Integer Overflow and Underflow in Smart Contracts: What Developers Must Know
In smart contract development, integer overflow and underflow are critical vulnerabilities that can lead to serious bugs or even financial loss. These issues occur when a number exceeds the range of its data type,either by growing too large (overflow) or dropping below its minimum value (underflow).
What Are Integer Overflow and Underflow?
In the Ethereum Virtual Machine (EVM), integer data types have fixed sizes. For instance, a uint8 (an 8-bit unsigned integer) can only store values between 0 and 255. Trying to store a value like 256 in a uint8 causes it to wrap around to 0,an overflow. Similarly, subtracting 1 from 0 in a uint8 leads to 255,an underflow.
The same happens with signed integers, but the wraparound includes negative numbers. For example, subtracting 1 from an int8 value of -128 results in 127, flipping the sign unexpectedly.
Real-World Analogies:
-
Car odometers rolling back to zero after maxing out.
-
Trigonometric functions, like sin(x), repeating after every 2π.
Why Are Overflows and Underflows Dangerous?
These bugs can cause unintended behavior in smart contracts. If not handled properly, they may be exploited by attackers to:
-
Artificially inflate balances or token counts.
-
Bypass access controls or logic flows in the contract.
-
Withdraw funds they don’t actually own.
One of the most well-known Ethereum hacks,the BatchOverflow bug,exploited this exact issue to generate billions of tokens from thin air.
✅ How to Prevent Integer Overflows and Underflows
1. Use Solidity 0.8.0 or Higher
Since Solidity version 0.8.0, arithmetic operations automatically check for overflows and underflows. If a calculation exceeds a data type's boundaries, the transaction is immediately reverted, preventing unintended consequences.
solidity
// This will revert if overflow occurs uint8 a = 255; a = a + 1; // Will revert in Solidity >=0.8.0
2. Use the unchecked Keyword Sparingly
If you’re optimizing for gas and are absolutely sure an operation won’t overflow, you can use the unchecked keyword:
solidity
unchecked { a = a + 1; }
However, this should be used with caution, as it disables safety checks.
3. Leverage SafeMath Libraries
Before Solidity 0.8.0, developers relied on libraries like OpenZeppelin’s SafeMath, which provides functions like add(), sub(), mul(), and div() with built-in overflow protection.
solidity
using SafeMath for uint256; uint256 newBalance = oldBalance.add(amount); // Safe addition
Even though SafeMath is no longer necessary in newer Solidity versions, it can still be useful for backward compatibility or readability.
Best Practices
-
✅ Always compile with the latest stable Solidity version unless there's a specific reason not to.
-
✅ Review arithmetic operations carefully, especially when manipulating token balances or contract state.
-
✅ Consider formal verification or static analysis tools to detect these bugs early in the development cycle.
-
✅ Conduct smart contract audits if handling real assets or user funds.
With AuditLensPlus, you can uncover vulnerabilities in your smart contracts quickly and cost-effectively, empowering you to take the right steps toward more secure and robust code.
Final Thoughts
Integer overflows and underflows are deceptively simple but have historically led to catastrophic vulnerabilities in Ethereum smart contracts. With proper tooling and cautious coding, they are completely avoidable.
If you're developing or auditing smart contracts, make integer safety a non-negotiable priority.
Our Recommendation:
References:
https://owasp.org/www-project-smart-contract-top-10/2025/en/src/SC08-integer-overflow-underflow.html
https://swcregistry.io/docs/SWC-101/
