Type cast with underflow doesn't throw an error / revert
Vulnerability Detail
Even though Solidity 0.8.x is used, type casts do not throw an error. A SafeCast library must be used everywhere a typecast is done. SafeCast Reference.
Impact
Wrong values used for index as underflow doesn't revert on cast affecting correct votation
Deivitto
medium
Wrong index on
_fundingVoteWrong index on
_fundingVoteSummary
Type cast with underflow doesn't throw an error / revert
Vulnerability Detail
Even though Solidity 0.8.x is used, type casts do not throw an error. A SafeCast library must be used everywhere a typecast is done. SafeCast Reference.
Impact
Wrong values used for index as underflow doesn't revert on cast affecting correct votation
Proof of Concept
_fundingVoteis a internal function used at GrantFund.sol#L141. Inside of it, we find:_findProposalIndexcan return -1 if not index found, leading to an underflow of a uint256 value, what will be a wrong value for the index.Code Snippet
https://github.com/sherlock-audit/2023-01-ajna/blob/main/ecosystem-coordination/src/grants/base/StandardFunding.sol#L377
https://github.com/sherlock-audit/2023-01-ajna/blob/main/ecosystem-coordination/src/grants/base/StandardFunding.sol#L520-L534
https://github.com/sherlock-audit/2023-01-ajna/blob/main/ecosystem-coordination/src/grants/GrantFund.sol#L141
Tool used
Manual Review
Recommendation
Use safeCast library for conversions that can overflow / underflow