Precision errors arise when contracts mishandle decimal scaling or rounding in calculations, leading to inaccurate results
// SPDX-License-Identifier: MIT
pragma solidity ^0.8.0;
contract VulnerableToken {
string public name = "VulnerableToken";
string public symbol = "VUL";
uint8 public decimals = 18;
uint256 public totalSupply;
mapping(address => uint256) public balanceOf;
event Transfer(address indexed from, address indexed to, uint256 value);
constructor(uint256 initialSupply) {
// Initialize total supply without accounting for decimals
totalSupply = initialSupply;
balanceOf[msg.sender] = totalSupply;
emit Transfer(address(0), msg.sender, totalSupply);
}
// Mint function vulnerable to incorrect decimal handling
function mint(uint256 amount) public {
// Fails to scale by decimals, causing inflated supply
totalSupply += amount;
balanceOf[msg.sender] += amount;
emit Transfer(address(0), msg.sender, amount);
}
}
Write tests for edge cases, such as small or very large values, fractions close to rounding boundaries, zero values, and more.
