Closed sherlock-admin closed 11 months ago
albert
medium
There is no overflow check at QVBaseStrategy._qv_allocate
QVBaseStrategy._qv_allocate
Following lines can easily lead to an overflow if totalCredits is large enough.
totalCredits
uint256 voteResult = _sqrt(totalCredits * 1e18);
voteResult will revert protocol can't be used.
voteResult
Manual Review
set max value for voteResult
1 comment(s) were left on this issue during the judging contest.
n33k commented:
invalid, no valid impact was shown
albert
medium
need overflow check
There is no overflow check at
QVBaseStrategy._qv_allocate
Vulnerability Detail
Following lines can easily lead to an overflow if
totalCredits
is large enough.Impact
voteResult
will revert protocol can't be used.Code Snippet
Tool used
Manual Review
Recommendation
set max value for voteResult