It could cause an integer underflow when calculating the reward fraction, resulting in the attacker getting more rewards than intended. True or false, explain in details, show relevant code and explain proof of co
The RewardLib.fractionalReward() takes _elapsedSeconds as one of its parameters. If an attacker provides a very large _elapsedSeconds value near UINT64_MAX, when it is subtracted from _auctionDurationSeconds, it could underflow and become a very small number.
Manual
add a check to ensure _elapsedSeconds is less than _auctionDurationSeconds before calling RewardLib.fractionalReward():
Under/Overflow
The text was updated successfully, but these errors were encountered:
All reactions