Insecure Exact Balance Check
Description
Testing the balance of an account as a basis for some action has risks associated with unexpected receipt of ether or another token, including tokens deliberately transferred to cause such tests to fail, as an MEV attack.
Examples
Insecure Code
solidity
if (balanceOf(account) == 10) { ... }Secure Code
solidity
if (balanceOf(account) >= 5 && balanceOf(account) <= 15) { ... }Remediation
Use a secure comparison method, such as checking for a range of values instead of an exact balance, to prevent potential MEV attacks.
Rule Details
| Field | Value |
|---|---|
| ID | CODE-0657 |
| Category | Crypto |
| Severity | MEDIUM |
| CWE | CWE-667 |
| Confidence | LOW |
| Impact | MEDIUM |
| Likelihood | MEDIUM |
| Exploitability | MODERATE |
| Tags | MEV attack, exact balance check |
| OWASP | N/A |