forge-stream compute_streamed() multiplies rate_per_second by effective_elapsed as i128 — silent truncation when effective_elapsed exceeds i128 max divided by rate

[Austinaminu2]

Summary

In compute_streamed():

let effective_elapsed = raw_elapsed.saturating_sub(paused_time);
stream.rate_per_second * effective_elapsed as i128

effective_elapsed is a u64 cast to i128. If rate_per_second is large and effective_elapsed is large, the multiplication can overflow i128::MAX. Unlike forge-vesting which uses division to bound the result, forge-stream does not cap the multiplication before it occurs. The test_high_rate_near_max test uses rate = i128::MAX / duration specifically to avoid overflow, but intermediate values between these bounds are not tested.

Tasks

• Add a checked_mul call in compute_streamed(): stream.rate_per_second.checked_mul(effective_elapsed as i128).unwrap_or(total)
• Cap the result at total (which is rate * duration) to prevent any overflow reaching callers
• Add a test with rate = i128::MAX / 2 and duration = 3 verifying no overflow occurs
• Add the same check to create_stream() where total = rate_per_second * duration_seconds as i128
• Document the overflow protection in the contract README

Labels: bug, forge-stream, security

[Just-Bamford]

@Just-Bamford has applied to work on this issue as part of the Stellar Wave Program's 4th wave.

Hi, I’d like to work on this issue.

ℹ️ Repo Maintainers: To accept this application, review their application or assign @Just-Bamford to this issue.

[drips-wave]

Congratulations, @Just-Bamford! 🎉 Your application was accepted by the repo's maintainers, and the issue is due on April 29, 2026.

🧑‍💻 @Just-Bamford: Please resolve the issue such that the repo's maintainers have enough time to review your contribution before the due date. You'll earn Points for completing the issue on-time, which will make you eligible for a share of the Stellar Wave Program's reward pool.

Warning

When opening a PR, please link it to this issue to ensure it gets tracked accurately. Points are awarded when this issue is marked as completed by the maintainer.

🤠 Repo maintainers: Please keep an eye on the contributor's progress and review their work before the due date. You can manage this issue, including adjusting its complexity and points, here.

🌊 Happy Wave 🌊

[drips-wave]

This issue has been marked as completed by a Drips Wave moderator for @Just-Bamford as part of the Stellar Wave Program's 4th Wave 🥳

Moderator's reason: [Auto-assessed] The PR #348 successfully addresses all tasks outlined in issue #303, including implementing overflow protection in both create_stream and compute_streamed, adding the requested test case, and updating the documentation. The PR has been merged by a maintainer, signifying acceptance of the work.

😎 @Just-Bamford: You earned 200 Points for completing this issue! After the current Wave ends, you'll be eligible for a percentage of the Wave's reward pool based on the percentage of total points you've earned. Learn more here.

🧑‍💻 Repo maintainers: How'd the contributor do? Leave a review to share your experience working with them.

ℹ️ Note: This issue was marked complete via moderation. Points were issued even though the GitHub issue remains open.