Skip to main content

Incorrect Calculation of Token Transfer

What it detects

This detector flags incorrect token transfer logic where the amount of tokens credited or debited is wrong due to formulaic mistakes. These may include:

  • Adding instead of subtracting from sender balances
  • Forgetting to subtract fees from the transfer amount
  • Failing to scale values correctly by token decimals (e.g., multiplying instead of dividing)
  • Misapplying percentage-based fees or rewards
  • Applying logic in the wrong order (e.g., fee calculations before bounds checking)

Such issues often lead to misaligned balances, unexpected token minting or burning, or incorrect event emissions, violating expected token behavior.

Typical symptoms

  • Transfer events show amounts that differ from the actual internal balance updates
  • Sender balance increases instead of decreases
  • Recipient receives too much or too little
  • Total supply becomes inaccurate or drifts over time
  • Users gain or lose tokens without clear explanation

Solidity snippet (v0.8.25)

pragma solidity ^0.8.25;

contract BadTransfer {
    mapping(address => uint256) public balances;

    function move(address to, uint256 amount) external {
        // Miscalculates by adding to both balances instead of subtracting from sender
        // This effectively "mints" tokens with every call
        balances[msg.sender] += amount;
        balances[to] += amount;
    }
}

Corrected Version

function move(address to, uint256 amount) external {
    require(balances[msg.sender] >= amount, "Insufficient balance");
    balances[msg.sender] -= amount;
    balances[to] += amount;
}

Why it matters on EVM

Incorrect token transfer logic breaks core accounting guarantees and can permanently distort token supply, user trust, and contract functionality. Unlike off-chain systems, there's no rollback in the EVM—once tokens are incorrectly moved or created, the mistake is irreversible without an explicit recovery function.

Consequences of this vulnerability include:

  • Inflation of token supply, reducing value for all holders
  • Users exploiting logic to mint tokens or drain liquidity
  • Inconsistent behavior across different wallets and dApps
  • Inability to audit or reason about token flows

Accurate transfer logic is foundational to trust and value in any token-based smart contract system.