Using floats in JavaScript
Large Wei values exceed safe integer ranges. Keep amounts as strings, BigInt, or library bigint types.
Convert Ether, Gwei, and Wei with integer-safe precision. Built for developers and auditors who cannot afford decimal mistakes.
Attackers look for contracts that mix ETH, Wei, token decimals, and integer division in the wrong order.
Ethereum uses a denomination system similar to how dollars break down into cents. Ether (ETH) is the primary unit you see on exchanges, but smart contracts operate at a much more granular level using Wei - the smallest unit of Ether.
Gwei (giga-wei) is commonly used for gas prices because it provides a human-readable middle ground.
Large Wei values exceed safe integer ranges. Keep amounts as strings, BigInt, or library bigint types.
ETH uses 18 decimals, but USDC uses 6. Assuming every asset is 1e18 creates accounting bugs.
Integer division truncates toward zero. Scale first, divide last, and test edge amounts.
To convert Ether to Wei, multiply by 1018. This is the factor between the two units:
Wei = ETH × 1018
To convert Wei back to Ether, divide by 1018:
ETH = Wei ÷ 1018
Solidity provides built-in denomination aliases so you don't need to write out the full power of 10 manually. These compile down to the equivalent Wei integer value.
The keywords ether and gwei are Solidity denomination suffixes. They can be combined with numeric literals:
// Built-in Solidity denominations
uint256 oneEther = 1 ether; // 1000000000000000000 wei
uint256 oneGwei = 1 gwei; // 1000000000 wei
uint256 halfEther = 0.5 ether; // 500000000000000000 wei
// Use in function parameters
function deposit() external payable {
require(msg.value >= 0.01 ether, "Minimum 0.01 ETH");
}
// Gas price check (in Gwei)
function checkGasPrice() external view returns (uint256) {
return tx.gasprice / 1 gwei; // converts to Gwei
}
ERC-20 tokens have their own decimal system that is completely separate from Ether's 18-decimal Wei system. Most ERC-20 tokens use 18 decimals by convention, but tokens like USDC use 6. Mixing these up is a common source of DeFi bugs.
When integrating tokens that use different decimal counts, always scale by the token's own decimals() value - not by 1018:
// USDC has 6 decimals, NOT 18
// 1 USDC = 1_000_000 (1e6), not 1e18
IERC20 usdc = IERC20(0xA0b86991c6218b36c1d19D4a2e9Eb0cE3606eB48);
uint8 decimals = usdc.decimals(); // returns 6
// Safe scaling pattern
uint256 oneUSDC = 10 ** uint256(usdc.decimals()); // 1_000_000
// Dangerous pattern (assumes 18 decimals)
uint256 BAD_oneUSDC = 1 ether; // WRONG: 1e18, not 1e6
Unit conversion bugs are responsible for a significant share of DeFi losses. The errors are often subtle and survive code review because the math looks correct at a surface level.
Solidity uses integer division, which truncates toward zero. When the numerator is smaller than the denominator, the result is zero - which is often exploitable:
// Integer division truncation - the most common precision bug
// If userBalance is 999_999_999_999_999_999 (just under 1 ETH):
uint256 fee = userBalance / 1 ether; // fee = 0! Division truncates to 0
// Safe pattern: use higher-precision intermediate math
uint256 fee = (userBalance * FEE_BPS) / 10_000; // scale first, divide last
// Precision loss in price calculations
uint256 price = 1500 * 1e6; // USDC price: $1500 with 6 decimals
uint256 ethAmount = 1 ether; // 1 ETH in Wei
// BUG: mixing denominations
uint256 usdValue = (ethAmount * price) / 1 ether; // wrong scaling
Gas prices on Ethereum are denominated in Gwei. When your contract checks tx.gasprice, it returns a value in Wei - so comparing directly to a human-readable Gwei number requires conversion:
// tx.gasprice is in Wei, not Gwei
// To check if gas price is below 20 Gwei:
require(tx.gasprice <= 20 gwei, "Gas price too high");
// equivalent to: require(tx.gasprice <= 20_000_000_000, ...)
// EIP-1559 basefee (in Wei)
uint256 basefeeWei = block.basefee;
uint256 basefeeGwei = block.basefee / 1 gwei;
Unit conversion bugs have cost DeFi protocols tens of millions of dollars. Our smart contract auditing course covers how to audit arithmetic, decimal handling, and precision edge cases systematically.
Learn to Audit Arithmetic VulnerabilitiesIncorrect unit handling has led to millions of dollars in exploits. Attackers specifically target contracts with flawed Wei/Ether conversions, rounding errors, and integer division truncation.
uint256 fee = amount / 1 ether;
// 0.99 ETH -> fee = 0
These arithmetic vulnerabilities are among the most common - and most preventable - security flaws in DeFi.
Study Arithmetic AttacksWei is the smallest denomination of Ether - think of it like cents to dollars, but with 18 decimal places instead of 2. Gwei (gigawei) equals 1 billion Wei and is primarily used for expressing gas prices. Ether is the standard unit used for transactions and displayed on exchanges. Smart contracts perform all calculations in Wei to maintain precision.
Solidity, Ethereum's programming language, doesn't support decimal numbers (floating-point). Using Wei - an integer representation - eliminates floating-point rounding errors that plague traditional financial software. This integer-only approach is more predictable but requires developers to carefully manage unit conversions.
In Solidity, you can use built-in denominations: 1 ether automatically converts to 1018 Wei, and 1 gwei converts to 109 Wei. For dynamic conversions, multiply your ETH value by 1018. Always verify your conversion logic - incorrect decimal handling is a leading cause of smart contract vulnerabilities.
Absolutely. Precision errors in unit conversions are among the most exploited vulnerabilities in DeFi. Common attack vectors include integer division truncation (where small amounts round to zero), multiplication overflow, and incorrect decimal scaling between tokens with different decimal places. These bugs have enabled attackers to drain liquidity pools, manipulate prices, and steal funds.
Practice precision, decimal handling, overflow, rounding, and accounting edge cases with real smart contract security labs.