Integer Underflow Explained in Detail
Integer underflow occurs when arithmetic tries to subtract below a type's minimum value. In Solidity 0.8 and later, checked arithmetic reverts by default. Inside unchecked blocks or older Solidity versions, underflow can wrap.
For unsigned integers, subtracting below zero can become a very large number under wrapping semantics.
Smart contract example
pragma solidity ^0.8.20;
contract Vault {
mapping(address => uint256) public balances;
function withdraw(uint256 amount) external {
unchecked {
balances[msg.sender] -= amount;
}
}
}
If amount is greater than the balance, the result wraps instead of reverting.
Integer Underflow in Auditing
Underflow bugs can create inflated balances, broken debt accounting, incorrect shares, or bypassed limits. They often appear in accounting code, reward math, fee logic, custom arithmetic that tries to avoid gas costs, casts, signed-to-unsigned conversions, and rounding around subtraction.
Red flags in code
-
uncheckedarithmetic around balances, debt, shares, or collateral. -
Solidity version below 0.8.
-
Manual safe math removed without reviewing assumptions.
-
Subtraction before validation.
-
Complex accounting with signed and unsigned conversions.
-
Tests only cover normal amounts, not zero or over-balance values.
How to test or review it
-
Test subtracting zero, exact balance, balance plus one, and maximum values.
-
Use fuzz testing for user-controlled amounts.
-
Add invariant testing for total supply, total debt, and collateral relationships.
-
Review every
uncheckedblock manually. -
Compare behavior against the existing integer overflow checks.