Closed sherlock-admin2 closed 7 months ago
krkba
medium
_secondsPerBlock
There is possibility to Integer over flow attack, as example in _secondsPerBlock if it set more than maximum value of uint256 or less than minimum value of uint256.
uint256
It may produce unexpected results, leading to incorrect calculations.
https://github.com/sherlock-audit/2023-11-covalent/blob/main/cqt-staking/contracts/BlockSpecimenProofChain.sol#L20
Manual Review
Use safe math to prevent such things.
1 comment(s) were left on this issue during the judging contest.
takarez commented:
invalid
Invalid, not reasonable to set such a high secondsperBlock.
krkba
medium
Possible Integer Over Flow in
_secondsPerBlock
krkba
Summary
Vulnerability Detail
There is possibility to Integer over flow attack, as example in
_secondsPerBlock
if it set more than maximum value ofuint256
or less than minimum value ofuint256
.Impact
It may produce unexpected results, leading to incorrect calculations.
Code Snippet
https://github.com/sherlock-audit/2023-11-covalent/blob/main/cqt-staking/contracts/BlockSpecimenProofChain.sol#L20
Tool used
Manual Review
Recommendation
Use safe math to prevent such things.