Skip to content

Files

Latest commit

493f04f · Jan 3, 2018

History

History
This branch is up to date with pertsev/solidity_tricks:master.

ImplicitMath

Implicit Math.

Description:

Does the SafeMath really safe? Yes, more or less... there is one thing developer should remember - SafeMath cares about overflows only. But for division of integers, some kind of round-off error is also possible - usual behavior of EVM is just discard fraction part of quotient. So, if developer doesn't consider it, he may(will) make a mistake like in this example.

To reproduce:

  1. Copy-paste contracts to remix (or use Connect to localhost feature) and deploy Crowdsale contract.
  2. Call purchase with 0.444444444444444444 ether as value.
  3. Check your balance. It is 88 instead of 88.8888888888888888.

Notice, this bug is no easy to detect by testing even. It's just because people seek to choose numbers for division to avoid fraction part at all (especially before a deadline).

Fix: swap div and mul at line 44.

*the example inspired by actual practice of smart contract code audit.