Omniscia Redacted Cartel Audit
RLBTRFLY Manual Review Findings
RLBTRFLY Manual Review Findings
RLB-01M: Unsafe Casting Operations
| Type | Severity | Location |
|---|---|---|
| Mathematical Operations |  | RLBTRFLY.sol:L236, L252, L281 |
Description:
The linked statements perform unsafe casting operations to the uint224 and uint32 data types.
Impact:
An unsafe casting operation can cause the value cast to underflow and lead to the overall system misbehaving.
Example:
contracts/core/RLBTRFLY.sol
236uint224 lockAmount = uint224(amount);Recommendation:
Contrary to what one may expect, the built-in safe arithmetics of Solidity (^0.8.X) do not account for casting operations and thus these cases need to be manually handled. We advise the operations to be performed safely via utility functions that check the casted variables against the maximum of each respective type (i.e. type(uint224).max).
Alleviation:
Proper safe casting operations are now utilized by the code ensuring that casting overflows can no longer occur in the referenced statements.