Back to ReyAdmirado's contests

Redacted Cartel contest - ReyAdmirado's results

Boosted GMX assets from your favorite liquid token wrapper, Pirex - brought to you by Redacted Cartel.

General Information

Platform: Code4rena

Start Date: 21/11/2022

Pot Size: $90,500 USDC

Total HM: 18

Participants: 101

Period: 7 days

Judge: Picodes

Total Solo HM: 4

Id: 183

League: ETH

Redacted Cartel

Findings Distribution

Researcher Performance

Rank: 90/101

Findings: 1

Award: $39.65

Gas:
grade-b

🌟 Selected for report: 0

🚀 Solo Findings: 0

External Links

Code4rena Contest PageGithub Contest RepositoryGithub Findings RepositoryRedacted Cartel

Findings Information

🌟 Selected for report: gzeon

Also found by: 0xPanda, 0xSmartContract, B2, Deivitto, Diana, JohnSmith, PaludoX0, Rahoz, RaymondFam, ReyAdmirado, Rolezn, Schlagatron, Secureverse, Tomio, __141345__, adriro, ajtra, aphak5010, c3phas, chaduke, codeislight, cryptonue, datapunk, dharma09, halden, karanctf, keccak123, oyc_109, pavankv, sakshamguruji, saneryee, unforgiven

Awards

39.6537 USDC - $39.65

Labels

bug
G (Gas Optimization)
grade-b
sponsor disputed
G-11

External Links

Link to GitHub issue

Gas

issue
1State variables only set in the constructor should be declared immutable.
2state variables can be packed into fewer storage slots
3expressions for constant values such as a call to keccak256(), should use immutable rather than constant
4Stack variable used as a cheaper cache for a state variable is only used once
5<x> += <y> costs more gas than <x> = <x> + <y> for state variables
6not using the named return variables when a function returns, wastes deployment gas
7can make the variable outside the loop to save gas
8++i/i++ should be unchecked{++i}/unchecked{i++} when it is not possible for them to overflow, as is the case when used in for-loop and while-loops
9internal functions only called once can be inlined to save gas
10usage of uint/int smaller than 32 bytes (256 bits) incurs overhead
11public functions not called by the contract should be declared external instead
12state var is defined but not used anywhere but
13should pre calculate constant instead of using external call

1. State variables only set in the constructor should be declared immutable.

Avoids a Gsset (20000 gas) in the constructor, and replaces each Gwarmaccess (100 gas) with a PUSH32 (3 gas).

pxGmx

2. state variables can be packed into fewer storage slots

If variables occupying the same slot are both written the same function or by the constructor, avoids a separate Gsset (20000 gas). Reads of the variables are also cheaper.

make poolFee before platform so they be in one slot

3. expressions for constant values such as a call to keccak256(), should use immutable rather than constant

4. Stack variable used as a cheaper cache is only used once

If it is only accessed once, it’s cheaper to use the function directly that one time, and save the 3 gas the extra stack assignment would spend

5. <x> += <y> costs more gas than <x> = <x> + <y> for state variables

Using the addition operator instead of plus-equals saves gas

6. not using the named return variables when a function returns, wastes deployment gas

7. can make the variable outside the loop to save gas

make the variables before the loop and only assign them inside.

8. ++i/i++ should be unchecked{++i}/unchecked{i++} when it is not possible for them to overflow, as is the case when used in for-loop and while-loops

In Solidity 0.8+, there’s a default overflow check on unsigned integers. It’s possible to uncheck this in for-loops and save some gas at each iteration, but at the cost of some code readability, as this uncheck cannot be made inline.

9. internal functions only called once can be inlined to save gas

Not inlining costs 20 to 40 gas because of two extra JUMP instructions and additional stack operations needed for function calls.

afterDeposit

beforeDeposit

_harvest

10. usage of uint/int smaller than 32 bytes (256 bits) incurs overhead

When using elements that are smaller than 32 bytes, your contract’s gas usage may be higher. This is because the EVM operates on 32 bytes at a time. Therefore, if the element is smaller than that, the EVM must use more operations in order to reduce the size of the element from 32 bytes to the desired size. Each operation involving a uint8 costs an extra 22-28 gas (depending on whether the other operand is also a variable of type uint8) as compared to ones involving uint256, due to the compiler having to clear the higher bits of the memory word before operating on the uint8, as well as the associated stack operations of doing so. Use a larger size then downcast where needed https://docs.soliditylang.org/en/v0.8.11/internals/layout_in_storage.html Use a larger size then downcast where needed

11. public functions not called by the contract should be declared external instead

Contracts are allowed to override their parents’ functions and change the visibility from external to public and can save gas by doing so.

12. state var is defined but not used anywhere but

even if they are for readability, consider making them comments instead

EXPANDED_DECIMALS

13. should pre calculate constant instead of using external call

SWAP_ROUTER will always be the same so instead of using IV3SwapRouter(0x68b3465833fb72A70ecDF485E0e4C7bD8665Fc45) to calculate it just calculate it once before and only give the answer to the constant so its not calculated every time contract is used.

#0 - c4-judge

2022-12-05T14:19:01Z

Picodes marked the issue as grade-b

#1 - drahrealm

2022-12-09T05:58:25Z

Tips considered for implementation already exist on older confirmed findings

#2 - c4-sponsor

2022-12-09T05:58:30Z

drahrealm marked the issue as sponsor disputed

AuditHub

A portfolio for auditors, a security profile for protocols, a hub for web3 security.

Built bymalatrax © 2024

Auditors

Browse

Contests

Browse

Get in touch

ContactTwitter