Kingdom: Code Quality
Poor code quality leads to unpredictable behavior. From a user's perspective that often manifests itself as poor usability. For an attacker it provides an opportunity to stress the system in unexpected ways.
Solidity Bad Practices: Lack of Explicit Variable Visibility
Abstract
A state variable does not explicitly specify the level of visibility.
Explanation
When developing a Solidity smart contract, developers must set the visibility of state variables to control who can get or set them.
Explicitly setting the visibility on state variables makes it easier to catch incorrect assumptions about who can access the variable.
Example 1: The following code fails to set an explicit level of visibility to a variable.
Explicitly setting the visibility on state variables makes it easier to catch incorrect assumptions about who can access the variable.
Example 1: The following code fails to set an explicit level of visibility to a variable.
bytes16 data = "data";
References
[1] Enterprise Ethereum Alliance Code Linting
[2] Standards Mapping - Common Weakness Enumeration CWE ID 710
[3] Standards Mapping - Smart Contract Weakness Classification SWC-108
desc.structural.solidity.swc108