Canto Identity Subprotocols contest - atharvasama's results

canto-pfp-protocol/src/ProfilePicture.sol

[03] Typos

61:             // Register CSR on Canto mainnnet

82:             // Register CSR on Canto mainnnet

95:     /// @param _revenueAddress Adress to send the revenue to

111:             // Register CSR on Canto mainnnet

247:         uint256 charRandValue = Utils.iteratePRNG(_seed); // Iterate PRNG to not have any biasedness / correlation between random numbers

7: /// @notice Utiltities for the on-chain SVG generation of the text data and pseudo randomness

[04] Use a more recent version of Solidity

Use a solidity version of at least 0.8.13 to get the ability to use using for with a list of free functions

Use a more recent solidity versions for the following contracts

canto-pfp-protocol/src/ProfilePicture.sol

[05] Avoid using tx.origin

tx.origin is a global variable in Solidity that returns the address of the account that sent the transaction.

Using the variable could make a contract vulnerable if an authorized account calls a malicious contract. You can impersonate a user using a third party contract.

canto-namespace-protocol/src/Namespace.sol:

36:             turnstile.register(tx.origin);

84:             turnstile.register(tx.origin);

canto-namespace-protocol/src/Tray.sol:

113:             turnstile.register(tx.origin);

canto-pfp-protocol/src/ProfilePicture.sol

63:             turnstile.register(tx.origin);

[06] A single point of failure

Add a time lock to critical functions. Admin-only functions that change critical parameters should emit events and have timelocks.

Events allow capturing the changed parameters so that off-chain tools/interfaces can register such changes with timelocks that allow users to evaluate them and consider if they would like to engage/exit based on how they perceive the changes as affecting the trustworthiness of the protocol or profitability of the implemented financial services.

196:     function changeNoteAddress(address _newNoteAddress) external onlyOwner {

204:     function changeRevenueAddress(address _newRevenueAddress) external onlyOwner {

210:     function changeNoteAddress(address _newNoteAddress) external onlyOwner {

218:     function changeRevenueAddress(address _newRevenueAddress) external onlyOwner {

225:     function endPrelaunchPhase() external onlyOwner {

#0 - c4-judge
2023-04-11T05:43:19Z

0xleastwood marked the issue as grade-b

Findings Information

🌟 Selected for report: 0xSmartContract

Also found by: 0xdaydream, 0xnev, Aymen0909, Deekshith99, Diana, EvanW, Fanz, JCN, Jerry0x, K42, Kresh, Madalad, MiniGlome, Polaris_tow, Rageur, ReyAdmirado, Rolezn, SAAJ, SaeedAlipoor01988, Sathish9098, Shubham, Udsen, Viktor_Cortess, Walter, anodaram, arialblack14, atharvasama, caspersolangii, codeslide, descharre, fatherOfBlocks, felipe, ginlee, igingu, lukris02, nadin, slvDev, tnevler, turvy_fuzz, viking71

Awards

77.5893 USDC - $77.59

Labels

bug

G (Gas Optimization)

grade-a

G-13

External Links

Link to GitHub issue

Gas Optimizations list

Number	Details	Instances
1	CAN DECLARE VARIABLE OUTSIDE LOOP TO SAVE GAS	12
2	AVOID CONTRACT EXISTENCE CHECKS BY USING LOW LEVEL CALLS	1
3	PUBLIC FUNCTIONS NOT CALLED BY THE CONTRACT SHOULD BE DECLARED EXTERNAL INSTEAD	3
4	OPTIMIZE NAMES TO SAVE GAS	5
5	INTERNAL FUNCTIONS ONLY CALLED ONCE CAN BE INLINED TO SAVE GAS	1
6	BEFORE SOME FUNCTIONS, WE SHOULD CHECK SOME VARIABLES FOR POSSIBLE GAS SAVE	1
7	USAGE OF UINT/INT SMALLER THAN 32 BYTES (256 BITS) INCURS OVERHEAD	11
8	USE A MORE RECENT VERSION OF SOLIDITY	5

Gas Optimizations

[G-01] CAN DECLARE VARIABLE OUTSIDE LOOP TO SAVE GAS

Declaring the stack variable outside the loop will save gas that would otherwise be spent on declaring the variable over and over again.

57:             bytes1 character = bioTextBytes[i];

61:                 bytes1 nextCharacter;

123:             bool isLastTrayEntry = true;
124:             uint256 trayID = _characterList[i].trayID;
125:             uint8 tileOffset = _characterList[i].tileOffset;

134:             uint8 characterModifier = tileData.characterModifier;

144:             bytes memory charAsBytes = Utils.characterToUnicodeBytes(0, tileData.characterIndex, characterModifier);

146:             uint256 numBytesChar = charAsBytes.length;

160:             TileData[TILES_PER_TRAY] memory trayTiledata;

148:                 uint256 characterIndex = (_characterModifier % ZALGO_NUM_ABOVE) * 2;

157:                 uint256 characterIndex = (_characterModifier % ZALGO_NUM_OVER) * 2;

166:                 uint256 characterIndex = (_characterModifier % ZALGO_NUM_BELOW) * 2;

[G-02] AVOID CONTRACT EXISTENCE CHECKS BY USING LOW LEVEL CALLS

Before Solidity 0.8.10 the compiler inserted extra code to check for contract existence for external function calls EXTCODESIZE (100 gas). In more recent solidity versions, the compiler will not insert these checks if the external call has a return value. Similar behavior can be achieved in earlier versions by using low-level calls, since low level calls never check for contract existence.

156:                 address trayOwner = tray.ownerOf(trayID);

[G-03] PUBLIC FUNCTIONS NOT CALLED BY THE CONTRACT SHOULD BE DECLARED EXTERNAL INSTEAD

Contracts are allowed to override their parents’ functions and change the visibility from public to external and can save gas by doing so.

43:     function tokenURI(uint256 _id) public view override returns (string memory) {

90:     function tokenURI(uint256 _id) public view override returns (string memory) {

119:     function tokenURI(uint256 _id) public view override returns (string memory) {

[G-04] OPTIMIZE NAMES TO SAVE GAS

Function hashes that have two leading zero bytes can save 128 gas each during deployment, and renaming functions to have lower method IDs will save 22 gas per call, per sorted position shifted. Prioritize the most called functions and sort and rename them according to the function hashes/method IDs. For a better understanding please refer to this link

A lower method ID may be given to the most frequently used functions. This is a useful tool that can be used for the same, if required.

[G-05] INTERNAL FUNCTIONS ONLY CALLED ONCE CAN BE INLINED TO SAVE GAS

Not inlining costs 20 to 40 gas because of two extra JUMP instructions and additional stack operations needed for function calls.

231:     function _beforeTokenTransfers(
232:         address, /* from*/
233:         address to,
234:         uint256 startTokenId,
235:         uint256 /* quantity*/
236:     ) internal view override {

[G-06] BEFORE SOME FUNCTIONS, WE SHOULD CHECK SOME VARIABLES FOR POSSIBLE GAS SAVE

Before transfer, we should check for amount being 0 so the function doesnt run when its not gonna do anything.

150:     function buy(uint256 _amount) external {

[G-07] USAGE OF UINT/INT SMALLER THAN 32 BYTES (256 BITS) INCURS OVERHEAD

When using elements that are smaller than 32 bytes, your contract’s gas usage may be higher. This is because the EVM operates on 32 bytes at a time. Therefore, if the element is smaller than that, the EVM must use more operations in order to reduce the size of the element from 32 bytes to the desired size. Each operation involving a uint8 costs an extra 22-28 gas (depending on whether the other operand is also a variable of type uint8) as compared to ones involving uint256, due to the compiler having to clear the higher bits of the memory word before operating on the uint8, as well as the associated stack operations of doing so. Use a larger size then downcast where needed.

34:         uint8 tileOffset;

36:         uint8 skinToneModifier;

125:             uint8 tileOffset = _characterList[i].tileOffset;

134:             uint8 characterModifier = tileData.characterModifier;

59:         uint8 fontClass;

61:         uint16 characterIndex;

63:         uint8 characterModifier;