Maia DAO - Ulysses - ayo_dev's results

Harnessing the power of Arbitrum, Ulysses Omnichain specializes in Virtualized Liquidity Management.

General Information

Platform: Code4rena

Start Date: 22/09/2023

Pot Size: $100,000 USDC

Total HM: 15

Participants: 175

Period: 14 days

Judge: alcueca

Total Solo HM: 4

Id: 287

League: ETH

Maia DAO

Findings Distribution

Researcher Performance

Rank: 127/175

Findings: 1

Award: $17.71

Gas:

grade-b

🌟 Selected for report: 0

🚀 Solo Findings: 0

External Links

Code4rena Contest Page Github Contest Repository Github Findings Repository Maia DAO

Findings Information

🌟 Selected for report: rvierdiiev

Also found by: 0x11singh99, 0xAnah, 0xta, Aamir, DavidGiladi, DevABDee, Eurovickk, JCK, K42, MrPotatoMagic, Pessimistic, Raihan, Rolezn, SM3_SS, SY_S, Sathish9098, Udsen, ayo_dev, blutorque, c3phas, clara, dharma09, hihen, hunter_w3b, jamshed, koxuan, lsaudit, marqymarq10, oualidpro, pfapostol, sivanesh_808, tabriz, wahedtalash77, zabihullahazadzoi, ziyou-

Awards

17.7101 USDC - $17.71

Labels

bug

G (Gas Optimization)

grade-b

sufficient quality report

G-29

External Links

Link to GitHub issue

1. When reverting error and the reverted error length is less than or equal to 32 bytes the better thing to do is to return the error as a bytes32 combined with custom error instead of using a require error reason is string are dynamic types and always have to be stored in memory bytes32 on the other hand can fit the stack perfectly and let's not forget all data types in solidity are bytes under the hood

Example

contract red {
  error redss(bytes32 _oop);
  function check(address a) public pure {///339 in runtime gas
    if(a == address(0)){
     revert redss(bytes32("CoreRouter address cannot be 0"));
    }
  }
}


contract reds {
  error redss(string _oop);
  function check(address a) public pure {//375 in runtime gas
    if(a == address(0)){
      revert redss("CoreRouter address cannot be 0");
    }
  }
}

contract sreds {
  function check(address a) public pure {//375 in runtime gas
     require(a != address(0), "CoreRouter address cannot be 0");
  }
}

from there we can save 32+ gas in runtime gas and 2600+ gas in deployment cost

2. String storage variable and token symbol storage variable can be marked as constant and if they contain string less than 32 or equal to 32 they should be declared as bytes32 instead to save gas

example

contract red {// deployment cost: 230558
  string public token;//runtime cost: 3169 in runtime gas
  string public tokenSymbol;//runtime cost: 3147 in runtime gas
  constructor() {
     token ="red";
     tokenSymbol="r";
  }
}

contract redd {// deployment cost: 111585 in gas                                                                                                                                                                         
  string constant public token = "red"; 483 in runtime gas cost
  string constant public tokenSymbol = "r"; 461 in runtime gas cost
}


contract reds {// deployment cost: 111761 in gas cost
  bytes32 immutable public token;
  bytes32 immutable public tokenSymbol;
  constructor() {
     token = bytes32("red"); 183 in runtime gas cost
     tokenSymbol = bytes32("r"); 161 in runtime gas cost
  }
}

from the above we can see the best thing is to is with either method we save 100000+ in gas deployment cost and 3000+ in runtime gas cost

instances in code: https://github.com/code-423n4/2023-09-maia/blob/f5ba4de628836b2a29f9b5fff59499690008c463/src/factories/ERC20hTokenBranchFactory.sol#L26 https://github.com/code-423n4/2023-09-maia/blob/f5ba4de628836b2a29f9b5fff59499690008c463/src/factories/ERC20hTokenBranchFactory.sol#L29

3. In some functions where we calculated the same arithmetic value in two different instances inside the function when we could calculate it once and cache it next, to prevent us working the same arithmetic operation twice

example

contract red {// deployment cost: 47499 in gas fees
  function ish(uint a, uint c) public pure returns(uint b){// truntime cost: 469 in gas fees
    if(c - a > 0){
       b = c- a;
    }else {
      b = 10;
    }
  }
}

contract reds { 47899 in deployment cost
  function ish(uint a, uint c) public pure returns(uint b){// 404 in runtime cost
    uint d = c -a;
    if(d > 0){
       b = d;
    }else {
      b = 10;
    }
  }
}

from the above we can see that we save 65 in runtime gas and we lost 500+ in deployment gas, but i assume it's a contract that will be used all the time so runtime cost > deployment cost

instances in the code: https://github.com/code-423n4/2023-09-maia/blob/f5ba4de628836b2a29f9b5fff59499690008c463/src/BaseBranchRouter.sol#L160 https://github.com/code-423n4/2023-09-maia/blob/f5ba4de628836b2a29f9b5fff59499690008c463/src/ArbitrumBranchPort.sol#L132 https://github.com/code-423n4/2023-09-maia/blob/f5ba4de628836b2a29f9b5fff59499690008c463/src/BaseBranchRouter.sol#L165 https://github.com/code-423n4/2023-09-maia/blob/f5ba4de628836b2a29f9b5fff59499690008c463/src/BaseBranchRouter.sol#L167 https://github.com/code-423n4/2023-09-maia/blob/f5ba4de628836b2a29f9b5fff59499690008c463/src/BaseBranchRouter.sol#L168 https://github.com/code-423n4/2023-09-maia/blob/f5ba4de628836b2a29f9b5fff59499690008c463/src/BranchBridgeAgent.sol#L906 https://github.com/code-423n4/2023-09-maia/blob/f5ba4de628836b2a29f9b5fff59499690008c463/src/BranchBridgeAgent.sol#L908

4. There are functions where we read the same value from the memory or calldata multiples times , what we can do here is cache the value and use it continuously instead of reading the value everytime this saves us gas

example

contract red {// deployment cost: 81129 in gas fees
 function check(uint[] calldata _arr) public pure returns(uint c) {//runtime cost: 659 in gas fees
   if(_arr[0] ==  1){
      c = 10;
   }else if(_arr[0] == 2){
    c = 3;
   }else if(_arr[0] == 3){
    c = 5;
   }
 }
}

contract reds {// deployment cost: 72723 in deployment cost
 function check(uint[] calldata _arr) public pure returns(uint c) {//runtime cost: 579 in gas fees
   uint d = _arr[0];
   if(d ==  1){
      c = 10;
   }else if(d == 2){
    c = 3;
   }else if(d == 3){
    c = 5;
   }
 }
}

from the above we can see we saved 8406 in deployment cost and 80+ in runtime cost

the callOutAndBridgeMultiple function and callOutSignedAndBridge in BranchBridgeAgent contract has this problem, values read from memory should have been cached instead they were used like that and read from the memory multiple times:

instances by function: https://github.com/code-423n4/2023-09-maia/blob/f5ba4de628836b2a29f9b5fff59499690008c463/src/BranchBridgeAgent.sol#L231C14-L231C38 https://github.com/code-423n4/2023-09-maia/blob/f5ba4de628836b2a29f9b5fff59499690008c463/src/BranchBridgeAgent.sol#L276 https://github.com/code-423n4/2023-09-maia/blob/f5ba4de628836b2a29f9b5fff59499690008c463/src/BranchBridgeAgent.sol#L306 https://github.com/code-423n4/2023-09-maia/blob/f5ba4de628836b2a29f9b5fff59499690008c463/src/BranchBridgeAgent.sol#L343 https://github.com/code-423n4/2023-09-maia/blob/f5ba4de628836b2a29f9b5fff59499690008c463/src/BranchBridgeAgent.sol#L860 https://github.com/code-423n4/2023-09-maia/blob/f5ba4de628836b2a29f9b5fff59499690008c463/src/CoreBranchRouter.sol#L86

5. do not initialize value to zero, in soildity unassigned values are zero by default, especially in for loops

example

contract test {//Deployment cost : 180927 gas
 function tests(uint[] calldata arr) public view {// runtime gas: 1220 gas
    for(uint i; i < arr.length; ++i){

    }
 }
}

contract test {//Deployment cost : 180927 gas
 function tests(uint[] calldata arr) public view {// runtime gas: 1230 gas
    for(uint i = 0; i < arr.length; ++i){

    }
 }
}

with the optimizer off this saves us 10+ in runtime gas fees, but with it on this remains the same

5. length of array should be cached during for loops to save gas

example

contract red {// deployment cost: 95341
 function check(uint[] memory _arr) public pure returns(uint c) {//runtime cost: 2564 in gas
   for(uint i = 0; i < _arr.length; ++i){
      c = _arr[i];
   }
 }
}

contract reds {// deployment cost: 95941
   function check(uint[] memory _arr) public pure returns(uint c) {// runtime cost: 2548 in gas
    uint len = _arr.length;
   for(uint i; i < len; ++i){
      c = _arr[i];
   }
 }
}

6. cache storage variable if you use them more than once in a function

example

instance in code:

8. functions in library should have internal visibility instead of external

library check{
  function mid(uint b) external returns(uint c){
       c = b + 10;
  }
}

contract midas{ //deployment cost: 136449 in gas fees
  function checks(uint c) external returns(uint f){//28350 in runtime gas fees
    f = check.mid(c);
  }
}

library check{
  function mid(uint b) external returns(uint c){
       c = b + 10;
  }
}

contract midas{ //deployment cost: 1114565 in gas fees
  function checks(uint c) external returns(uint f){//24813 in runtime gas fees
    f = check.mid(c);
  }
}

from the above we can see we save 21,884 in deployment cost when we swirch from external to internal and we save 3537 in gas on runttime cost

instances in code: https://github.com/code-423n4/2023-09-maia/blob/f5ba4de628836b2a29f9b5fff59499690008c463/src/ArbitrumBranchBridgeAgent.sol#L10 https://github.com/code-423n4/2023-09-maia/blob/f5ba4de628836b2a29f9b5fff59499690008c463/src/BranchBridgeAgent.sol#L23 https://github.com/code-423n4/2023-09-maia/blob/f5ba4de628836b2a29f9b5fff59499690008c463/src/BranchBridgeAgentExecutor.sol#L15

#0 - c4-pre-sort
2023-10-15T17:35:13Z

0xA5DF marked the issue as sufficient quality report

#1 - 0xA5DF
2023-10-15T17:35:22Z

5 in bot report, 6 doesn't have any instances

#2 - c4-judge
2023-10-26T13:42:01Z

alcueca marked the issue as grade-b

Maia DAO - Ulysses - ayo_dev's results

Harnessing the power of Arbitrum, Ulysses Omnichain specializes in Virtualized Liquidity Management.

General Information

Findings Distribution

Researcher Performance

External Links

[G-29] Gas Report - $17.71

Findings Information

Awards

Labels

External Links

2. String storage variable and token symbol storage variable can be marked as constant and if they contain string less than 32 or equal to 32 they should be declared as bytes32 instead to save gas

3. In some functions where we calculated the same arithmetic value in two different instances inside the function when we could calculate it once and cache it next, to prevent us working the same arithmetic operation twice

4. There are functions where we read the same value from the memory or calldata multiples times , what we can do here is cache the value and use it continuously instead of reading the value everytime this saves us gas

5. do not initialize value to zero, in soildity unassigned values are zero by default, especially in for loops

5. length of array should be cached during for loops to save gas

6. cache storage variable if you use them more than once in a function

8. functions in library should have internal visibility instead of external

#0 - c4-pre-sort2023-10-15T17:35:13Z

#1 - 0xA5DF2023-10-15T17:35:22Z

#2 - c4-judge2023-10-26T13:42:01Z

#0 - c4-pre-sort
2023-10-15T17:35:13Z

#1 - 0xA5DF
2023-10-15T17:35:22Z

#2 - c4-judge
2023-10-26T13:42:01Z