01.SWC-100_Frunction Default Visibility
2023-07-13 16:10:30
# 09.SWC
SWC-100_Frunction Default Visibility
Function Default Visibility
Description: Functions that do not have a function visibility type specified are
public
by default. This can lead to a vulnerability if a developer forgot to set the visibility and a malicious user is able to make unauthorized or unintended state changes.Remediation: Functions can be specified as being
external
,public
,internal
orprivate
. It is recommended to make a conscious decision on which visibility type is appropriate for a function. This can dramatically reduce the attack surface of a contract system.
vulnerable contract:
1 | pragma solidity ^0.4.24; |