cmichel
The IndexPool.burn/burnSingle/swap/flashSwap functions all perform unsafe type casts to uint120 without checking if the values actually fit into 120 bits.
Unlike mint, these functions have other require statements and checks that don’t seem to directly lead to exploits.
The safe type casts should still be implemented for additional security.
A SafeCast library must be used everywhere a typecast is done.
The text was updated successfully, but these errors were encountered:
All reactions