# Boost \_ Folks Finance 34169 - \[Smart Contract - Low] Potential revert in PythNode library due to inc

Submitted on Tue Aug 06 2024 04:44:59 GMT-0400 (Atlantic Standard Time) by @nnez for [Boost | Folks Finance](https://immunefi.com/bounty/folksfinance-boost/)

Report ID: #34169

Report type: Smart Contract

Report severity: Low

Target: <https://testnet.snowtrace.io/address/0xA758c321DF6Cd949A8E074B22362a4366DB1b725>

Impacts:

* Contract fails to deliver promised returns, but doesn't lose value

## Description

## Description

In the `PythNode` library's `process` function, there's a potential issue with the price calculation logic when dealing with negative exponents from Pyth price feeds. The function attempts to convert a potentially negative `int256` value to `uint256` using the `SafeCast.toUint256()` method, which will always revert for negative inputs.

See: <https://github.com/Folks-Finance/folks-finance-xchain-contracts/blob/main/contracts/oracle/nodes/PythNode.sol>

```solidity
uint256 price = factor > 0
    ? pythData.price.toUint256() * (10 ** factor.toUint256())
    : pythData.price.toUint256() / (10 ** factor.toUint256());
```

When `factor` is negative, the second branch is executed, attempting to convert `factor` to `uint256`. This conversion will invariably fail for negative values, causing the transaction to revert.

See: <https://github.com/OpenZeppelin/openzeppelin-contracts/blob/master/contracts/utils/math/SafeCast.sol#L567-L579>

**Note**: `PythNode` library is a part of `NodeManager.sol` (in-scope asset).

## Impact

The impact of this issue is that it will cause a revert in the `process` function when dealing with price feeds that result in a negative `factor`.

## Rationale for Severity

The severity of this issue is considered **Low** for the following reasons:

1. This branch might be unreachable in the first place as it requires < -18 exponent return from a Pyth node, which is currently non-existent.
2. The affected price feeds might not be integrated with the protocol.

Despite the two reasons mentioned, it's still a techically valid bug and should be fixed.

## Proof of concept

## Proof-of-Concept

### Requirement

* chisel 0.2.0 (3ae4f50 2024-07-07T00:21:48.451168337Z)

### Steps

1. Run `git clone https://github.com/Folks-Finance/folks-finance-xchain-contracts.git`
2. Run `cd folks-finance-xchain-contracts`
3. Run `chisel` inside the directory
4. Run below code, **line by line** in the REPL

```
import "@openzeppelin/contracts/utils/math/SafeCast.sol";
using SafeCast for int256;
int256 factor = -1;
factor.toUint256();
```

5. Observe that it reverts when trying to convert `factor` to `uint256`


---

# Agent Instructions: Querying This Documentation

If you need additional information that is not directly available in this page, you can query the documentation dynamically by asking a question.

Perform an HTTP GET request on the current page URL with the `ask` query parameter:

```
GET https://reports.immunefi.com/folks-finance/boost-_-folks-finance-34169-smart-contract-low-potential-revert-in-pythnode-library-due-to-incorrect.md?ask=<question>
```

The question should be specific, self-contained, and written in natural language.
The response will contain a direct answer to the question and relevant excerpts and sources from the documentation.

Use this mechanism when the answer is not explicitly present in the current page, you need clarification or additional context, or you want to retrieve related documentation sections.