Implementing The Exponential Backoff Algorithm To Thwart Dictionary Attacks

In the first iteration of the bit shift, it appears that tcl ends up trying to do a negative shift i.e. prev_attempts =0 so set new_lockout [expr (1 << ($prev_attempts -1))] evaluates to: expr (1 << (0-1)) which is classed as undefined, being a negative number. Should we be adding a rule to catch that prior to evaluating the expression?