# Attackathon \_ Fuel Network 33303 - \[Smart Contract - Medium] Incorrect sign change Submitted on Wed Jul 17 2024 10:37:38 GMT-0400 (Atlantic Standard Time) by @shadowHunter for [Attackathon | Fuel Network](https://immunefi.com/bounty/fuel-network-attackathon/) Report ID: #33303 Report type: Smart Contract Report severity: Medium Target: Impacts: * Compiler bug ## Description This is a compiler bug since resulting value 0 sign is changed to negative. This library are meant to be used by third party apps as mentioned by Fuel team in github page ## Brief/Intro It seems that if you are adding same number with different sign then resulting 0 sign is changed which is not correct ## Vulnerability Details 1. If `add` is called using number 3 and -3 then result should be 0 with positive sign 2. But since 3>3 is false so condition move to else condition which changes the sign even though it was not required ``` if self.underlying > other.underlying { underlying = self.underlying - other.underlying; } else { underlying = other.underlying - self.underlying; non_negative = false; } ``` 4. Ideally the condition should be `if self.underlying >= other.underlying` ## Impact Details Result will be with incorrect sign ## References ## Proof of concept ## Proof of Concept ``` script; use sway_libs::fixed_point::ifp64::IFP64; use std::assert::assert; fn main() -> bool { let num = IFP64::from_uint(42_u32); let num2 = IFP64::from_uint(42_u32); let mut res = num + num2.sign_reverse(); // fails since resulting 0 has -ve sign assert(res.non_negative()); true } ``` --- # Agent Instructions: Querying This Documentation If you need additional information that is not directly available in this page, you can query the documentation dynamically by asking a question. Perform an HTTP GET request on the current page URL with the `ask` query parameter: ``` GET https://reports.immunefi.com/fuel-network-or-attackathon/attackathon-_-fuel-network-33303-smart-contract-medium-incorrect-sign-change.md?ask= ``` The question should be specific, self-contained, and written in natural language. The response will contain a direct answer to the question and relevant excerpts and sources from the documentation. Use this mechanism when the answer is not explicitly present in the current page, you need clarification or additional context, or you want to retrieve related documentation sections.