As I research hacking cases, I found that each attack has relied on arithmetic exceptions such as Overflow/Underflow.
OpenZeppelin created a library called SafeMath that prevents those issues by default.
But it was annoying to use add, sub, mul, div instead of arithmetic operators.
Luckily, since Solidity 0.8.0, arithmetic operations revert on underflow and overflow by default. You can use unchecked { ... } to use the previous wrapping behaviour.
They said:
Checks for overflow are very common, so we made them the default to increase readability of code, even if it comes at a slight increase of gas costs.
So, from now on, can we rid of SafeMath?
I made a Solidity game that you can play Underflow.
Through this game, you can learn about that protecting your smart contract from underflow is also another way to protect it from hackers.
Sorry, the comment form is closed at this time.