Platform: Code4rena
Start Date: 22/09/2022
Pot Size: $30,000 USDC
Total HM: 12
Participants: 133
Period: 3 days
Judge: 0xean
Total Solo HM: 2
Id: 165
League: ETH
Rank: 119/133
Findings: 1
Award: $12.81
🌟 Selected for report: 0
🚀 Solo Findings: 0
🌟 Selected for report: pfapostol
Also found by: 0x040, 0x1f8b, 0x4non, 0x5rings, 0xA5DF, 0xNazgul, 0xSmartContract, 0xmatt, 0xsam, Amithuddar, Aymen0909, B2, Ben, Bnke0x0, Chom, CodingNameKiki, Deivitto, Diana, Fitraldys, Funen, IllIllI, JAGADESH, JC, Metatron, Ocean_Sky, PaludoX0, Pheonix, RaymondFam, ReyAdmirado, RockingMiles, Rohan16, Rolezn, Satyam_Sharma, Sm4rty, SnowMan, SooYa, Tagir2003, TomJ, Tomio, Triangle, V_B, Waze, __141345__, ajtra, albincsergo, asutorufos, aysha, beardofginger, bobirichman, brgltd, bulej93, bytera, c3phas, ch0bu, cryptostellar5, cryptphi, d3e4, delfin454000, dharma09, drdr, durianSausage, emrekocak, erictee, fatherOfBlocks, gogo, got_targ, imare, jag, karanctf, ladboy233, leosathya, lukris02, medikko, mics, millersplanet, natzuu, neko_nyaa, oyc_109, peanuts, prasantgupta52, rbserver, ret2basic, rokinot, ronnyx2017, rotcivegaf, sach1r0, samruna, seyni, slowmoses, tnevler, wagmi, zishansami
12.8108 USDC - $12.81
The gas cost can be reduced by using ++i or i += 1 instead of i++ in the following locations:
DepositContract.sol, Line 76:
for (uint height = 0; height < DEPOSIT_CONTRACT_TREE_DEPTH - 1; height++)
DepositContract.sol, Line 83:
for (uint height = 0; height < DEPOSIT_CONTRACT_TREE_DEPTH; height++) {
DepositContract.sol, Line 148:
for (uint height = 0; height < DEPOSIT_CONTRACT_TREE_DEPTH; height++) {
ERC20/ERC20PermitPermissionedMint.sol, Line 84:
for (uint i = 0; i < minters_array.length; i++){
The gas cost can be reduced by using != 0 instead of > 0 in the following locations:
frxETHMinter.sol, Line 79:
require(sfrxeth_recieved > 0, 'No sfrxETH was returned');
frxETHMinter.sol, Line 126:
require(numDeposits > 0, "Not enough ETH in contract");
Uninitialsed variables default to 0x0. Hence, assigning them 0 uses gas unnecessarily.
DepositContract.sol, Line 76:
for (uint height = 0; height < DEPOSIT_CONTRACT_TREE_DEPTH - 1; height++)
DepositContract.sol, Line 83:
for (uint height = 0; height < DEPOSIT_CONTRACT_TREE_DEPTH; height++) {
DepositContract.sol, Line 148:
for (uint height = 0; height < DEPOSIT_CONTRACT_TREE_DEPTH; height++) {
ERC20/ERC20PermitPermissionedMint.sol, Line 84:
for (uint i = 0; i < minters_array.length; i++){
OperatorRegistry.sol, Line 63:
for (uint256 i = 0; i < arrayLength; ++i) {
OperatorRegistry.sol, Line 84:
for (uint256 i = 0; i < times; ++i) {
OperatorRegistry.sol, Line 114:
for (uint256 i = 0; i < original_validators.length; ++i) {
frxETHMinter.sol, Line 94:
uint256 withheld_amt = 0;
frxETHMinter.sol, Line 129:
for (uint256 i = 0; i < numDeposits; ++i) {
Solidity 0.8+ implements over- and underflow checks on arithmetic operations by default. In DepositContract.sol there are three for-loops where the uint height is incremented. We can be confident that height will not overflow because DEPOSIT_CONTRACT_TREE_DEPTH is a constant. The default check can be removed by modifying the code as such:
Gassy:
for (uint height = 0; height < DEPOSIT_CONTRACT_TREE_DEPTH - 1; height++) { }
Optimised:
for (uint height = 0; height < DEPOSIT_CONTRACT_TREE_DEPTH - 1; ) { unchecked { ++height; } }
Occurrences:
DepositContract.sol, Line 76:
for (uint height = 0; height < DEPOSIT_CONTRACT_TREE_DEPTH - 1; height++)
DepositContract.sol, Line 83:
for (uint height = 0; height < DEPOSIT_CONTRACT_TREE_DEPTH; height++) {
DepositContract.sol, Line 148:
for (uint height = 0; height < DEPOSIT_CONTRACT_TREE_DEPTH; height++) {