> For the complete documentation index, see [llms.txt](https://zokyo-auditing-tutorials.gitbook.io/zokyo-tutorials/llms.txt). Markdown versions of documentation pages are available by appending `.md` to page URLs; this page is available as [Markdown](https://zokyo-auditing-tutorials.gitbook.io/zokyo-tutorials/tutorials/tutorial-2-unsafe-casting.md). # Tutorial 2: Unsafe Casting {% hint style="info" %} [**Book an audit with Zokyo**](https://www.zokyo.io/) {% endhint %} {% hint style="info" %} **Unsafe Type Casting In Smart Contracts:** An Auditor's Guide. This technical tutorial is designed to equip blockchain auditors, developers, and enthusiasts with the crucial knowledge and skills required to identify and mitigate vulnerabilities associated with unsafe type casting in smart contracts. By leveraging real-world examples and proven strategies, this tutorial serves as a comprehensive resource for understanding, identifying, and addressing this significant security concern. {% endhint %} Smart contracts have transformed the way we transact within the blockchain ecosystem, offering solutions that are trustless and automated. Yet, as we delve deeper into this innovative technology, we encounter unique security challenges, among which unsafe type casting holds a notable position. Unsafe type casting, in the context of blockchain and smart contracts, refers to the act of converting one data type to another in a way that can lead to unexpected or incorrect outcomes. This issue usually surfaces when variables are downcasted or converted into a smaller data type, without the necessary checks for possible overflows or underflows. Despite its subtlety, it can introduce severe security vulnerabilities into smart contract platforms, potentially leading to exploitation opportunities or unintentional bugs. Unfortunately, these unsafe type casting vulnerabilities often go unnoticed in audits, highlighting the need for a comprehensive examination of this issue. The objective of this tutorial is to scrutinize unsafe type casting in smart contracts, to understand its mechanics, highlight its manifestations, and discuss potential mitigation techniques. By boosting our collective understanding of unsafe type casting, we can enhance our auditing procedures, reinforce the security infrastructure of smart contract platforms, and minimize the oversight of such pivotal vulnerabilities. --- # Agent Instructions This documentation is published with GitBook. GitBook is the documentation platform designed so that both humans and AI agents can read, navigate, and reason over technical content effectively. Learn more at gitbook.com. ## Querying This Documentation If you need additional information that is not directly available in this page, you can query the documentation dynamically by asking a question. Perform an HTTP GET request on the current page URL with the `ask` query parameter, and the optional `goal` query parameter: ``` GET https://zokyo-auditing-tutorials.gitbook.io/zokyo-tutorials/tutorials/tutorial-2-unsafe-casting.md?ask=&goal= ``` `ask` is the immediate question: it should be specific, self-contained, and written in natural language. `goal` is optional and describes the broader end goal you are ultimately trying to accomplish on behalf of the user. GitBook uses it to tailor the answer towards what is most useful for that goal. The response will contain a direct answer to the question and relevant excerpts and sources from the documentation. Use this mechanism when the answer is not explicitly present in the current page, you need clarification or additional context, or you want to retrieve related documentation sections.