HomeCryptoCommon Smart Contract Mistakes and how you can avoid them.

Common Smart Contract Mistakes and how you can avoid them.


A summary of some prevalent mistakes Smart Contract Developers make and how to avoid them.

https://pirimidtech.com/wp-content/uploads/2022/02/smart-contract-1.png

Integer Overflow and Underflow

So this is one of the most common mistakes a developer can make while creating a smart contract. This attack happens when you decrement a uint below 0 or increment it above 2²⁵⁶. Usually, the value then wraps around the variable giving rise to many bugs as well as attacks on the smart contract, in the recent versions of solidity, it throws an Error. I have seen this mistake made in production-level code as well. You can avoid it very easily using the SafeMath library that is created by Openzepplin (https://docs.openzeppelin.com/contracts/2.x/api/math#:~:text=SafeMath,in%20high%20level%20programming%20languages).

Here is some sample code, you can check it out in remix to get an idea of what really happens when you increment and decrement.

pragma solidity 0.8.0;

contract ChangeBalance {
uint8 public balance;

function decrease() public {
balance--;
}

function increase() public {
balance++;
}
}

Forgetting about some minor Gas Optimizations

This is also one of the mistakes that I have found in production-level code. They take care of the major gas optimizations but always forget some small gas optimizations. They may look small individually but in a large codebase, these have the potential to snowball into some major costs. For Example, look at the code below.

function calculateSomething(){
bool someCheck = someRandomCheck();
if(someCheck){
revert();
}
return 0;
}

Can you tell what the optimization could be in there ??

The variable someCheck is used only once in the function, so this in turn makes the code take up more gas as it also saves the value returned by the function returned by someRandomCheck. A more optimized version of this could be like this

function calculateSomething(){

if(someRandomCheck()){
revert();
}
return 0;
}

This function doesn’t save the variable but just calls the function directly so no gas is used in saving the returned value in an extra variable.

Not Following the Design Patterns

This is a very important point, following the Solidity Design Patterns can save or break your code. Following the design Patterns can literally save your code from a majority of smart contract exploits. This is a really good read for the, do check this out if you want to learn more about the Design Patterns: https://fravoll.github.io/solidity-patterns/

Not Using Gas Optimization and Vulnerability Detection Tools

There are many tools like slither Slither, Security, SmartCheck, etc. These tools help you find vulnerabilities, gas optimizations, and suggestions based on famous design patterns. Also, no matter, how much of a pro you are, everyone is bound to make mistakes. These tools help in discovering those mistakes even if they are not detected by you. You can check out more tools for your smart contract here: https://www.getsecureworld.com/blog/top-10-solidity-smart-contract-audit-tools/

Sorry, this post is a little late, I promise to be consistent from now on. Give me a follow if you found the content helpful. I promise to eat your brain with random posts, every week. Cheers, and have a nice day, night, or evening, whatever xD.

New to trading? Try crypto trading bots or copy trading on best crypto exchanges



Source link

RELATED ARTICLES

LEAVE A REPLY

Please enter your comment!
Please enter your name here

- Advertisment -

Most Popular

Recent Comments