Skip to content

improve: [L08] Add comment about shutting down contract before uint32 timestamps roll over in year 2106 #95

New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom
Merged
merged 4 commits into from
Mar 15, 2022
Merged

improve: [L08] Add comment about shutting down contract before uint32 timestamps roll over in year 2106 #95

merged 4 commits into from
Mar 15, 2022

Conversation

@nicholaspai
Copy link
Member

@nicholaspai nicholaspai commented Mar 15, 2022
edited
Loading

Issue:

  • [L08] Time is cast unsafely
    • In the HubPool function _updateAccumulatedLpFees, the return value of getCurrentTime() is cast to
      a uint32 value. This means that the value will be truncated to fit within 32 bits, and at some point
      around Feb 6, 2106, it will "roll over" and the value returned by casting to uint32 will drop down to 0.
      This will set pooledToken.lastLpFeeUpdate to a much lower number than the previous
      lastLpFeeUpdate. Any subsequent time _getAccumulatedFees is called, the
      timeFromLastInteraction calculation will be exceedingly high, and all "undistributed" fees will be
      accounted for as accumulated.
    • Again, note that this issue will only occur starting in the year 2106. Consider changing the size of the
      cast from uint32 to a larger number, like uint64. This should be more than enough to not encounter
      limits within a reasonably distant future. Alternatively, consider documenting the behavior and defining
      a procedure for what to do if the system is still in operation when the uint32 limit is hit, or for shutting
      down the system before the year 2106.

Solution:

  • We use uint32 time-related variables to save gas costs by packing variables smartly, and we do intend to deprecate this contract by 2106. So we add a disclaimer at the top of the contract that it should be deprecated by 2106 and steps for doing so.

@nicholaspai nicholaspai added the OZ Audit - March Resolves issue discovered in March 2022 OZ Audit label Mar 15, 2022
@nicholaspai nicholaspai changed the title improve: Change time-related variables to type uint64 improve: [L08] Change time-related variables to type uint64 Mar 15, 2022
@nicholaspai nicholaspai changed the title improve: [L08] Change time-related variables to type uint64 improve: [L08] Add comment about shutting down contract before uint32 timestamps roll over in year 2106 Mar 15, 2022
mrice32
mrice32 approved these changes Mar 15, 2022
View reviewed changes
Copy link
Contributor

@mrice32 mrice32 left a comment

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

LGTM!

@nicholaspai nicholaspai merged commit bffa1e1 into master Mar 15, 2022
@nicholaspai nicholaspai deleted the npai/uint64-time branch March 15, 2022 17:17
This was referenced Apr 6, 2022
Merged
Merged
@chrismaree chrismaree mentioned this pull request Apr 20, 2022
Merged
This was referenced May 3, 2022
Merged
Merged
Merged
@chrismaree chrismaree mentioned this pull request May 10, 2022
Merged
This was referenced May 17, 2022
Merged
Merged
Merged
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment

Reviewers

@mrice32 mrice32 mrice32 approved these changes

@chrismaree chrismaree Awaiting requested review from chrismaree

Assignees

No one assigned

Labels

OZ Audit - March Resolves issue discovered in March 2022 OZ Audit

Projects

None yet

Milestone

No milestone

Development

Successfully merging this pull request may close these issues.

3 participants

@nicholaspai @mrice32