Assert Violation

From WEB3 Vulnerapedia
Jump to navigation Jump to search

Assert Violation

In Solidity 0.4.10, the following functions were created: assert(), require(), and revert().

Formally said, the assert() function is meant to assert invariants; informally said, assert() is an overly assertive bodyguard that protects your smart contract, but steals your gas in the process. Properly functioning contracts should never reach a failing assert statement. If you've reached a failing assert statement, you've either improperly used assert(), or there is a vulnerability in your contract that puts it in an invalid state.

If the condition checked in the assert() is not actually an invariant, it's suggested that you replace it with a require() statement.

Sources

https://github.com/kadenzipfel/smart-contract-vulnerabilities/blob/master/vulnerabilities/assert-violation.md

https://swcregistry.io/docs/SWC-110

https://media.consensys.net/when-to-use-revert-assert-and-require-in-solidity-61fb2c0e5a57

Retrieved from "https://wiki.r.security/w/index.php?title=Assert_Violation&oldid=130"