We noticed a potential overflow issue ( overflow while casting uint64 to int64 )that passed ValidateBasic and caused a protocol panic here when users withdraw with a fee greater than Max.int64.
Solution: In ValidateTickFee we ensure that fee < MaxTickExp. This makes it impossible to overflow or wrap the tick uint
jcompagni10
commented
2 months ago
From ottersec:
We noticed a potential overflow issue ( overflow while casting uint64 to int64 )that passed ValidateBasic and caused a protocol panic here when users withdraw with a fee greater than Max.int64.
Solution: In ValidateTickFee we ensure that fee < MaxTickExp. This makes it impossible to overflow or wrap the tick uint