Platform: Code4rena
Start Date: 21/06/2022
Pot Size: $50,000 USDC
Total HM: 31
Participants: 99
Period: 5 days
Judges: moose-code, JasoonS, denhampreen
Total Solo HM: 17
Id: 139
League: ETH
Rank: 92/99
Findings: 1
Award: $26.57
🌟 Selected for report: 0
🚀 Solo Findings: 0
🌟 Selected for report: BowTiedWardens
Also found by: 0v3rf10w, 0x1f8b, 0x29A, 0xKitsune, 0xNazgul, 0xf15ers, 0xkatana, 0xmint, 8olidity, ACai, Bnke0x0, Chom, ElKu, Fabble, Fitraldys, FudgyDRS, Funen, GalloDaSballo, GimelSec, IllIllI, JC, Kaiziron, Lambda, Limbooo, MiloTruck, Noah3o6, Nyamcil, Picodes, PwnedNoMore, Randyyy, RedOneN, Sm4rty, StErMi, TomJ, Tomio, TrungOre, UnusualTurtle, Waze, _Adam, aga7hokakological, ajtra, antonttc, asutorufos, bardamu, c3phas, defsec, delfin454000, exd0tpy, fatherOfBlocks, hansfriese, ignacio, joestakey, kenta, ladboy233, m_Rassska, mics, minhquanym, oyc_109, pashov, reassor, robee, s3cunda, sach1r0, saian, sashik_eth, scaraven, sikorico, simon135, slywaters
26.5713 USDC - $26.57
Custom error from solidity 0.8.4 are cheaper than revert strings, custom error are defined using the error statement can use inside and outside the contract.
source https://blog.soliditylang.org/2021/04/21/custom-errors/
i suggest replacing revert / require error strings with custom error.
POC
https://github.com/code-423n4/2022-06-yieldy/blob/main/src/contracts/Staking.sol#L62 https://github.com/code-423n4/2022-06-yieldy/blob/main/src/contracts/Staking.sol#L118 https://github.com/code-423n4/2022-06-yieldy/blob/main/src/contracts/Staking.sol#L143 https://github.com/code-423n4/2022-06-yieldy/blob/main/src/contracts/Staking.sol#L408 https://github.com/code-423n4/2022-06-yieldy/blob/main/src/contracts/Staking.sol#L410 https://github.com/code-423n4/2022-06-yieldy/blob/main/src/contracts/Staking.sol#L529 https://github.com/code-423n4/2022-06-yieldy/blob/main/src/contracts/Staking.sol#L572 https://github.com/code-423n4/2022-06-yieldy/blob/main/src/contracts/Staking.sol#L576 https://github.com/code-423n4/2022-06-yieldy/blob/main/src/contracts/Staking.sol#L586 https://github.com/code-423n4/2022-06-yieldy/blob/main/src/contracts/Staking.sol#L604 https://github.com/code-423n4/2022-06-yieldy/blob/main/src/contracts/Staking.sol#L608 https://github.com/code-423n4/2022-06-yieldy/blob/main/src/contracts/Staking.sol#L613 https://github.com/code-423n4/2022-06-yieldy/blob/main/src/contracts/Staking.sol#L644 https://github.com/code-423n4/2022-06-yieldy/blob/main/src/contracts/Staking.sol#L676 https://github.com/code-423n4/2022-06-yieldy/blob/main/src/contracts/Yieldy.sol#L58 https://github.com/code-423n4/2022-06-yieldy/blob/main/src/contracts/Yieldy.sol#L59 https://github.com/code-423n4/2022-06-yieldy/blob/main/src/contracts/Yieldy.sol#L83 https://github.com/code-423n4/2022-06-yieldy/blob/main/src/contracts/Yieldy.sol#L96 https://github.com/code-423n4/2022-06-yieldy/blob/main/src/contracts/Yieldy.sol#L190 https://github.com/code-423n4/2022-06-yieldy/blob/main/src/contracts/Yieldy.sol#L210 https://github.com/code-423n4/2022-06-yieldy/blob/main/src/contracts/Yieldy.sol#L249 https://github.com/code-423n4/2022-06-yieldy/blob/main/src/contracts/Yieldy.sol#L257 https://github.com/code-423n4/2022-06-yieldy/blob/main/src/contracts/Yieldy.sol#L279 https://github.com/code-423n4/2022-06-yieldy/blob/main/src/contracts/Yieldy.sol#L286 https://github.com/code-423n4/2022-06-yieldy/blob/main/src/contracts/Migration.sol#L22 https://github.com/code-423n4/2022-06-yieldy/blob/main/src/contracts/LiquidityReserve.sol#L25 https://github.com/code-423n4/2022-06-yieldy/blob/main/src/contracts/LiquidityReserve.sol#L46 https://github.com/code-423n4/2022-06-yieldy/blob/main/src/contracts/LiquidityReserve.sol#L61 https://github.com/code-423n4/2022-06-yieldy/blob/main/src/contracts/LiquidityReserve.sol#L62 https://github.com/code-423n4/2022-06-yieldy/blob/main/src/contracts/LiquidityReserve.sol#L70 https://github.com/code-423n4/2022-06-yieldy/blob/main/src/contracts/LiquidityReserve.sol#L94 https://github.com/code-423n4/2022-06-yieldy/blob/main/src/contracts/LiquidityReserve.sol#L105 https://github.com/code-423n4/2022-06-yieldy/blob/main/src/contracts/LiquidityReserve.sol#L163 https://github.com/code-423n4/2022-06-yieldy/blob/main/src/contracts/LiquidityReserve.sol#L173 https://github.com/code-423n4/2022-06-yieldy/blob/main/src/contracts/LiquidityReserve.sol#L192 https://github.com/code-423n4/2022-06-yieldy/blob/main/src/contracts/LiquidityReserve.sol#L215
> 0 is less efficient than != 0 for unsigned integers!= 0 costs less gas compared to > 0 for unsigned integers in require statements with the optimizer enabled (6 gas)
While it may seem that > 0 is cheaper than !=, this is only true without the optimizer enabled and outside a require statement. If you enable the optimizer at 10k AND you’re in a require statement, this will save gas.
source : https://twitter.com/gzeon/status/1485428085885640706
I suggest changing > 0 with != 0
POC :
https://github.com/code-423n4/2022-06-yieldy/blob/main/src/contracts/Yieldy.sol#L286
When using elements that are smaller than 32 bytes, your contract’s gas usage may be higher. This is because the EVM operates on 32 bytes at a time. Therefore, if the element is smaller than that, the EVM must use more operations in order to reduce the size of the element from 32 bytes to the desired size.
resource : https://docs.soliditylang.org/en/v0.8.11/internals/layout_in_storage.html
Use a larger size then downcast where needed
POC
https://github.com/code-423n4/2022-06-yieldy/blob/main/src/contracts/Staking.sol#L113