shealtielanz - Unsafe casting of int256 to uint256 could lead to overflow and Incorrect calculation.

[sherlock-admin]

shealtielanz

medium

Unsafe casting of int256 to uint256 could lead to overflow and Incorrect calculation.

Summary

In the LiquidatePartyB function, its logic tree does a check that involves an unsafe casting an init to a uint256 which can lead to and overflow and a wrong values checked.

Vulnerability Detail

In the LiquidatePartyB function

    int256 availableBalance = LibAccount.partyBAvailableBalanceForLiquidation(
        upnlSig.upnl,
        partyB,
        partyA
    );

    require(availableBalance < 0, "LiquidationFacet: partyB is solvent");
    uint256 liquidatorShare;
    uint256 remainingLf;
    if (uint256(-availableBalance) < accountLayout.partyBLockedBalances[partyB][partyA].lf) {
        remainingLf =

Casting an Init to uint this way will cause a silent flow where the value is change.

Impact

This could lead to incorrect value checks and could be exploited to manipulate the liquation of Party B.

Code Snippet

• https://github.com/sherlock-audit/2023-06-symmetrical/blob/main/symmio-core/contracts/facets/liquidation/LiquidationFacetImpl.sol#L259C1-L260C26

  Tool used

Manual Review

Recommendation

Make use of a sol's safeCast Library when casting.