Lesson 14 of 23
In Progress

# Use of Safe Math Libraries

Smart contracts are self-executing contracts with the terms of the agreement between buyer and seller being directly written into lines of code. As a result, it is important for smart contract developers to be cautious when working with numbers in their contracts, as arithmetic errors can lead to serious security vulnerabilities.

One way to prevent arithmetic errors in smart contracts is to use safe math libraries. In this article, we will discuss what safe math libraries are and why they are important for smart contract development.

## What are Safe Math Libraries?

Safe math libraries are collections of functions that provide secure arithmetic operations in smart contracts. These libraries handle arithmetic errors such as integer overflow and underflow, which can occur when a number exceeds the maximum or minimum value that can be represented by a data type.

For example, consider the following contract:

pragma solidity ^0.6.0;

contract UnsafeMath {
uint public balance;

function add(uint _a, uint _b) public {
balance = _a + _b;
}
}


In this contract, the add function adds two unsigned integers (uint) and stores the result in the balance variable. However, if the result of the addition exceeds the maximum value that can be represented by a uint (2^256 – 1), an integer overflow will occur, and the balance variable will be set to a value that is lower than the intended result.

This can lead to serious security vulnerabilities in smart contracts, as it can allow attackers to manipulate contract operations and potentially gain unauthorized access to funds.

## Why are Safe Math Libraries Important?

Safe math libraries are important for smart contract development because they provide a secure and reliable way to perform arithmetic operations in contracts. By using these libraries, smart contract developers can prevent arithmetic errors such as integer overflow and underflow, and ensure that their contracts operate as intended.

There are several safe math libraries available for Solidity, including the SafeMath library from OpenZeppelin and the Math library from ZeppelinOS. These libraries provide a range of functions for performing arithmetic operations in a safe and secure manner.

For example, consider the following contract that uses the SafeMath library:

pragma solidity ^0.6.0;

import "https://github.com/OpenZeppelin/openzeppelin-solidity/contracts/math/SafeMath.sol";

contract SafeMathExample {
using SafeMath for uint;
uint public balance;

function add(uint _a, uint _b) public {
}
}


In this contract, the add function uses the add function from the SafeMath library to perform the addition of _a and _b. This function ensures that an integer overflow or underflow cannot occur, and that the result is always correct.

## Using Safe Math Libraries in Your Contracts

To use a safe math library in your smart contracts, you will first need to import the library into your contract. Then, you can use the using directive to access the functions provided by the library.

For example, to use the SafeMath library in your contract, you can use the following code:

import "https://github.com/OpenZeppelin/openzeppelin-solidity/contracts/math/SafeMath.sol";

contract MyContract {
using SafeMath for uint;
// ...
}


You can then use the functions provided by the library to perform arithmetic operations in your contract. For example, to add two uint variables _a and _b, you can use the add function as follows:

uint result = _a.add(_b);

## Conclusion

Safe math libraries are an important tool for smart contract developers, as they provide a secure and reliable way to perform arithmetic operations in contracts. By using these libraries, you can prevent arithmetic errors such as integer overflow and underflow, and ensure that your contracts operate as intended.

## Exercises

To review these concepts, we will go through a series of exercises designed to test your understanding and apply what you have learned.

#### Create a smart contract that uses the SafeMath library to add two uint variables and store the result in a third variable.

pragma solidity ^0.6.0;

import "https://github.com/OpenZeppelin/openzeppelin-solidity/contracts/math/SafeMath.sol";

contract SafeMathExercise {
using SafeMath for uint;

uint public result;

function add(uint _a, uint _b) public {
}
}


#### Create a smart contract that uses the SafeMath library to subtract two uint variables and store the result in a third variable.

pragma solidity ^0.6.0;

import "https://github.com/OpenZeppelin/openzeppelin-solidity/contracts/math/SafeMath.sol";

contract SafeMathExercise {
using SafeMath for uint;

uint public result;

function subtract(uint _a, uint _b) public {
result = _a.sub(_b);
}
}


#### Create a smart contract that uses the SafeMath library to multiply two uint variables and store the result in a third variable.

pragma solidity ^0.6.0;

import "https://github.com/OpenZeppelin/openzeppelin-solidity/contracts/math/SafeMath.sol";

contract SafeMathExercise {
using SafeMath for uint;

uint public result;

function multiply(uint _a, uint _b) public {
result = _a.mul(_b);
}
}


#### Create a smart contract that uses the SafeMath library to divide two uint variables and store the result in a third variable.

pragma solidity ^0.6.0;

import "https://github.com/OpenZeppelin/openzeppelin-solidity/contracts/math/SafeMath.sol";

contract SafeMathExercise {
using SafeMath for uint;

uint public result;

function divide(uint _a, uint _b) public {
result = _a.div(_b);
}
}

#### Create a smart contract that uses the SafeMath library to calculate the modulus of two uint variables and store the result in a third variable.

pragma solidity ^0.6.0;

import "https://github.com/OpenZeppelin/openzeppelin-solidity/contracts/math/SafeMath.sol";

contract SafeMathExercise {
using SafeMath for uint;

uint public result;

function modulus(uint _a, uint _b) public {
result = _a.mod(_b);
}
}


Note: It is important to always use the mod function from the SafeMath library to calculate the modulus of two numbers, as the % operator in Solidity can lead to integer overflow and underflow.