# Tutorial 35: Wrong Function Signature

Understanding Vulnerabilities from Incorrect Function Signatures in Smart Contracts\
\
In smart contract development, using correct function signatures is paramount for ensuring that your contract functions as intended. Function signatures are part of how the Ethereum Virtual Machine (EVM) identifies which function to call when a transaction is sent to a contract. If the wrong signature is used, or parameters are mismatched, it can lead to unexpected reverts or logic flaws that break the functionality of the smart contract. In decentralized finance (DeFi), this can result in the failure of critical financial operations, such as minting tokens, calculating rewards, or performing swaps.

In this tutorial, we will explore the vulnerability caused by incorrect function signatures and show how they can be exploited or cause failures in contract execution. We'll discuss examples, common pitfalls, and mitigation strategies to avoid these errors.

***

#### What Are Function Signatures?

A function signature in Solidity is determined by the function's name and the types of its parameters. The EVM uses a four-byte hash of the function signature (known as the *function selector*) to identify which function should be called.

For example, the function signature for a function like `mint(uint256)` would be:<br>

```
function mint(uint256 amount) external;        
```

The function selector for this function is calculated as:

```
bytes4(keccak256("mint(uint256)"));
```

If a function is called with an incorrect selector (due to parameter mismatches or function name issues), the contract might call the wrong function or revert the transaction entirely.

***

#### Common Pitfalls with Function Signatures

1. **Mismatched Function Parameters**: In many cases, developers reuse contract interfaces across multiple contract types. However, if the signature of the reused function does not match the implementation in one of the contract types, it can cause the function to revert.

   For instance, suppose a developer uses the same interface for two different token types—one handling native tokens (like Ether) and another for ERC20 tokens. If the `mint` function for native tokens (e.g., Ether) doesn't take any parameters, but the ERC20 version does, using the wrong signature will cause the contract to fail when it tries to mint native tokens.

   **Example**:

   ```
   // Native token mint function (no parameters)
   function mint() external payable {
       // Logic for minting native tokens
   }

   // ERC20 mint function (takes a uint256 parameter)
   function mint(uint256 amount) external {
       // Logic for minting ERC20 tokens
   }
   ```

If the ERC20 `mint` function is mistakenly called for the native token, the transaction will revert because the function signature will not match the implementation for the native token.

#### Conclusion

Incorrect function signatures can lead to significant vulnerabilities in smart contracts, ranging from failed transactions to complete contract failure. By ensuring that function signatures are correct and match the intended behavior of the contract, developers can avoid these common pitfalls.


---

# Agent Instructions: Querying This Documentation

If you need additional information that is not directly available in this page, you can query the documentation dynamically by asking a question.

Perform an HTTP GET request on the current page URL with the `ask` query parameter:

```
GET https://zokyo-auditing-tutorials.gitbook.io/zokyo-tutorials/tutorial-35-wrong-function-signature.md?ask=<question>
```

The question should be specific, self-contained, and written in natural language.
The response will contain a direct answer to the question and relevant excerpts and sources from the documentation.

Use this mechanism when the answer is not explicitly present in the current page, you need clarification or additional context, or you want to retrieve related documentation sections.