# #48885 \[SC-Low] No items length check in remove\_item leads to a revert with an underflow

**Submitted on Jul 8th 2025 at 18:32:15 UTC by @j3x for** [**Audit Comp | Folks Smart Contract Library**](https://immunefi.com/audit-competition/folks-sc-library)

* **Report ID:** #48885
* **Report Type:** Smart Contract
* **Report severity:** Low
* **Target:** <https://github.com/Folks-Finance/algorand-smart-contract-library/blob/main/contracts/library/UInt64SetLib.py>
* **Impacts:**

## Description

## Brief/Intro

No items length check in remove\_item leads to a revert with an underflow.

## Vulnerability Details

In `UInt64SetLib::remove_item()`, the items array length is not verified to be a non-zero value, and the function will directly proceed to subtract from it:

```python
def remove_item(to_remove: UInt64, items: DynamicArray[ARC4UInt64]) -> Tuple[Bool, DynamicArray[ARC4UInt64]]:
    last_idx = items.length - 1
...
```

If the items array is empty, this will lead to a subtration from a 0 uint64, which causes a panic.

## Impact Details

Contradicts with the system's best design, as it proceeds to directly subtracts from a length of 0, causing a revert with an underflow.

## References

<https://github.com/Folks-Finance/algorand-smart-contract-library/blob/main/contracts/library/UInt64SetLib.py#L32C1-L33C32>

## Proof of Concept

## Proof of Concept

* The function `remove_item()` is called with an empty `items` array.
* This will lead to an underflow, causing a panic, which reverts the transaction

## Mitigation

add the following lines before subtracting:

```python
    if items.length == 0:
        return Bool(False), items.copy()
```

This will return peacefully in case on an empty set.


---

# Agent Instructions: Querying This Documentation

If you need additional information that is not directly available in this page, you can query the documentation dynamically by asking a question.

Perform an HTTP GET request on the current page URL with the `ask` query parameter:

```
GET https://reports.immunefi.com/folks-smart-contract-library/48885-sc-low-no-items-length-check-in-remove_item-leads-to-a-revert-with-an-underflow.md?ask=<question>
```

The question should be specific, self-contained, and written in natural language.
The response will contain a direct answer to the question and relevant excerpts and sources from the documentation.

Use this mechanism when the answer is not explicitly present in the current page, you need clarification or additional context, or you want to retrieve related documentation sections.