Arithmetic Error risk in VotingEscrow::_find_block_epoch() function
Vulnerability Detail
The problem here is that integer division truncates the result towards zero. In the binary search algorithm,
it's essential to calculate the midpoint (_mid) by rounding up, not down, to ensure that the algorithm converges correctly. This error can lead to inaccurate estimates of the timestamp for a given block number. Specifically, the binary search algorithm used in this function is designed to find the closest epoch in the point_history array based on the provided block number. If there are arithmetic errors in the calculations, it can result in the function returning an incorrect epoch value.
This modification ensures that the midpoint _mid is calculated correctly by rounding up, which is crucial for the binary search algorithm to work accurately. modify it like this :
sonny2k
Medium
Arithmetic Error risk in VotingEscrow::_find_block_epoch() function
Vulnerability Detail
The problem here is that integer division truncates the result towards zero. In the binary search algorithm, it's essential to calculate the midpoint (_mid) by rounding up, not down, to ensure that the algorithm converges correctly. This error can lead to inaccurate estimates of the timestamp for a given block number. Specifically, the binary search algorithm used in this function is designed to find the closest epoch in the point_history array based on the provided block number. If there are arithmetic errors in the calculations, it can result in the function returning an incorrect epoch value.
Impact
Incorrect epoch value is returned.
Code Snippet
https://github.com/sherlock-audit/2024-06-velocimeter/blob/main/v4-contracts/contracts/VotingEscrow.sol#L1002
POC : Ref : https://ethereum.stackexchange.com/questions/7169/binary-search-in-solidity-arrays
Tool used
Manual Review
Recommendation
Duplicate of #339