raymondfam
commented
8 months ago solidity ^0.8.0 already has safemath included.
Closed c4-bot-7 closed 8 months ago
raymondfam
commented
8 months ago solidity ^0.8.0 already has safemath included.
c4-pre-sort
commented
8 months ago raymondfam marked the issue as insufficient quality report
c4-pre-sort
commented
8 months ago raymondfam marked the issue as primary issue
c4-judge
commented
8 months ago HickupHH3 marked the issue as unsatisfactory: Insufficient proof
Lines of code
https://github.com/code-423n4/2024-02-ai-arena/blob/main/src/RankedBattle.sol#L218
Vulnerability details
Impact
The value of newDistribution * 10**18 exceeding uint 256 can result in overflow
Proof of Concept
Consider a sample code below: // SPDX-License-Identifier: MIT pragma solidity ^0.8.0;
contract OverflowExample { uint256 public result;
}
Using Hardhat to interact with this contract, a script is written and named oflow-script.js : // scripts/o oflow-script.js async function main() { const OverflowExample = await ethers.getContractFactory("OverflowExample"); const contract = await OverflowExample.deploy(); await contract.deployed();
const largeValue = ethers.constants.MaxUint256; // A large value that would cause overflow
console.log("Calling multiplyBy10Pow18 with a large value..."); await contract.multiplyBy10Pow18(largeValue); console.log("Result:", (await contract.result()).toString()); }
main(); A new hardhat project is created and filled with the solidity code example above(same goes for oflow-script.js). And then npx hardhat run scripts/ovflow-script.js is run
Tools Used
VS Code
Recommended Mitigation Steps
The importation of SafeMath from openzeppelin libaries can remediate issue. It should be noted that the FixedPointMathLib doesn't solve this issue explicitly as there's no fixed multiplication function in the library contract(or else line 220 would have be written as "rankedNrnDistribution[roundId] = newDistribution.fixedMul(10**18)" where fixedMul represented the fixed multiplication function )
Assessed type
Under/Overflow