Platform: Code4rena
Start Date: 29/06/2022
Pot Size: $50,000 USDC
Total HM: 20
Participants: 133
Period: 5 days
Judge: hickuphh3
Total Solo HM: 1
Id: 142
League: ETH
Rank: 113/133
Findings: 1
Award: $21.17
π Selected for report: 0
π Solo Findings: 0
π Selected for report: GalloDaSballo
Also found by: 0v3rf10w, 0x1f8b, 0xA5DF, 0xDjango, 0xHarry, 0xKitsune, 0xNazgul, 0xNineDec, 0xc0ffEE, 0xf15ers, 0xkatana, 0xsanson, ACai, Aymen0909, Bnke0x0, BowTiedWardens, Chom, ElKu, Fitraldys, Funen, Haruxe, Hawkeye, IllIllI, JC, JohnSmith, Kaiziron, Kenshin, Lambda, Limbooo, MadWookie, Metatron, MiloTruck, Picodes, PwnedNoMore, Randyyy, RedOneN, ReyAdmirado, Ruhum, Sm4rty, StErMi, StyxRave, TerrierLover, TomJ, Tomio, UnusualTurtle, Waze, Yiko, _Adam, __141345__, ajtra, ak1, apostle0x01, asutorufos, c3phas, cRat1st0s, catchup, codetilda, cryptphi, datapunk, defsec, delfin454000, durianSausage, exd0tpy, fatherOfBlocks, gogo, grrwahrr, hake, hansfriese, horsefacts, ignacio, jayfromthe13th, joestakey, ladboy233, m_Rassska, mektigboy, minhquanym, mrpathfindr, natzuu, oyc_109, rajatbeladiya, reassor, rfa, robee, rokinot, sach1r0, saian, sashik_eth, simon135, slywaters, swit, z3s, zeesaw, zer0dot
21.1707 USDC - $21.17
Custom error from solidity 0.8.4 are cheaper than revert strings, custom error are defined using the error statement can use inside and outside the contract.
source https://blog.soliditylang.org/2021/04/21/custom-errors/
i suggest replacing revert / require error strings with custom error.
POC :
https://github.com/code-423n4/2022-06-putty/blob/main/contracts/src/PuttyV2.sol#L214 https://github.com/code-423n4/2022-06-putty/blob/main/contracts/src/PuttyV2.sol#L241 https://github.com/code-423n4/2022-06-putty/blob/main/contracts/src/PuttyV2.sol#L278 https://github.com/code-423n4/2022-06-putty/blob/main/contracts/src/PuttyV2.sol#L281 https://github.com/code-423n4/2022-06-putty/blob/main/contracts/src/PuttyV2.sol#L284 https://github.com/code-423n4/2022-06-putty/blob/main/contracts/src/PuttyV2.sol#L287 https://github.com/code-423n4/2022-06-putty/blob/main/contracts/src/PuttyV2.sol#L290 https://github.com/code-423n4/2022-06-putty/blob/main/contracts/src/PuttyV2.sol#L293 https://github.com/code-423n4/2022-06-putty/blob/main/contracts/src/PuttyV2.sol#L329 https://github.com/code-423n4/2022-06-putty/blob/main/contracts/src/PuttyV2.sol#L353 https://github.com/code-423n4/2022-06-putty/blob/main/contracts/src/PuttyV2.sol#L395 https://github.com/code-423n4/2022-06-putty/blob/main/contracts/src/PuttyV2.sol#L398 https://github.com/code-423n4/2022-06-putty/blob/main/contracts/src/PuttyV2.sol#L401 https://github.com/code-423n4/2022-06-putty/blob/main/contracts/src/PuttyV2.sol#L405 https://github.com/code-423n4/2022-06-putty/blob/main/contracts/src/PuttyV2.sol#L406 https://github.com/code-423n4/2022-06-putty/blob/main/contracts/src/PuttyV2.sol#L429 https://github.com/code-423n4/2022-06-putty/blob/main/contracts/src/PuttyV2.sol#L470 https://github.com/code-423n4/2022-06-putty/blob/main/contracts/src/PuttyV2.sol#L475 https://github.com/code-423n4/2022-06-putty/blob/main/contracts/src/PuttyV2.sol#L481 https://github.com/code-423n4/2022-06-putty/blob/main/contracts/src/PuttyV2.sol#L527 https://github.com/code-423n4/2022-06-putty/blob/main/contracts/src/PuttyV2.sol#L551 https://github.com/code-423n4/2022-06-putty/blob/main/contracts/src/PuttyV2.sol#L552 https://github.com/code-423n4/2022-06-putty/blob/main/contracts/src/PuttyV2.sol#L598 https://github.com/code-423n4/2022-06-putty/blob/main/contracts/src/PuttyV2.sol#L599 https://github.com/code-423n4/2022-06-putty/blob/main/contracts/src/PuttyV2.sol#L765 https://github.com/code-423n4/2022-06-putty/blob/main/contracts/src/PuttyV2Nft.sol#L12 https://github.com/code-423n4/2022-06-putty/blob/main/contracts/src/PuttyV2Nft.sol#L13 https://github.com/code-423n4/2022-06-putty/blob/main/contracts/src/PuttyV2Nft.sol#L26 https://github.com/code-423n4/2022-06-putty/blob/main/contracts/src/PuttyV2Nft.sol#L27 https://github.com/code-423n4/2022-06-putty/blob/main/contracts/src/PuttyV2Nft.sol#L30 https://github.com/code-423n4/2022-06-putty/blob/main/contracts/src/PuttyV2Nft.sol#L41
0
is less efficient than!= 0` for unsigned integers
!= 0 costs less gas compared to > 0 for unsigned integers in require statements with the optimizer enabled (6 gas)
While it may seem that > 0 is cheaper than !=, this is only true without the optimizer enabled and outside a require statement. If you enable the optimizer at 10k AND youβre in a require statement, this will save gas.
source : https://twitter.com/gzeon/status/1485428085885640706
I suggest changing > 0 with != 0
POC
https://github.com/code-423n4/2022-06-putty/blob/main/contracts/src/PuttyV2.sol#L599
In the former example, the ABI decoding begins with
copying value from calldata to memory in a for loop. Each iteration
would cost at least 60 gas. In the latter example, this can be
completely avoided. This will also reduce the number of instructions and
therefore reduces the deploy time cost of the contract.
In short, use calldata instead of memory if the function argument
is only read.
https://github.com/code-423n4/2022-06-putty/blob/main/contracts/src/PuttyV2.sol#L271 https://github.com/code-423n4/2022-06-putty/blob/main/contracts/src/PuttyV2.sol#L727 https://github.com/code-423n4/2022-06-putty/blob/main/contracts/src/PuttyV2.sol#L741