HOTP rolls over after 32bits
While developing my own TOTP implementation I wanted to generate some codes for extreme values and used Authenticator as a "reference" implementation. I noticed that the counter used by Authenticator rolls over when it hits 2^32 (so its probably stored as a uint32_t). While this is a value no normal user is likely to hit ever, its technically wrong because RFC4226 Section 5.1 defines the counter variable as a 8 byte variable.