overflow caused by uint32(block.timestamp) breaks roll()

Summary

An explicit conversion of block.timestamp to uint32 can cause overflow in the year of 2106.

Vulnerability Detail

block.timestamp returns a uint256 which has the value of the seconds that has elapsed since unix epoch. By casting the return to uint32, the maximum that will be allowed is 4294967295 which is February 7, 2106 6:28:16 AM. Once it goes after this date, uint32(block.timestamp) will overflow which will cause lastSettle to be reseted to 0. This breaks the roll() functionality as else if (lastSettle + cooldown > block.timestamp) will always return True and thus causing a revert.

Impact

User will be unable to roll the AutoRoller to the next series.

Code Snippet

AutoRoller.sol#L154-L167


    function roll() external {
        if (maturity != MATURITY_NOT_SET) revert RollWindowNotOpen();

        if (lastSettle == 0) {
            // If this is the first roll, lock some shares in by minting them for the zero address.
            // This prevents the contract from reaching an empty state during future active periods.
            deposit(firstDeposit, address(0));
        } else if (lastSettle + cooldown > block.timestamp) {
            revert RollWindowNotOpen();
        }

        lastRoller = msg.sender;
        adapter.openSponsorWindow();
    }

AutoRoller.sol#L320

        lastSettle = uint32(block.timestamp);

Tool used

Manual Review

Recommendation

remove uint32 explicit casting as lastSettle is in uint256 and therefore it is not necessary to cast it explicitly

        //lastSettle = uint32(block.timestamp);
          lastSettle = block.timestamp;

sherlock-audit / 2022-11-sense-judging

koxuan - overflow caused by uint32(block.timestamp) breaks roll() #23