Explicit Balance Checks

What it detects

This detector flags functions that transfer ether or tokens without first confirming the sender has sufficient balance. Skipping these checks can drain accounts or leave them with negative balances in off-chain accounting.

Typical symptoms

Transfer succeeds even when sender has no funds
Accounting records go negative after sending

Solidity snippet (v0.8.25)

pragma solidity ^0.8.25;

contract SendWithoutCheck {
    mapping(address => uint256) public balances;

    function send(address to, uint256 amount) external {
}

Why it matters on EVM

Without explicit balance checks, malicious users can exploit logic bugs to move assets they don't actually own.

What it detects​

Typical symptoms​

Solidity snippet (v0.8.25)​

Why it matters on EVM​

What it detects

Typical symptoms

Solidity snippet (v0.8.25)

Why it matters on EVM