Are you interested in smart contracts? Do you know what integer overflow is? In fact, integer overflow is a problem from the realm of programming, but a smart contract is in essence a program, so you might want to understand what it is all about.<\/p>\n
Simply put, if an unsigned integer is stored in a single, byte-long memory cell, it can take only \u00a0those values ranging from 0 to 255. That means, if no further conditions are specified, 255 + 1 = 0. More worrying, 0 \u2013 1 = 255. This is how most modern processors process this data.<\/p>\n
In many modern programming languages, the program itself controls whether an overflow has occurred during arithmetic operations. If it has, chances are that\u2019s not what the programmer had in mind, so it is best to interrupt the program and make sure it won\u2019t cause bugs later on.<\/p>\n
No such control is provided in smart contracts for Ethereum when processing money. In other words, if you have zero tokens and send one to friend, you will get a quintillion tokens. Obviously, the program should be interrupted right then, and the incorrect transaction canceled.<\/p>\n
Why Ethereum developers would implement their arithmetic that way is a mystery. But for universal human math rules to apply to smart contracts, every smart contract programmer has to add more than 100 lines of code containing the normal functions for addition, multiplication, and so forth.<\/p>\n
Otherwise, with a quintillion credited to their account, the sky\u2019s the limit. A swindler could enter a cryptocurrency exchange and buy all the bitcoins or ether they want. At any price.<\/p>\n
That scenario isn\u2019t purely theoretical; it\u2019s actually happened a number of times with several types of currency. Usually, we learn about the code problem after the perpetrator has pulled off the trick<\/a> and disappeared with full pockets. But even after that, nothing can be done: smart contracts are written in stone, they cannot be changed or patched.<\/p>\n Truth be told, the problem of integer overflow is not limited to Ethereum. Long before it, Bitcoin had the same problem, too.<\/p>\n Integer overflow caused two Bitcoin wallets to end up with<\/a> 184 billion bitcoins on August 15, 2010. Needless to say, this was not a welcome development for the founders. They (i.e., Satoshi Nakamoto) quickly modified the code, fixed the bug, rolled back the financial history, and pretended nothing had happened.<\/p>\n But what does history rollback mean? An example: If I bought $10,000 worth of bitcoins on that particular day, the rollback would cause my bitcoins to fly back to the seller \u2014 unlike my dollars, which I wouldn\u2019t get back. And if a rollback were performed now instead of back in 2010, the consequences would be colossal, because now, every day sees about $5 billion worth of bitcoin trades.<\/p>\n The preceding, and other cases as well, demonstrates that blockchain is unchangeable only if everything goes according to plan. Otherwise, both plan and blockchain can be changed.<\/p>\n The Ethereum developers\u2019 decision seems rather weird \u2014 it looks as though they have arranged traps for smart contract programmers. You have to be very experienced or focused (or both) to save yourself or your investors from potentially losing all of your money overnight. And that is yet another reason smart contract code needs careful verification. As part of Kaspersky Token Offering Security, our experts analyze smart contracts code for vulnerabilities and undocumented features. You can read more about it on our Token Offering Security page<\/a>.<\/p>\n","protected":false},"excerpt":{"rendered":" What is integer overflow, and why you should know about it?<\/p>\n","protected":false},"author":669,"featured_media":13994,"comment_status":"closed","ping_status":"open","sticky":false,"template":"","format":"standard","meta":{"_acf_changed":false,"footnotes":""},"categories":[1318,1916,1917],"tags":[1308,1504,1506],"class_list":{"0":"post-13993","1":"post","2":"type-post","3":"status-publish","4":"format-standard","5":"has-post-thumbnail","7":"category-business","8":"category-enterprise","9":"category-smb","10":"tag-blockchain","11":"tag-ethereum","12":"tag-smart-contracts"},"hreflang":[{"hreflang":"en-ae","url":"https:\/\/me-en.kaspersky.com\/blog\/integer-overflow-ethereum\/13993\/"},{"hreflang":"en-in","url":"https:\/\/www.kaspersky.co.in\/blog\/integer-overflow-ethereum\/16601\/"},{"hreflang":"en-us","url":"https:\/\/usa.kaspersky.com\/blog\/integer-overflow-ethereum\/18541\/"},{"hreflang":"en-gb","url":"https:\/\/www.kaspersky.co.uk\/blog\/integer-overflow-ethereum\/16633\/"},{"hreflang":"es-mx","url":"https:\/\/latam.kaspersky.com\/blog\/integer-overflow-ethereum\/15286\/"},{"hreflang":"es","url":"https:\/\/www.kaspersky.es\/blog\/integer-overflow-ethereum\/19176\/"},{"hreflang":"it","url":"https:\/\/www.kaspersky.it\/blog\/integer-overflow-ethereum\/17870\/"},{"hreflang":"ru","url":"https:\/\/www.kaspersky.ru\/blog\/integer-overflow-ethereum\/28140\/"},{"hreflang":"x-default","url":"https:\/\/www.kaspersky.com\/blog\/integer-overflow-ethereum\/28188\/"},{"hreflang":"fr","url":"https:\/\/www.kaspersky.fr\/blog\/integer-overflow-ethereum\/12204\/"},{"hreflang":"pl","url":"https:\/\/plblog.kaspersky.com\/integer-overflow-ethereum\/11109\/"},{"hreflang":"de","url":"https:\/\/www.kaspersky.de\/blog\/integer-overflow-ethereum\/20008\/"},{"hreflang":"nl","url":"https:\/\/www.kaspersky.nl\/blog\/integer-overflow-ethereum\/24216\/"},{"hreflang":"ru-kz","url":"https:\/\/blog.kaspersky.kz\/integer-overflow-ethereum\/22060\/"},{"hreflang":"en-au","url":"https:\/\/www.kaspersky.com.au\/blog\/integer-overflow-ethereum\/23322\/"},{"hreflang":"en-za","url":"https:\/\/www.kaspersky.co.za\/blog\/integer-overflow-ethereum\/23233\/"}],"acf":[],"banners":"","maintag":{"url":"https:\/\/me-en.kaspersky.com\/blog\/tag\/smart-contracts\/","name":"smart contracts"},"_links":{"self":[{"href":"https:\/\/me-en.kaspersky.com\/blog\/wp-json\/wp\/v2\/posts\/13993","targetHints":{"allow":["GET"]}}],"collection":[{"href":"https:\/\/me-en.kaspersky.com\/blog\/wp-json\/wp\/v2\/posts"}],"about":[{"href":"https:\/\/me-en.kaspersky.com\/blog\/wp-json\/wp\/v2\/types\/post"}],"author":[{"embeddable":true,"href":"https:\/\/me-en.kaspersky.com\/blog\/wp-json\/wp\/v2\/users\/669"}],"replies":[{"embeddable":true,"href":"https:\/\/me-en.kaspersky.com\/blog\/wp-json\/wp\/v2\/comments?post=13993"}],"version-history":[{"count":2,"href":"https:\/\/me-en.kaspersky.com\/blog\/wp-json\/wp\/v2\/posts\/13993\/revisions"}],"predecessor-version":[{"id":14363,"href":"https:\/\/me-en.kaspersky.com\/blog\/wp-json\/wp\/v2\/posts\/13993\/revisions\/14363"}],"wp:featuredmedia":[{"embeddable":true,"href":"https:\/\/me-en.kaspersky.com\/blog\/wp-json\/wp\/v2\/media\/13994"}],"wp:attachment":[{"href":"https:\/\/me-en.kaspersky.com\/blog\/wp-json\/wp\/v2\/media?parent=13993"}],"wp:term":[{"taxonomy":"category","embeddable":true,"href":"https:\/\/me-en.kaspersky.com\/blog\/wp-json\/wp\/v2\/categories?post=13993"},{"taxonomy":"post_tag","embeddable":true,"href":"https:\/\/me-en.kaspersky.com\/blog\/wp-json\/wp\/v2\/tags?post=13993"}],"curies":[{"name":"wp","href":"https:\/\/api.w.org\/{rel}","templated":true}]}}Overflow and Bitcoin<\/h2>\n
Back to smart contracts<\/h2>\n