Platform: Code4rena
Start Date: 14/07/2022
Pot Size: $25,000 USDC
Total HM: 2
Participants: 63
Period: 3 days
Judge: PierrickGT
Total Solo HM: 1
Id: 147
League: ETH
Rank: 58/63
Findings: 1
Award: $16.88
π Selected for report: 0
π Solo Findings: 0
π Selected for report: IllIllI
Also found by: 0x1f8b, 0x29A, 0xKitsune, 0xNazgul, Aymen0909, Chom, Deivitto, ElKu, JC, JohnSmith, Kaiziron, Limbooo, MadWookie, Meera, ReyAdmirado, Rohan16, Sm4rty, SooYa, TomJ, Trumpero, Waze, __141345__, ajtra, ak1, antonttc, bulej93, c3phas, cRat1st0s, csanuragjain, defsec, durianSausage, fatherOfBlocks, gogo, hake, hickuphh3, ignacio, joestakey, karanctf, kyteg, m_Rassska, pashov, rajatbeladiya, rbserver, robee, rokinot, samruna, sashik_eth, simon135, tofunmi
16.8778 USDC - $16.88
0 is less efficient than != 0 for unsigned integers (with proof)
!= 0costs less gas compared to> 0for unsigned integers inrequirestatements with the optimizer enabled (6 gas) Proof: While it may seem that> 0is cheaper than!=, this is only true without the optimizer enabled and outside a require statement. If you enable the optimizer at 10k AND youβre in arequirestatement, this will save gas. You can see this tweet for more proofs: https://twitter.com/gzeon/status/1485428085885640706
contracts/Witch.sol:255 contracts/Witch.sol:300 contracts/Witch.sol:358 contracts/Witch.sol:416
contracts/Witch.sol:255: require(auction_.start > 0, "Vault not under auction"); contracts/Witch.sol:300: require(auction_.start > 0, "Vault not under auction"); contracts/Witch.sol:358: require(auction_.start > 0, "Vault not under auction"); contracts/Witch.sol:416: require(auction_.start > 0, "Vault not under auction");
https://twitter.com/gzeon/status/1485428085885640706
I suggest changing > 0 with != 0. Also, please enable the Optimizer.
Custom errors from Solidity 0.8.4 are cheaper than revert strings (cheaper deployment cost and runtime cost when the revert condition is met)
Starting from Solidity v0.8.4,there is a convenient and gas-efficient way to explain to users why an operation failed through the use of custom errors. Until now, you could already use strings to give more information about failures (e.g., revert("Insufficient funds.");),but they are rather expensive, especially when it comes to deploy cost, and it is difficult to use dynamic information in them.
Custom errors are defined using the error statement, which can be used inside and outside of contracts (including interfaces and libraries).
Links: Witch.sol:84: Witch.sol:102-108: Witch.sol:189: Witch.sol:200: Witch.sol:255-256: Witch.sol:300: Witch.sol:313: Witch.sol:328: Witch.sol:358: Witch.sol:365: Witch.sol:395: Witch.sol:416: Witch.sol:437:
Witch.sol:84: require(param == "ladle", "Unrecognized"); Witch.sol:102: require(initialOffer <= 1e18, "InitialOffer above 100%"); Witch.sol:103: require(proportion <= 1e18, "Proportion above 100%"); Witch.sol:104: require( initialOffer == 0 || initialOffer >= 0.01e18, "InitialOffer below 1%"); Witch.sol:108: require(proportion >= 0.01e18, "Proportion below 1%"); Witch.sol:189: require(cauldron.level(vaultId) < 0, "Not undercollateralized"); Witch.sol:200: require(limits_.sum <= limits_.max, "Collateral limit reached"); Witch.sol:255: require(auction_.start > 0, "Vault not under auction"); Witch.sol:256: require(cauldron.level(vaultId) >= 0, "Undercollateralized"); Witch.sol:300: require(auction_.start > 0, "Vault not under auction"); Witch.sol:313: require(liquidatorCut >= minInkOut, "Not enough bought"); Witch.sol:328: require(baseJoin != IJoin(address(0)), "Join not found"); Witch.sol:358: require(auction_.start > 0, "Vault not under auction"); Witch.sol:365: require(liquidatorCut >= minInkOut, "Not enough bought"); Witch.sol:395: require(ilkJoin != IJoin(address(0)), "Join not found"); Witch.sol:416: require(auction_.start > 0, "Vault not under auction"); Witch.sol:437: require(auction_.art - artIn >= debt.min * (10**debt.dec),"Leaves dust");
https://blog.soliditylang.org/2021/04/21/custom-errors/
I suggest replacing revert strings with custom errors.