sherlock-audit / 2023-09-Gitcoin-judging

11 stars 7 forks source link

Closed sherlock-admin closed 11 months ago

sherlock-admin commented 11 months ago

albert

medium

need overflow check

There is no overflow check at QVBaseStrategy._qv_allocate

Following lines can easily lead to an overflow if totalCredits is large enough.

        uint256 voteResult = _sqrt(totalCredits * 1e18);

voteResult will revert protocol can't be used.

Manual Review

set max value for voteResult

sherlock-admin commented 11 months ago

1 comment(s) were left on this issue during the judging contest.

n33k commented:

invalid, no valid impact was shown