Platform: Code4rena
Start Date: 14/06/2022
Pot Size: $50,000 USDC
Total HM: 19
Participants: 99
Period: 5 days
Judge: HardlyDifficult
Total Solo HM: 4
Id: 136
League: ETH
Rank: 93/99
Findings: 1
Award: $31.29
π Selected for report: 0
π Solo Findings: 0
π Selected for report: IllIllI
Also found by: 0v3rf10w, 0x1f8b, 0x29A, 0xAsm0d3us, 0xDjango, 0xKitsune, 0xNazgul, 0xf15ers, 0xkatana, 0xkowloon, BowTiedWardens, Chom, ElKu, FSchmoede, Funen, GimelSec, Kaiziron, Kenshin, Lambda, MadWookie, MiloTruck, PPrieditis, Picodes, PwnedNoMore, StErMi, Tadashi, TerrierLover, TomJ, Tomio, Wayne, Waze, _Adam, antonttc, apostle0x01, asutorufos, c3phas, codexploder, defsec, delfin454000, fatherOfBlocks, hake, hansfriese, hyh, joestakey, k, kenta, oyc_109, peritoflores, reassor, rfa, robee, sach1r0, simon135, slywaters, zer0dot
31.294 USDC - $31.29
Instead of using the && operator in a single require statement to check multiple conditions,using multiple require statements with 1 condition per require statement will save 8 GAS per && The gas difference would only be realized if the revert condition is realized(met).
File:InfinityExchange.sol line 264
require(numSells == buys.length && numSells == constructs.length, 'mismatched lengths');
The above should be modified to
require(numSells == buys.length,'mismatched lengths'); require(numSells == constructs.length, 'mismatched lengths');
File: InfinityExchange.sol line 949
require(makerOrderValid && executionValid, 'order not verified');
The above should be modified to
require(makerOrderValid,'order not verified'); require(executionValid, 'order not verified');
Proof The following tests were carried out in remix with both optimization turned on and off
require ( a > 1 && a < 5, "Initialized"); return a + 2; }
Execution cost 21617 with optimization and using && 21976 without optimization and using &&
After splitting the require statement
require (a > 1 ,"Initialized"); require (a < 5 , "Initialized"); return a + 2; }
Execution cost 21609 with optimization and split require 21968 without optimization and using split require
!= 0 costs less gas compared to > 0 for unsigned integers in require statements with the optimizer enabled (6 gas)
For uints the minimum value would be 0 and never a negative value. Since it cannot be a negative value, then the check > 0 is essentially checking that the value is not equal to 0 therefore >0 can be replaced with !=0 which saves gas.
Proof: While it may seem that > 0 is cheaper than !=, this is only true without the optimizer enabled and outside a require statement. If you enable the optimizer at 10k AND you're in a require statement, this will save gas. see
I suggest changing > 0 with != 0 here:
File: InfinityExchange.sol line 392
require(numNonces > 0, 'cannot be empty');
The above should be modifed to:
require(numNonces != 0, 'cannot be empty');
Something similar to my proposal is already implemented here File: InfinityStaker.sol line 68
require(amount != 0, 'stake amount cant be 0');
You can (and should) attach error reason strings along with require statements to make it easier to understand why a contract call reverted. These strings, however, take space in the deployed bytecode. Every reason string takes at least 32 bytes so make sure your string fits in 32 bytes or it will become more expensive.
Shortening revert strings to fit in 32 bytes will decrease deployment time gas and will decrease runtime gas when the revert condition is met.
Revert strings that are longer than 32 bytes require at least one additional mstore, along with additional overhead for computing memory offset, etc.
File: InfinityExchange.sol line 395
require(!isUserOrderNonceExecutedOrCancelled[msg.sender][orderNonces[i]], 'nonce already executed or cancelled');
File:InfinityStaker.sol line 92
require( userstakedAmounts[msg.sender][oldDuration].amount >= amount, 'insufficient staked amount to change duration' );
File:InfinityStaker.sol line 96
require(newDuration > oldDuration, 'new duration must be greater than old duration');
I suggest shortening the revert strings to fit in 32 bytes, or using custom errors which is explained below
Custom errors from Solidity 0.8.4 are cheaper than revert strings (cheaper deployment cost and runtime cost when the revert condition is met)
see Source
Starting from Solidity v0.8.4, there is a convenient and gas-efficient way to explain to users why an operation failed through the use of custom errors. Until now, you could already use strings to give more information about failures (e.g., revert("Insufficient funds.");), but they are rather expensive, especially when it comes to deploy cost, and it is difficult to use dynamic information in them.
Custom errors are defined using the error statement, which can be used inside and outside of contracts (including interfaces and libraries).
Solidity version 0.8+ comes with implicit overflow and underflow checks on unsigned integers. When an overflow or an underflow isnβt possible (as an example, when a comparison is made before the arithmetic operation), some gas can be saved by using an unchecked block
File: InfinityExchange.sol line 1156
uint256 priceDiff = startPrice > endPrice ? startPrice - endPrice : endPrice - startPrice;
Note: Before the subtraction operation is carried out, we have a check that is executed. The first arithemetic startPrice - endPrice will be executed if the condition startPrice > endPrice is true. This means startPrice must be greater than endPrice so no underflow would occur here.
The second part of the subtraction arithemetic endPrice - startPrice would be executed only if the check startPrice > endPrice fails which would mean startPrice not greater than endPrice therefore the operation endPrice - startPrice would not underflow as endPrice is guaranted to be greater than startPrice
The above should be modified to
unchecked{ uint256 priceDiff = startPrice > endPrice ? startPrice - endPrice : endPrice - startPrice; }
Other instances to modify
File: InfinityExchange.sol line 1164
return startPrice > endPrice ? startPrice - priceDiff : startPrice + priceDiff;
File:InfinityOrderBookComplication.sol line 333
uint256 priceDiff = startPrice > endPrice ? startPrice - endPrice : endPrice - startPrice;
FIle:InfinityStaker.sol line 301
amount = amount - noVesting;
The above cannot underflow due to the check on line 298 that ensures that amount is greater than noVesting. see below
if (amount > noVesting) {
FIle:InfinityStaker.sol lne 305
amount = amount - vestedThreeMonths;
The above cannot underflow due the check on line 302
FIle:InfinityStaker.sol line 309
amount = amount - vestedSixMonths;
The above cannot underflow due to the check on line 306
If a variable is not set/initialized, it is assumed to have the default value (0, false, 0x0 etc depending on the data type). If you explicitly initialize it with its default value, you are just wasting gas. It costs more gas to initialize variables to zero/false than to let the default of zero/false be applied
File: InfinityOrderBookComplication.sol line 42
bool _isPriceValid = false;
The default values for booleans is false therefore no need to initialize it here. so the above should be declared as follows
bool _isPriceValid;
Something similar to my proposal was implemented a few lines after that but for uint256
File: InfinityOrderBookComplication.sol line 45
uint256 execPrice;
Other Instances to modify File: InfinityOrderBookComplication.sol line 108
bool _isPriceValid = false;
File: InfinityOrderBookComplication.sol line 214
uint256 numTakerItems = 0;
File: InfinityOrderBookComplication.sol line 244 File: InfinityOrderBookComplication.sol line 289 File: InfinityOrderBookComplication.sol line 318
#0 - nneverlander
2022-06-22T16:45:20Z
Thanks