Floating Point Vulnerability

A floating point vulnerability arises when a system relies on standard IEEE 754 floating-point arithmetic for sensitive financial logic, leading to non-deterministic results across different hardware architectures. Because floating-point math can produce slightly different outputs based on the processor or compiler, it is inherently unsuitable for the consensus-driven environment of a blockchain.

If a smart contract uses these calculations, it may cause a state mismatch between nodes, effectively breaking the network consensus. Furthermore, attackers can exploit these variations to manipulate the outcome of trades or derivative pricing.

This vulnerability highlights the necessity of using specialized integer-based libraries that guarantee identical outputs regardless of the underlying hardware. Developers must strictly avoid native floating-point types in any logic that determines the state of assets or collateral.