
bytes32[] memory claimPools = new bytes32;
claimPools[0] = poolIDs[0];
// Alice stakes
vm.prank(DEPLOYER);
// approx. 7.5 * 1e18 (value was found using Foundry fuzzing)
stakingRewards.externalIncreaseUserShare(alice, poolIDs[0], 7488136320796573910, true);
vm.warp(block.timestamp + cooldown);
// Alice stakes, causing an overflow
vm.expectRevert(stdError.arithmeticError);
vm.prank(DEPLOYER);
// approx. 94.6 * 1e18 (value was found using Foundry fuzzing)
stakingRewards.externalIncreaseUserShare(alice, poolIDs[0], 94596573755484965130, true);
}
Judge has assessed an item in Issue #957 as 2 risk. The relevant finding follows:
function testVirtualRewardOverflow() public { // prepare arrays that are used multiple times in the test AddedReward[] memory addedRewards = new AddedReward; addedRewards[0] = AddedReward(poolIDs[0], 10 ether); bytes32[] memory claimPools = new bytes32; claimPools[0] = poolIDs[0];
uint256 cooldown = stakingConfig.modificationCooldown();
// Alice stakes vm.prank(DEPLOYER); stakingRewards.externalIncreaseUserShare(alice, poolIDs[0], 1, true);
// add rewards stakingRewards.addSALTRewards(addedRewards);
vm.warp(block.timestamp + cooldown);
// Alice stakes vm.prank(DEPLOYER); // approx. 7.5 * 1e18 (value was found using Foundry fuzzing) stakingRewards.externalIncreaseUserShare(alice, poolIDs[0], 7488136320796573910, true);
vm.warp(block.timestamp + cooldown);
// Alice stakes, causing an overflow vm.expectRevert(stdError.arithmeticError); vm.prank(DEPLOYER); // approx. 94.6 * 1e18 (value was found using Foundry fuzzing) stakingRewards.externalIncreaseUserShare(alice, poolIDs[0], 94596573755484965130, true); }