Kingdom: Errors

Errors and error handling represent a class of API. Errors related to error handling are so common that they deserve a special kingdom of their own. As with "API Abuse," there are two ways to introduce an error-related security vulnerability: the most common one is handling errors poorly (or not at all). The second is producing errors that either give out too much information (to possible attackers) or are difficult to handle.

Code Correctness: Typographical Error

Abstract
The contract uses an operation that is prone to typographical errors.
Explanation
A typographical error on an operation can lead to unexpected results. For example, if the intention is to add a number to a variable using += but it is written as =+, the operation is still valid. However, instead of carrying out the addition, it re-initializes the variable.

Example 1 The following code is intended to add a number to the variable numberOne. However, using the =+ operator actually re-initializes the variable to 1.


uint numberOne = 1;

function alwaysOne() public {
numberOne =+ 1;
}
References
[1] Enterprise Ethereum Alliance Typographic Conventions
[2] Standards Mapping - Common Weakness Enumeration CWE ID 480
[3] Standards Mapping - Smart Contract Weakness Classification SWC-129
desc.structural.solidity.swc129