Platform: Code4rena
Start Date: 11/08/2022
Pot Size: $40,000 USDC
Total HM: 8
Participants: 108
Period: 4 days
Judge: hickuphh3
Total Solo HM: 2
Id: 152
League: ETH
Rank: 93/108
Findings: 1
Award: $20.60
🌟 Selected for report: 0
🚀 Solo Findings: 0
🌟 Selected for report: Dravee
Also found by: 0x040, 0x1f8b, 0xDjango, 0xHarry, 0xNazgul, 0xSmartContract, 0xbepresent, 0xkatana, Amithuddar, Aymen0909, Bnke0x0, Chom, CodingNameKiki, Deivitto, DevABDee, Diraco, ElKu, Fitraldys, Funen, IllIllI, JC, LeoS, Metatron, MiloTruck, Noah3o6, ReyAdmirado, Rohan16, Rolezn, Saw-mon_and_Natalie, Sm4rty, SpaceCake, TomJ, Tomio, Trabajo_de_mates, Waze, Yiko, __141345__, ajtra, apostle0x01, bobirichman, brgltd, bulej93, c3phas, cRat1st0s, carlitox477, d3e4, durianSausage, erictee, fatherOfBlocks, gerdusx, gogo, hakerbaya, ignacio, jag, joestakey, ladboy233, medikko, mics, newfork01, oyc_109, pfapostol, robee, rvierdiiev, sach1r0, saian, samruna, sikorico, simon135, wagmi, zeesaw, zkhorse, zuhaibmohd
20.6 USDC - $20.60
Custom error from solidity 0.8.4 are cheaper than revert strings, custom error are defined using the error statement can use inside and outside the contract.
source https://blog.soliditylang.org/2021/04/21/custom-errors/
i suggest replacing revert / require error strings with custom error.
POC :
https://github.com/code-423n4/2022-08-foundation/blob/main/contracts/NFTCollectionFactory.sol#L173 https://github.com/code-423n4/2022-08-foundation/blob/main/contracts/NFTCollectionFactory.sol#L203 https://github.com/code-423n4/2022-08-foundation/blob/main/contracts/NFTCollectionFactory.sol#L262 https://github.com/code-423n4/2022-08-foundation/blob/main/contracts/NFTDropCollection.sol#L88 https://github.com/code-423n4/2022-08-foundation/blob/main/contracts/NFTDropCollection.sol#L93 https://github.com/code-423n4/2022-08-foundation/blob/main/contracts/NFTDropCollection.sol#L130 https://github.com/code-423n4/2022-08-foundation/blob/main/contracts/NFTDropCollection.sol#L131 https://github.com/code-423n4/2022-08-foundation/blob/main/contracts/NFTDropCollection.sol#L172 https://github.com/code-423n4/2022-08-foundation/blob/main/contracts/NFTDropCollection.sol#L179 https://github.com/code-423n4/2022-08-foundation/blob/main/contracts/NFTDropCollection.sol#L238 https://github.com/code-423n4/2022-08-foundation/blob/main/contracts/NFTCollection.sol#L158 https://github.com/code-423n4/2022-08-foundation/blob/main/contracts/NFTCollection.sol#L263 https://github.com/code-423n4/2022-08-foundation/blob/main/contracts/NFTCollection.sol#L264 https://github.com/code-423n4/2022-08-foundation/blob/main/contracts/NFTCollection.sol#L268 https://github.com/code-423n4/2022-08-foundation/blob/main/contracts/NFTCollection.sol#L327
require()/revert() strings longer than 32 bytes cost extra gasEach extra chunk of bytes past the original 32 which costs 3 gas.
POC :
https://github.com/code-423n4/2022-08-foundation/blob/main/contracts/NFTCollectionFactory.sol#L227
#0 - HardlyDifficult
2022-08-19T15:35:38Z
Custom errors
Agree but won't fix at this time. We use these in the market but not in collections. Unfortunately custom errors are still not as good of an experience for users (e.g. on etherscan). We used them in the market originally because we were nearing the max contract size limit and this was a good way to reduce the bytecode. We'll consider this in the future as tooling continues to improve.
Use short error messages
Agree but won't fix. We use up to 64 bytes, aiming to respect the incremental cost but 32 bytes is a bit too short to provide descriptive error messages for our users.