Frax Ether Liquid Staking contest - d3e4's results

A liquid ETH staking derivative designed to uniquely leverage the Frax Finance ecosystem.

General Information

Platform: Code4rena

Start Date: 22/09/2022

Pot Size: $30,000 USDC

Total HM: 12

Participants: 133

Period: 3 days

Judge: 0xean

Total Solo HM: 2

Id: 165

League: ETH

Frax Finance

Findings Distribution

Researcher Performance

Rank: 104/133

Findings: 1

Award: $12.83

🌟 Selected for report: 0

🚀 Solo Findings: 0

External Links

Code4rena Contest Page Github Contest Repository Github Findings Repository Frax Finance

Findings Information

🌟 Selected for report: pfapostol

Also found by: 0x040, 0x1f8b, 0x4non, 0x5rings, 0xA5DF, 0xNazgul, 0xSmartContract, 0xmatt, 0xsam, Amithuddar, Aymen0909, B2, Ben, Bnke0x0, Chom, CodingNameKiki, Deivitto, Diana, Fitraldys, Funen, IllIllI, JAGADESH, JC, Metatron, Ocean_Sky, PaludoX0, Pheonix, RaymondFam, ReyAdmirado, RockingMiles, Rohan16, Rolezn, Satyam_Sharma, Sm4rty, SnowMan, SooYa, Tagir2003, TomJ, Tomio, Triangle, V_B, Waze, __141345__, ajtra, albincsergo, asutorufos, aysha, beardofginger, bobirichman, brgltd, bulej93, bytera, c3phas, ch0bu, cryptostellar5, cryptphi, d3e4, delfin454000, dharma09, drdr, durianSausage, emrekocak, erictee, fatherOfBlocks, gogo, got_targ, imare, jag, karanctf, ladboy233, leosathya, lukris02, medikko, mics, millersplanet, natzuu, neko_nyaa, oyc_109, peanuts, prasantgupta52, rbserver, ret2basic, rokinot, ronnyx2017, rotcivegaf, sach1r0, samruna, seyni, slowmoses, tnevler, wagmi, zishansami

Awards

12.8336 USDC - $12.83

Labels

bug

G (Gas Optimization)

External Links

Link to GitHub issue

Change array size directly, rather than pop in a loop In OperatorRegistry.sol the function popValidators uses a for-loop to pop away the last times elements from the dynamic array validators. Significant gas savings can be made by just overwriting the length of the array, instead of repeatedly popping single elements. The following code replaces the for-loop:

uint newLen = validators.length - times;
assembly {
    sstore(validators.slot, newLen)
}

Change array size to 0, rather than delete array Deleting an array, as done in clearValidatorArray costs gas for each elements that has to be deleted. It is cheaper to simply change the array size to 0 (the data is then not actually deleted but this is not an issue as the array length never is increased). If the proposed change to popValidators above is used, then this function can be used, calling it with its parameter times equal to the validators.length.

Unnecessary memory store to swap elements The swapping done in swapValidator can be made cheaper by only storing one of the elements to be swapped in memory and calling the other one directly, e.g.:

// Get the original values
Validator memory toVal = validators[to_idx];

// Set the swapped values
validators[to_idx] = validators[from_idx];
validators[from_idx] = toVal;

Calling function instead of inlining code The function numValidators simply returns validators.length. It is cheaper to inline validators.length than to call numValidators, as done in L136 and L182.

Custom errors are cheaper than require-statements See this. Consider replacing require-statements with a string message with a custom error in an if-revert.

Function not called by the contract itself can be external instead of public

Declaring constants as private rather than public saves deployment gas The compiler will give public constants a getter method, which costs gas during deployment. As they are constants they can be read directly from the verified source code.

Instances: https://github.com/code-423n4/2022-09-frax/blob/55ea6b1ef3857a277e2f47d42029bc0f3d6f9173/src/frxETHMinter.sol#L38 https://github.com/code-423n4/2022-09-frax/blob/55ea6b1ef3857a277e2f47d42029bc0f3d6f9173/src/frxETHMinter.sol#L39

Pre-compute .length before repeated usage, especially in loops

Instances: https://github.com/code-423n4/2022-09-frax/blob/55ea6b1ef3857a277e2f47d42029bc0f3d6f9173/src/ERC20/ERC20PermitPermissionedMint.sol#L84 https://github.com/code-423n4/2022-09-frax/blob/55ea6b1ef3857a277e2f47d42029bc0f3d6f9173/src/OperatorRegistry.sol#L114

Pre-incrementing is cheaper than post-incrementing Consider replacing e.g. i++ with ++i.

Instances: https://github.com/code-423n4/2022-09-frax/blob/55ea6b1ef3857a277e2f47d42029bc0f3d6f9173/src/ERC20/ERC20PermitPermissionedMint.sol#L84

Comparing to constant bool Replace e.g. foo == true with foo.

Instances: https://github.com/code-423n4/2022-09-frax/blob/55ea6b1ef3857a277e2f47d42029bc0f3d6f9173/src/ERC20/ERC20PermitPermissionedMint.sol#L78

> is cheaper than >= Instances: https://github.com/code-423n4/2022-09-frax/blob/55ea6b1ef3857a277e2f47d42029bc0f3d6f9173/src/sfrxETH.sol#L50 https://github.com/corddry/ERC4626/blob/643cd044fac34bcbf64e1c3790a5126fec0dbec1/src/xERC4626.sol#L52

Frax Ether Liquid Staking contest - d3e4's results

A liquid ETH staking derivative designed to uniquely leverage the Frax Finance ecosystem.

General Information

Findings Distribution

Researcher Performance

External Links

[G-92] Gas Report - $12.83

Findings Information

Awards

Labels

External Links