Skip to content
This repository was archived by the owner on Dec 31, 2023. It is now read-only.

n1punp - FeeGrowthInside calculation doesn't allow overflowing/underflowing #1

Closed
sherlock-admin opened this issue Jun 25, 2023 · 9 comments
Closed

n1punp - FeeGrowthInside calculation doesn't allow overflowing/underflowing #1

sherlock-admin opened this issue Jun 25, 2023 · 9 comments
Labels
Disagree With (non-)Duplication The sponsor disputed the duplication state of this issue Duplicate A valid issue that is a duplicate of an issue with `Has Duplicates` label Escalation Resolved This issue's escalations have been approved/rejected Medium A valid Medium severity issue Reward A payout will be made for this issue Sponsor Confirmed The sponsor acknowledged this issue is valid Will Fix The sponsor confirmed this issue will be fixed

Comments

@sherlock-admin
Copy link
Contributor

sherlock-admin commented Jun 25, 2023
edited by hrishibhat
Loading

n1punp

high

FeeGrowthInside calculation doesn't allow overflowing/underflowing

Summary

When calculating feeGrowthInside , the calculation doesn't allow overflowing/underflowing.

Vulnerability Detail

When calculating feeGrowthInside , the calculation doesn't allow overflowing/underflowing. See more details in Uniswap/v3-core#573

Impact

Calculation can revert in some situations, causing the transactions to revert, including deposit function.

Code Snippet

https://github.com/sherlock-audit/2023-06-real-wagmi/blob/main/concentrator/contracts/Multipool.sol#L668-L690

Tool used

Manual Review

Recommendation

  • Use unchecked in the calculation to allow under/overflow.

Duplicate of #46
@github-actions github-actions bot added the Excluded Excluded by the judge without consulting the protocol or the senior label Jun 28, 2023
@fann95 fann95 added Sponsor Confirmed The sponsor acknowledged this issue is valid Will Fix The sponsor confirmed this issue will be fixed Disagree With (non-)Duplication The sponsor disputed the duplication state of this issue Medium A valid Medium severity issue labels Jul 3, 2023
@ctf-sec
Copy link
Collaborator

ctf-sec commented Jul 4, 2023

Valid medium based on Uniswap/v3-core#573

@sherlock-admin sherlock-admin added Low/Info A valid Low/Informational severity issue Non-Reward This issue will not receive a payout and removed Medium A valid Medium severity issue Excluded Excluded by the judge without consulting the protocol or the senior labels Jul 12, 2023
@sherlock-admin
Copy link
Contributor Author

sherlock-admin commented Jul 12, 2023
edited
Loading

Escalate

Medium severity is okay, per @ctf-sec . But this should be a valid issue.

You've deleted an escalation for this issue.

@sherlock-admin sherlock-admin added Escalated This issue contains a pending escalation and removed Escalated This issue contains a pending escalation labels Jul 12, 2023
@n1punp
Copy link

n1punp commented Jul 12, 2023
edited
Loading

Escalate

Same as #46

@sherlock-admin
Copy link
Contributor Author

sherlock-admin commented Jul 12, 2023
edited
Loading

Escalate

Same as #46

You've created a valid escalation!

To remove the escalation from consideration: Delete your comment.

You may delete or edit your escalation comment anytime before the 48-hour escalation window closes. After that, the escalation becomes final.

@sherlock-admin sherlock-admin added the Escalated This issue contains a pending escalation label Jul 12, 2023
@n1punp n1punp mentioned this issue Jul 14, 2023
Open
@ctf-sec
Copy link
Collaborator

ctf-sec commented Jul 24, 2023

Agree with escalation, this is a duplicate of #46

@hrishibhat hrishibhat added Medium A valid Medium severity issue and removed Low/Info A valid Low/Informational severity issue labels Aug 5, 2023
@hrishibhat
Copy link

Result:
Medium
Duplicate of #46

@sherlock-admin2 sherlock-admin2 removed the Escalated This issue contains a pending escalation label Aug 5, 2023
@sherlock-admin sherlock-admin added the Escalation Resolved This issue's escalations have been approved/rejected label Aug 5, 2023
@sherlock-admin2
Copy link

Escalations have been resolved successfully!

Escalation status:

@fann95
Copy link

fann95 commented Aug 14, 2023

fixed: https://github.com/RealWagmi/concentrator/blob/9036fe43b0de2694a0c5e18cfe821d40ce17a9b8/contracts/Multipool.sol#L675

@sherlock-admin2 sherlock-admin2 added Duplicate A valid issue that is a duplicate of an issue with `Has Duplicates` label Reward A payout will be made for this issue and removed Non-Reward This issue will not receive a payout labels Aug 17, 2023
@0xffff11
Copy link
Collaborator

Fixed by adding unchecked several times to all the calculations to allow under/overflowing as it is intended for uniswap libs. Also, instead of using that many unchecked, sponsor could use one, but scope all the code. Regardless, it is also fixed this way.

Sign up for free to subscribe to this conversation on GitHub. Already have an account? Sign in.
Assignees
No one assigned
Labels
Disagree With (non-)Duplication The sponsor disputed the duplication state of this issue Duplicate A valid issue that is a duplicate of an issue with `Has Duplicates` label Escalation Resolved This issue's escalations have been approved/rejected Medium A valid Medium severity issue Reward A payout will be made for this issue Sponsor Confirmed The sponsor acknowledged this issue is valid Will Fix The sponsor confirmed this issue will be fixed
Projects
None yet
Milestone
No milestone
Development

No branches or pull requests
7 participants
@fann95 @n1punp @hrishibhat @sherlock-admin @ctf-sec @0xffff11 @sherlock-admin2