Basin - DavidGiladi's results

A composable EVM-native decentralized exchange protocol.

General Information

Platform: Code4rena

Start Date: 03/07/2023

Pot Size: $40,000 USDC

Total HM: 14

Participants: 74

Period: 7 days

Judge: alcueca

Total Solo HM: 9

Id: 259

League: ETH

Basin

Findings Distribution

Researcher Performance

Rank: 61/74

Findings: 1

Award: $7.89

Gas:

grade-b

🌟 Selected for report: 0

🚀 Solo Findings: 0

External Links

Code4rena Contest Page Github Contest Repository Github Findings Repository Basin

Findings Information

🌟 Selected for report: SM3_SS

Also found by: 0x11singh99, 0xAnah, 0xSmartContract, 0xn006e7, 0xprinc, DavidGiladi, ElCid, JCN, K42, MIQUINHO, Raihan, Rolezn, SAAJ, SY_S, Strausses, TheSavageTeddy, bigtone, erebus, hunter_w3b, josephdara, lsaudit, mahdirostami, oakcobalt, peanuts, pfapostol, seth_lawson

Awards

7.8853 USDC - $7.89

Labels

bug

G (Gas Optimization)

grade-b

high quality report

sponsor confirmed

G-17

External Links

Link to GitHub issue

Gas Optimization Issues

Title	Issue	Instances	Total Gas Saved
[G-1] Use assembly to emit events	Use assembly to emit events	8	304
[G-2] Check Arguments Early	Check Arguments Early	3	-
[G-3] Division operations between unsigned could be unchecked	Division operations between unsigned could be unchecked	16	1360
[G-4] Empty Block	Empty Block	3	-
[G-5] Cache External Calls in Loops	Cache External Calls in Loops	5	500
[G-6] Use a More Recent Version of Solidity	Use a More Recent Version of Solidity	27	-
[G-7] Greater or Equal Comparison Costs Less Gas than Greater Comparison	Greater or Equal Comparison Costs Less Gas than Greater Comparison	3	9
[G-8] Consider Merge Sequential For-Loops	Consider Merge Sequential For-Loops	2	-
[G-9] Consider activating via-ir for deploying	Consider activating via-ir for deploying	1	-
[G-10] Safe Subtraction Should Be Unchecked	Safe Subtraction Should Be Unchecked	31	2635
[G-11] Unnecessary Casting of Variables	Unnecessary Casting of Variables	3	-
[G-12] Avoid Unnecessary Computation Inside Loops	Avoid Unnecessary Computation Inside Loops	2	-
[G-13] Redundant Contract Existence Check in Consecutive External Calls	Redundant Contract Existence Check in Consecutive External Calls	2	200
[G-14] Unused Named Return Variables	Unused Named Return Variables	1	-

Total: 268 instances over 27 issues

Use assembly to emit events

Severity: Gas Optimization
Confidence: High
Total Gas Saved: 304

Description

This detector checks for instances where a contract uses assembly code to emit events. While it's technically possible to emit events using inline assembly in Solidity, it's generally discouraged due to readability concerns and potential for errors. Events should usually be emitted using higher-level Solidity constructs.

<details> <summary> There are 8 instances of this issue: </summary>

File: src/Well.sol

 
Line: 238          emit Swap(fromToken, toToken, amountIn, amountOut, recipient)

https://github.com/code-423n4/2023-07-basin/blob/main/src/Well.sol#L238

File: src/Well.sol

 
Line: 305          emit Swap(fromToken, toToken, amountIn, amountOut, recipient)

https://github.com/code-423n4/2023-07-basin/blob/main/src/Well.sol#L305

File: src/Well.sol

 
Line: 373          emit Shift(reserves, tokenOut, amountOut, recipient)

https://github.com/code-423n4/2023-07-basin/blob/main/src/Well.sol#L373

File: src/Well.sol

 
Line: 443          emit AddLiquidity(tokenAmountsIn, lpAmountOut, recipient)

https://github.com/code-423n4/2023-07-basin/blob/main/src/Well.sol#L443

File: src/Well.sol

 
Line: 482          emit RemoveLiquidity(lpAmountIn, tokenAmountsOut, recipient)

https://github.com/code-423n4/2023-07-basin/blob/main/src/Well.sol#L482

File: src/Well.sol

 
Line: 516          emit RemoveLiquidityOneToken(lpAmountIn, tokenOut, tokenAmountOut, recipient)

https://github.com/code-423n4/2023-07-basin/blob/main/src/Well.sol#L516

File: src/Well.sol

 
Line: 569          emit RemoveLiquidity(lpAmountIn, tokenAmountsOut, recipient)

https://github.com/code-423n4/2023-07-basin/blob/main/src/Well.sol#L569

File: src/Well.sol

 
Line: 597          emit Sync(reserves)

https://github.com/code-423n4/2023-07-basin/blob/main/src/Well.sol#L597

</details>

Empty Block

Severity: Gas Optimization
Confidence: High

Description

The code should be refactored such that they no longer exist, or the block should do something useful, such as emitting an event or reverting. If the contract is meant to be extended, the contract should be abstract and the function signatures be added without any default implementation. If the block is an empty if-statement block to avoid doing subsequent checks in the else-if/else conditions, the else-if/else conditions should be nested under the negation of the if-statement, because they involve different classes of checks, which may lead to the introduction of errors when the code is later modified.

<details> <summary> There are 3 instances of this issue: </summary>

File: src/Well.sol

 
Line: 656          try IPump(_pump.target).update(reserves, _pump.data) {}

            catch {

                // ignore reversion. If an external shutoff mechanism is added to a Pump, it could be called here.

            }

contains an empty block. https://github.com/code-423n4/2023-07-basin/blob/main/src/Well.sol#L656-L659

File: src/Well.sol

 
Line: 664          try IPump(_pumps[i].target).update(reserves, _pumps[i].data) {}

                catch {

                    // ignore reversion. If an external shutoff mechanism is added to a Pump, it could be called here.

                }

contains an empty block. https://github.com/code-423n4/2023-07-basin/blob/main/src/Well.sol#L664-L667

File: src/Well.sol

 
Line: 653          if (numberOfPumps() == 1) {

            Call memory _pump = firstPump();

            // Don't revert if the update call fails.

            try IPump(_pump.target).update(reserves, _pump.data) {}

            catch {

                // ignore reversion. If an external shutoff mechanism is added to a Pump, it could be called here.

            }

        } else {

            Call[] memory _pumps = pumps();

            for (uint256 i; i < _pumps.length; ++i) {

                // Don't revert if the update call fails.

                try IPump(_pumps[i].target).update(reserves, _pumps[i].data) {}

                catch {

                    // ignore reversion. If an external shutoff mechanism is added to a Pump, it could be called here.

                }

            }

        }

contains an empty block. https://github.com/code-423n4/2023-07-basin/blob/main/src/Well.sol#L653-L669

</details>

Check Arguments Early

Severity: Gas Optimization
Confidence: High

Description

Checks that require() or revert() statements that check input arguments are at the top of the function. Checks that involve constants should come before checks that involve state variables, function calls, and calculations. By doing these checks first, the function is able to revert before wasting a gas load in a function that may ultimately revert in the unhappy case.

<details> <summary> There are 3 instances of this issue: </summary>

File: src/libraries/ABDKMathQuad.sol

 
Line: 221          require(uint128(x) < 0x80000000000000000000000000000000);

https://github.com/code-423n4/2023-07-basin/blob/main/src/libraries/ABDKMathQuad.sol#L221

File: src/libraries/LibBytes.sol

 
Line: 63          require(reserves[reserves.length - 1] <= type(uint128).max, "ByteStorage: too large")

https://github.com/code-423n4/2023-07-basin/blob/main/src/libraries/LibBytes.sol#L63

File: src/libraries/LibMath.sol

 
Line: 159          require(denominator > 0);

https://github.com/code-423n4/2023-07-basin/blob/main/src/libraries/LibMath.sol#L159

</details>

Division operations between unsigned could be unchecked

Severity: Gas Optimization
Confidence: High
Total Gas Saved: 1360

Description

Division operations on unsigned integers should be unchecked to save gas since they cannot overflow or underflow. Because unsigned integers cannot have negative values, execution of division operations outside unchecked blocks adds nothing but overhead. Saves about 85 gas.

<details> <summary> There are 16 instances of this issue: </summary>

File: src/functions/ConstantProduct.sol

 
Line: 40          erve = uint256((lpTokenSupply / n) ** n);

Should be unchecked - lpTokenSupply / n. https://github.com/code-423n4/2023-07-basin/blob/main/src/functions/ConstantProduct.sol#L40

File: src/libraries/ABDKMathQuad.sol

 
Line: 918          Signifier = xSignifier / ySignifier;

Should be unchecked - xSignifier / ySignifier. https://github.com/code-423n4/2023-07-basin/blob/main/src/libraries/ABDKMathQuad.sol#L918

File: src/libraries/ABDKMathQuad.sol

 
Line: 1035           = (r + xSignifier / r) >> 1;

Should be unchecked - xSignifier / r. https://github.com/code-423n4/2023-07-basin/blob/main/src/libraries/ABDKMathQuad.sol#L1035

File: src/libraries/ABDKMathQuad.sol

 
Line: 1036           = (r + xSignifier / r) >> 1;

Should be unchecked - xSignifier / r. https://github.com/code-423n4/2023-07-basin/blob/main/src/libraries/ABDKMathQuad.sol#L1036

File: src/libraries/ABDKMathQuad.sol

 
Line: 1037           = (r + xSignifier / r) >> 1;

Should be unchecked - xSignifier / r. https://github.com/code-423n4/2023-07-basin/blob/main/src/libraries/ABDKMathQuad.sol#L1037

File: src/libraries/ABDKMathQuad.sol

 
Line: 1038           = (r + xSignifier / r) >> 1;

Should be unchecked - xSignifier / r. https://github.com/code-423n4/2023-07-basin/blob/main/src/libraries/ABDKMathQuad.sol#L1038

File: src/libraries/ABDKMathQuad.sol

 
Line: 1039           = (r + xSignifier / r) >> 1;

Should be unchecked - xSignifier / r. https://github.com/code-423n4/2023-07-basin/blob/main/src/libraries/ABDKMathQuad.sol#L1039

File: src/libraries/ABDKMathQuad.sol

 
Line: 1040           = (r + xSignifier / r) >> 1;

Should be unchecked - xSignifier / r. https://github.com/code-423n4/2023-07-basin/blob/main/src/libraries/ABDKMathQuad.sol#L1040

File: src/libraries/ABDKMathQuad.sol

 
Line: 1041           = (r + xSignifier / r) >> 1;

Should be unchecked - xSignifier / r. https://github.com/code-423n4/2023-07-basin/blob/main/src/libraries/ABDKMathQuad.sol#L1041

File: src/libraries/ABDKMathQuad.sol

 
Line: 1042          int256 r1 = xSignifier / r;

Should be unchecked - xSignifier / r. https://github.com/code-423n4/2023-07-basin/blob/main/src/libraries/ABDKMathQuad.sol#L1042

File: src/libraries/LibMath.sol

 
Line: 52          xNew = x - (x - a0 / t0) / n

Should be unchecked - a0 / t0. https://github.com/code-423n4/2023-07-basin/blob/main/src/libraries/LibMath.sol#L52

File: src/libraries/LibMath.sol

 
Line: 54          xNew = x + (a0 / t0 - x) / n

Should be unchecked - a0 / t0. https://github.com/code-423n4/2023-07-basin/blob/main/src/libraries/LibMath.sol#L54

File: src/libraries/LibMath.sol

 
Line: 198          od0 := div(prod0, twos)

Should be unchecked - prod0 / twos. https://github.com/code-423n4/2023-07-basin/blob/main/src/libraries/LibMath.sol#L198

File: src/pumps/MultiFlowPump.sol

 
Line: 113          blocksPassed = (deltaTimestamp / BLOCK_TIME).fromUInt()

Should be unchecked - deltaTimestamp / BLOCK_TIME. https://github.com/code-423n4/2023-07-basin/blob/main/src/pumps/MultiFlowPump.sol#L113

File: src/pumps/MultiFlowPump.sol

 
Line: 252          tes16 blocksPassed = (deltaTimestamp / BLOCK_TIME).fromUInt();

Should be unchecked - deltaTimestamp / BLOCK_TIME. https://github.com/code-423n4/2023-07-basin/blob/main/src/pumps/MultiFlowPump.sol#L252

File: src/pumps/MultiFlowPump.sol

 
Line: 299          tes16 blocksPassed = (deltaTimestamp / BLOCK_TIME).fromUInt();

Should be unchecked - deltaTimestamp / BLOCK_TIME. https://github.com/code-423n4/2023-07-basin/blob/main/src/pumps/MultiFlowPump.sol#L299

</details>

Avoid Unnecessary Computation Inside Loops

Severity: Gas Optimization
Confidence: High

Description

This detector identifies instances of computations being performed inside loops that could be performed outside the loop to save gas.

Unnecessary computation inside loops:

Any computation performed inside a loop that doesn't change with each iteration can be moved outside the loop to save gas.This detector identifies instances where the following unnecessary computations are performed inside loops:

1 Local variables are read inside loops but never modified within the same loop, indicating they could be cached outside the loop.
2 Computations involving constant expressions (literals) which result in the same output in every loop iteration.

By addressing these issues, gas usage can be optimized.

<details> <summary> There are 2 instances of this issue: </summary>

File: src/Well.sol

 
Line: 36          i < _tokens.length - 1

The following computations can be cached outside of loops for gas optimization _tokens.length - 1 . https://github.com/code-423n4/2023-07-basin/blob/main/src/Well.sol#L36

File: src/libraries/LibMath.sol

 
Line: 50          uint256 t0 = x ** (n - 1)

The following computations can be cached outside of loops for gas optimization n - 1 . https://github.com/code-423n4/2023-07-basin/blob/main/src/libraries/LibMath.sol#L50

</details>

Cache External Calls in Loops

Severity: Gas Optimization
Confidence: High
Total Gas Saved: 500

Description

This detector identifies instances of repeated external calls within loops. By moving the first external call outside of the loop and using low-level calls inside the loop, it is possible to save gas by avoiding repeated EXTCODESIZE opcodes, as there is no need to check again if the contract exists.

Note: This detector only triggers if the function call does not return any value.

Prior to 0.8.10, the compiler inserted extra code, including EXTCODESIZE (100 gas), to check for contract existence for external function calls. In more recent Solidity versions the compiler will not insert these checks if the external call has a return value. Similar behavior can be achieved in earlier versions by using low-level calls, since low-level calls never check for contract existence.

<details> <summary> There are 5 instances of this issue: </summary>

File: src/Well.sol

 
Line: 431          _tokens[i].safeTransferFrom(msg.sender, address(this), tokenAmountsIn[i])

https://github.com/code-423n4/2023-07-basin/blob/main/src/Well.sol#L431

File: src/Well.sol

 
Line: 477          _tokens[i].safeTransfer(recipient, tokenAmountsOut[i])

https://github.com/code-423n4/2023-07-basin/blob/main/src/Well.sol#L477

File: src/Well.sol

 
Line: 558          _tokens[i].safeTransfer(recipient, tokenAmountsOut[i])

https://github.com/code-423n4/2023-07-basin/blob/main/src/Well.sol#L558

File: src/Well.sol

 
Line: 610          _tokens[i].safeTransfer(recipient, skimAmounts[i])

https://github.com/code-423n4/2023-07-basin/blob/main/src/Well.sol#L610

File: src/Well.sol

 
Line: 664          try IPump(_pumps[i].target).update(reserves, _pumps[i].data) {}

                catch {

                    // ignore reversion. If an external shutoff mechanism is added to a Pump, it could be called here.

                }

https://github.com/code-423n4/2023-07-basin/blob/main/src/Well.sol#L664-L667

</details>

Greater or Equal Comparison Costs Less Gas than Greater Comparison

Severity: Gas Optimization
Confidence: High
Total Gas Saved: 9

Description

In Solidity, the >= operator costs less gas than the > operator. This is because the Solidity compiler uses the LT opcode for >= comparisons, which requires less gas than the combination of GT and ISZERO opcodes used for > comparisons. Therefore, replacing > with >= when possible can reduce the gas cost of your contract.

<details> <summary> There are 3 instances of this issue: </summary>

File: src/libraries/ABDKMathQuad.sol

 
Line: 57          int256 result = uint256(x > 0 ? x : -x);

using GREATER_EQUAL/LESS_EQUAL in this case is identical therefore should be use.

https://github.com/code-423n4/2023-07-basin/blob/main/src/libraries/ABDKMathQuad.sol#L57

File: src/libraries/ABDKMathQuad.sol

 
Line: 246          int256 result = uint256(x > 0 ? x : -x);

using GREATER_EQUAL/LESS_EQUAL in this case is identical therefore should be use.

https://github.com/code-423n4/2023-07-basin/blob/main/src/libraries/ABDKMathQuad.sol#L246

File: src/libraries/ABDKMathQuad.sol

 
Line: 303          int256 result = uint128(x > 0 ? x : -x);

using GREATER_EQUAL/LESS_EQUAL in this case is identical therefore should be use.

https://github.com/code-423n4/2023-07-basin/blob/main/src/libraries/ABDKMathQuad.sol#L303

</details>

Consider Merge Sequential For-Loops

Severity: Gas Optimization
Confidence: High

Description

Detects instances where multiple for-loops appear sequentially in the same function. This may indicate an opportunity for loop fusion, a code optimization technique that merges multiple loops into a single one.

<details> <summary> There are 2 instances of this issue: </summary>

Consider merging those following loops to one loop if appropriate :File: src/Well.sol

 
Line: 423          i < _tokens.length

File: src/Well.sol

 
Line: 429          i < _tokens.length

https://github.com/code-423n4/2023-07-basin/blob/main/src/Well.sol#L423

Consider merging those following loops to one loop if appropriate :File: src/pumps/MultiFlowPump.sol

 
Line: 84          i < numberOfReserves

File: src/pumps/MultiFlowPump.sol

 
Line: 116          i < numberOfReserves

https://github.com/code-423n4/2023-07-basin/blob/main/src/pumps/MultiFlowPump.sol#L84

</details>

Consider activating via-ir for deploying

Severity: Gas Optimization
Confidence: Medium

Description

The IR-based code generator was developed to make code generation more transparent and auditable, while also enabling powerful optimization passes that can be applied across functions.

It is possible to activate the IR-based code generator through the command line by using the flag --via-ir or by including the option {'viaIR': true}.

Keep in mind that compiling with this option may take longer. However, you can simply test it before deploying your code. If you find that it provides better performance, you can add the --via-ir flag to your deploy command.

Redundant Contract Existence Check in Consecutive External Calls

Severity: Gas Optimization
Confidence: Medium
Total Gas Saved: 200

Description

This detector identifies instances where there are consecutive external calls to the same contract, where the subsequent calls could use a low-level call to save gas.

Note: This detector only triggers if the function call does not return any value.

<details> <summary> There are 2 instances of this issue: </summary>

File: src/Well.sol

 
Line: 304          toToken.safeTransfer(recipient, amountOut)

This call could be replaced with a low-level call because the contract SafeERC20 has already been checked in Line: 303 fromToken.safeTransferFrom(msg.sender, address(this), amountIn) https://github.com/code-423n4/2023-07-basin/blob/main/src/Well.sol#L304

File: src/pumps/MultiFlowPump.sol

 
Line: 133          slot.storeBytes16(pumpState.emaReserves)

This call could be replaced with a low-level call because the contract LibBytes16 has already been checked in Line: 129 slot.storeBytes16(pumpState.cumulativeReserves) https://github.com/code-423n4/2023-07-basin/blob/main/src/pumps/MultiFlowPump.sol#L133

</details>

Unused Named Return Variables

Severity: Gas Optimization
Confidence: High

Description

Named return variables allow for clear and explicit naming of values to be returned from a function. However, when these variables are unused, it can lead to confusion and make the code less maintainable.

<details> <summary> There are 1 instances of this issue: </summary>

File: src/Aquifer.sol

 
Line: 86          function wellImplementation(address well) external view returns (address implementation)

there is not use of this variables: @ implementation

https://github.com/code-423n4/2023-07-basin/blob/main/src/Aquifer.sol#L86-L88

</details>

Safe Subtraction Should Be Unchecked

Severity: Gas Optimization
Confidence: High
Total Gas Saved: 2635

Description

This detector identifies subtraction operations where the subtraction could safely be unchecked. This occurs when a prior if-statement or require() function ensures that the first operand (minuend) is greater than or equal to the second operand (subtrahend). In these cases, an unchecked subtraction would not result in an underflow error, and can save gas by skipping the redundant check.

<details> <summary> There are 31 instances of this issue: </summary>

File: src/libraries/ABDKMathQuad.sol

 
Line: 61          esult >>= msb - 112;