- Vulnerability Category:
Arithmetic - Severity:
Medium - Detectors:
divide-before-multiply - Test Cases:
divide-before-multiply
In Clarity, decimals are dropped after an arithmetic operation. This can lead to an undesired loss of precision if the order of operations is not correct.
(define-public (sharing-a-prize (participants uint) (prize uint) (bonus uint))
(* (/ prize participants) bonus)
)The vulnerable code example can be found here.
By changing the order, we can avoid losing precision in intermidiate steps.
(define-public (sharing-a-prize (participants uint) (prize uint) (bonus uint))
(/ (* prize bonus) participants)
)The remediated code example can be found here.