What happened?
There is a logic flaw in the reward calculation within the Wallet RPC API. The code performs subtraction on unsigned integers without prior validation, which can result in an integer underflow. This causes the RPC to report an astronomical farmed amount (~18.4 Quintillion mojos) if the record amount is less than the base farmer reward.
What happened?
Steps to reproduce:
Locate chia/wallet/wallet_rpc_api.py around line 2979.
The code calculates fees using: fee_amount += record.amount - base_farmer_reward.
In scenarios where a FEE_REWARD record exists with an amount < base_farmer_reward (e.g., local DB corruption, legacy sync data, or chain reorg artifacts), the subtraction results in a negative value.
Since the result is later cast to uint64, it triggers an underflow.
Expected Result:
The calculation should include a safety check or be clamped to zero to prevent underflow and ensure data integrity.
Actual Result:
The RPC returns 18,446,744,073,709,551,615 mojos, leading to critical misreporting in the UI and 3rd-party accounting tools.
Version
Latest Stable (Confirmed by source code audit of current main branch)
What platform are you using?
Windows
What ui mode are you using?
CLI
Relevant log output
# Location: chia/wallet/wallet_rpc_api.py
# Current vulnerable code:
fee_amount += record.amount - base_farmer_reward
# Proposed fix:
fee_amount += max(0, record.amount - base_farmer_reward)
What happened?
There is a logic flaw in the reward calculation within the Wallet RPC API. The code performs subtraction on unsigned integers without prior validation, which can result in an integer underflow. This causes the RPC to report an astronomical farmed amount (~18.4 Quintillion mojos) if the record amount is less than the base farmer reward.
What happened?
Steps to reproduce:
Locate chia/wallet/wallet_rpc_api.py around line 2979.
The code calculates fees using: fee_amount += record.amount - base_farmer_reward.
In scenarios where a FEE_REWARD record exists with an amount < base_farmer_reward (e.g., local DB corruption, legacy sync data, or chain reorg artifacts), the subtraction results in a negative value.
Since the result is later cast to uint64, it triggers an underflow.
Expected Result:
The calculation should include a safety check or be clamped to zero to prevent underflow and ensure data integrity.
Actual Result:
The RPC returns 18,446,744,073,709,551,615 mojos, leading to critical misreporting in the UI and 3rd-party accounting tools.
Version
Latest Stable (Confirmed by source code audit of current main branch)
What platform are you using?
Windows
What ui mode are you using?
CLI
Relevant log output