c4-judge
commented
4 months ago Picodes marked the issue as satisfactory
Closed c4-judge closed 4 months ago
c4-judge
commented
4 months ago Picodes marked the issue as satisfactory
c4-judge
commented
4 months ago Picodes marked the issue as duplicate of #341
c4-judge
commented
4 months ago Picodes changed the severity to 3 (High Risk)
Judge has assessed an item in Issue #957 as 2 risk. The relevant finding follows:
function testVirtualRewardOverflow() public { // prepare arrays that are used multiple times in the test AddedReward[] memory addedRewards = new AddedReward; addedRewards[0] = AddedReward(poolIDs[0], 10 ether); bytes32[] memory claimPools = new bytes32; claimPools[0] = poolIDs[0];
uint256 cooldown = stakingConfig.modificationCooldown();
// Alice stakes vm.prank(DEPLOYER); stakingRewards.externalIncreaseUserShare(alice, poolIDs[0], 1, true);
// add rewards stakingRewards.addSALTRewards(addedRewards);
vm.warp(block.timestamp + cooldown);
// Alice stakes vm.prank(DEPLOYER); // approx. 7.5 * 1e18 (value was found using Foundry fuzzing) stakingRewards.externalIncreaseUserShare(alice, poolIDs[0], 7488136320796573910, true);
vm.warp(block.timestamp + cooldown);
// Alice stakes, causing an overflow vm.expectRevert(stdError.arithmeticError); vm.prank(DEPLOYER); // approx. 94.6 * 1e18 (value was found using Foundry fuzzing) stakingRewards.externalIncreaseUserShare(alice, poolIDs[0], 94596573755484965130, true); }