> ## Documentation Index
> Fetch the complete documentation index at: https://docs.webacy.com/llms.txt
> Use this file to discover all available pages before exploring further.

# Hidden Balance Update

> Detect hidden balance update vulnerabilities that let malicious smart contracts secretly alter ERC-20 token balances without authorization or events.

## Overview

Hidden Balance Update vulnerabilities allow malicious contracts to modify token balances without proper authorization or transparency, enabling theft and manipulation.

<Warning>
  Balance manipulation attacks are particularly dangerous because they can be difficult to detect - transactions appear normal while balances are secretly altered.
</Warning>

## Types of Hidden Balance Updates

### Direct Balance Manipulation

Modifying the balance mapping directly without proper mint/burn/transfer operations.

```solidity theme={null}
// DANGEROUS: Direct balance manipulation
function adjustBalance(address account, uint256 amount) internal {
    _balances[account] = amount;  // No events, no checks
}
```

**Risk:** Balances can be changed arbitrarily without any record.

***

### Conditional Balance Modification

Balance changes triggered by hidden conditions.

```solidity theme={null}
// DANGEROUS: Hidden conditional balance update
function transfer(address to, uint256 amount) public returns (bool) {
    if (block.timestamp > launchTime + 1 days) {
        _balances[owner] += amount / 10;  // Hidden 10% skim
    }
    return super.transfer(to, amount);
}
```

**Risk:** Conditions activate malicious behavior after initial scrutiny period.

***

### Rebasing Without Events

Modifying balances through rebasing mechanics without proper events.

```solidity theme={null}
// DANGEROUS: Silent rebase
function _rebase(uint256 factor) internal {
    for (uint i = 0; i < holders.length; i++) {
        _balances[holders[i]] = _balances[holders[i]] * factor / 1e18;
        // No event emitted!
    }
}
```

**Risk:** User balances change without any on-chain record.

***

### Balance Override in View Functions

Returning incorrect balances in view functions.

```solidity theme={null}
// DANGEROUS: Fake balance display
function balanceOf(address account) public view override returns (uint256) {
    if (account == owner) {
        return _balances[account] + _hiddenReserve;  // Inflated balance
    }
    return _balances[account];
}
```

**Risk:** Displayed balances don't match actual holdings.

## Safe Patterns

### Transparent Balance Updates

```solidity theme={null}
// SAFE: All balance changes through proper functions with events
function _transfer(address from, address to, uint256 amount) internal {
    require(from != address(0), "Transfer from zero");
    require(to != address(0), "Transfer to zero");
    require(_balances[from] >= amount, "Insufficient balance");

    _balances[from] -= amount;
    _balances[to] += amount;

    emit Transfer(from, to, amount);  // Always emit events
}
```

### Transparent Rebasing

```solidity theme={null}
// SAFE: Rebase with events
function rebase(uint256 factor) public onlyOwner {
    uint256 oldSupply = _totalSupply;
    _totalSupply = _totalSupply * factor / 1e18;
    _rebaseIndex = _rebaseIndex * factor / 1e18;

    emit Rebase(oldSupply, _totalSupply, factor);  // Transparent
}
```

## Detection Tags

| Tag                       | Severity | Description                                |
| ------------------------- | -------- | ------------------------------------------ |
| `hidden_balance_update`   | High     | Direct balance manipulation detected       |
| `conditional_balance_mod` | High     | Balance changes on hidden conditions       |
| `silent_rebase`           | Medium   | Rebase without event emission              |
| `balance_view_mismatch`   | Medium   | View function returns inconsistent balance |

## API Response Example

```json theme={null}
{
  "issues": [
    {
      "tag": "hidden_balance_update",
      "severity": "high",
      "description": "Direct balance mapping modification without events",
      "location": "adjustBalance(address,uint256)"
    }
  ]
}
```

## Red Flags

* [ ] Direct writes to `_balances` mapping outside standard functions
* [ ] Missing `Transfer` events on balance changes
* [ ] Conditional logic that modifies balances
* [ ] `balanceOf` returning different values than stored
* [ ] Time-delayed balance modification logic
