You signed in with another tab or window. Reload to refresh your session.You signed out in another tab or window. Reload to refresh your session.You switched accounts on another tab or window. Reload to refresh your session.Dismiss alert
All balances in MiniMeToken are saved as uint128 in the checkpoints (as
well as total supplies). Since all inputs and calculations are done with uint256, there were no
checks for the uin128 size thus allowing overflows.
While on most tokens such amounts are unrealistic (config dependant on the decimals), this
might also open up an unintended centralization risk that could’ve been avoided (minter can
deliberately zero out someone’s balance - or even the total supply - just by minting, which
shouldn’t be expected).
Current overflow checks are all on uint256 size, so they don’t circumvent this potential issue.
The text was updated successfully, but these errors were encountered:
All balances in MiniMeToken are saved as uint128 in the checkpoints (as
well as total supplies). Since all inputs and calculations are done with uint256, there were no
checks for the uin128 size thus allowing overflows.
While on most tokens such amounts are unrealistic (config dependant on the decimals), this
might also open up an unintended centralization risk that could’ve been avoided (minter can
deliberately zero out someone’s balance - or even the total supply - just by minting, which
shouldn’t be expected).
Current overflow checks are all on uint256 size, so they don’t circumvent this potential issue.
The text was updated successfully, but these errors were encountered: