_Follow along with this video:_ --- ### Unsafe Casting Breakdown There's another issue with the line `totalFees = totalFees + uint64(fee)` that's similar to integer overflow, but a little different. Using `chisel` again, we can see that a max `uint64` is 18446744073709551615. ```bash Welcome to Chisel! Type `!help` to show available commands. ➜ type(uint64).max Type: uint ├ Hex: 0x000000000000000000000000000000000000000000000000ffffffffffffffff └ Decimal: 18446744073709551615 ➜ ``` We've also learnt that adding any to this number is going to wrap around to 0 again, but what happens if we try to cast a larger number into this smaller container? ::image{src='/security-section-4/31-unsafe-casting/unsafe-casting1.png' style='width: 75%; height: auto;'} We can see above that when `20e18` is cast as a `uint64` the returned value is actually the difference between `type(uint64).max` and `20e18`. Our value has wrapped on us again! ```js // twentyEth = 20000000000000000000 // type(uint64).max = 18446744073709551615 // uint64(twenthEth) = 1553255926290448384 ``` This is absolutely something we're calling out in our audit report. Puppy Raffle is at risk of losing so many fees!
Overflow issue: Loss of significant digits due to uint64 casting from uint256, leading to lost fees. Importance of identifying & fixing in audit reports.
Previous lesson
Previous
Next lesson
Next
Give us feedback
Solidity Developer
Smart Contract SecurityDuration: 25min
Duration: 1h 18min
Duration: 35min
Duration: 2h 28min
Duration: 5h 03min
Duration: 5h 22min
Duration: 4h 33min
Duration: 2h 01min
Duration: 1h 40min