Holograph contest - iepathos's results

Omnichain protocol for deploying, minting, & bridging NFTs between blockchains.

General Information

Platform: Code4rena

Start Date: 18/10/2022

Pot Size: $75,000 USDC

Total HM: 27

Participants: 144

Period: 7 days

Judge: gzeon

Total Solo HM: 13

Id: 170

League: ETH

Holograph

Findings Distribution

Researcher Performance

Rank: 90/144

Findings: 1

Award: $26.35

Gas:

grade-b

🌟 Selected for report: 0

🚀 Solo Findings: 0

External Links

Code4rena Contest Page Github Contest Repository Github Findings Repository Holograph

Findings Information

🌟 Selected for report: oyc_109

Also found by: 0x040, 0x1f8b, 0x5rings, 0xNazgul, 0xSmartContract, 0xZaharina, 0xsam, 0xzh, 2997ms, Amithuddar, Aymen0909, B2, Bnke0x0, Deivitto, Diana, Dinesh11G, Franfran, JC, JrNet, Jujic, KingNFT, KoKo, Mathieu, Metatron, Mukund, Olivierdem, PaludoX0, Pheonix, Picodes, RaymondFam, RedOneN, ReyAdmirado, Rolezn, Saintcode_, Satyam_Sharma, Shinchan, Tagir2003, Tomio, Waze, Yiko, __141345__, adriro, ajtra, aysha, ballx, beardofginger, bobirichman, brgltd, bulej93, catchup, catwhiskeys, cdahlheimer, ch0bu, chaduke, chrisdior4, cryptostellar5, cylzxje, d3e4, delfin454000, dharma09, djxploit, durianSausage, emrekocak, erictee, exolorkistis, fatherOfBlocks, gianganhnguyen, gogo, halden, hxzy, i_got_hacked, iepathos, karanctf, leosathya, lucacez, lukris02, lyncurion, m_Rassska, martin, mcwildy, mics, nicobevi, peanuts, peiw, rbserver, ret2basic, rotcivegaf, ryshaw, sakman, sakshamguruji, saneryee, sikorico, skyle, svskaushik, tnevler, vv7, w0Lfrum, zishansami

Awards

26.3525 USDC - $26.35

Labels

bug

G (Gas Optimization)

sponsor confirmed

edited-by-warden

responded

grade-b

External Links

Link to GitHub issue

Gas Optimizations

G-01 Use a local variable to cache .length calls in for loops

https://github.com/code-423n4/2022-10-holograph/blob/main/contracts/enforcer/HolographERC20.sol#L564

https://github.com/code-423n4/2022-10-holograph/blob/main/contracts/HolographOperator.sol#L871

https://github.com/code-423n4/2022-10-holograph/blob/main/contracts/enforcer/PA1D.sol#L432 https://github.com/code-423n4/2022-10-holograph/blob/main/contracts/enforcer/PA1D.sol#L437 https://github.com/code-423n4/2022-10-holograph/blob/main/contracts/enforcer/PA1D.sol#L454 https://github.com/code-423n4/2022-10-holograph/blob/main/contracts/enforcer/PA1D.sol#L474

G-02 Use ++i prefix instead of i++ postfix where possible to save gas

https://github.com/code-423n4/2022-10-holograph/blob/main/contracts/enforcer/HolographERC721.sol#L357 https://github.com/code-423n4/2022-10-holograph/blob/main/contracts/enforcer/HolographERC721.sol#L716

https://github.com/code-423n4/2022-10-holograph/blob/main/contracts/enforcer/HolographERC20.sol#L564

https://github.com/code-423n4/2022-10-holograph/blob/main/contracts/HolographOperator.sol#L781 https://github.com/code-423n4/2022-10-holograph/blob/main/contracts/HolographOperator.sol#L871

G-03 In the EVM, there is no opcode for >= or <=. When using greater than or equal, two operations are performed: > and = and the same for <=. Use strict comparison operators to save gas.

https://github.com/code-423n4/2022-10-holograph/blob/main/contracts/enforcer/HolographERC20.sol#L469

https://github.com/code-423n4/2022-10-holograph/blob/main/contracts/HolographOperator.sol#L863 https://github.com/code-423n4/2022-10-holograph/blob/main/contracts/HolographOperator.sol#L871

https://github.com/code-423n4/2022-10-holograph/blob/main/contracts/HolographOperator.sol#L354 https://github.com/code-423n4/2022-10-holograph/blob/main/contracts/HolographOperator.sol#L386 https://github.com/code-423n4/2022-10-holograph/blob/main/contracts/HolographOperator.sol#L728 https://github.com/code-423n4/2022-10-holograph/blob/main/contracts/HolographOperator.sol#L739 https://github.com/code-423n4/2022-10-holograph/blob/main/contracts/HolographOperator.sol#L756 https://github.com/code-423n4/2022-10-holograph/blob/main/contracts/HolographOperator.sol#L1169

G-04 Identifying a function as payable saves gas because it lowers the number of opcodes being executed. Functions that have the onlyOwner modifier cannot be called by normal users and will not mistakenly receive ETH. These functions can be payable to save gas.

https://github.com/code-423n4/2022-10-holograph/blob/main/contracts/enforcer/PA1D.sol#L471 https://github.com/code-423n4/2022-10-holograph/blob/main/contracts/enforcer/PA1D.sol#L533

G-05 Similar to adding payable modifier to onlyOwner functions to save gas, we can do the same for onlyAdmin functions to avoid the extra opcodes being executed and save some gas. These functions can be payable to save gas.

https://github.com/code-423n4/2022-10-holograph/blob/main/contracts/HolographOperator.sol#L278-L285 https://github.com/code-423n4/2022-10-holograph/blob/main/contracts/HolographOperator.sol#L949 https://github.com/code-423n4/2022-10-holograph/blob/main/contracts/HolographOperator.sol#L969 https://github.com/code-423n4/2022-10-holograph/blob/main/contracts/HolographOperator.sol#L989 https://github.com/code-423n4/2022-10-holograph/blob/main/contracts/HolographOperator.sol#L1009 https://github.com/code-423n4/2022-10-holograph/blob/main/contracts/HolographOperator.sol#L1029 https://github.com/code-423n4/2022-10-holograph/blob/main/contracts/HolographOperator.sol#L1049

https://github.com/code-423n4/2022-10-holograph/blob/main/contracts/HolographBridge.sol#L452 https://github.com/code-423n4/2022-10-holograph/blob/main/contracts/HolographBridge.sol#L472 https://github.com/code-423n4/2022-10-holograph/blob/main/contracts/HolographBridge.sol#L502 https://github.com/code-423n4/2022-10-holograph/blob/main/contracts/HolographBridge.sol#L522

https://github.com/code-423n4/2022-10-holograph/blob/main/contracts/HolographFactory.sol#L280 https://github.com/code-423n4/2022-10-holograph/blob/main/contracts/HolographFactory.sol#L300

G-06 Using `> 0` is less efficient than using `!= 0`. Use `!= 0` when comparing uint variables to zero, which cannot hold values below zero.

https://github.com/code-423n4/2022-10-holograph/blob/main/contracts/HolographOperator.sol#L309 https://github.com/code-423n4/2022-10-holograph/blob/main/contracts/HolographOperator.sol#L350 https://github.com/code-423n4/2022-10-holograph/blob/main/contracts/HolographOperator.sol#L363 https://github.com/code-423n4/2022-10-holograph/blob/main/contracts/HolographOperator.sol#L398 https://github.com/code-423n4/2022-10-holograph/blob/main/contracts/HolographOperator.sol#L1126

https://github.com/code-423n4/2022-10-holograph/blob/main/contracts/HolographBridge.sol#L218

https://github.com/code-423n4/2022-10-holograph/blob/main/contracts/enforcer/HolographERC721.sol#L815

Holograph contest - iepathos's results

Omnichain protocol for deploying, minting, & bridging NFTs between blockchains.

General Information

Findings Distribution

Researcher Performance

External Links

[G-31] Gas Report - $26.35

Findings Information

Awards

Labels

External Links

Gas Optimizations

G-01 Use a local variable to cache .length calls in for loops

G-02 Use ++i prefix instead of i++ postfix where possible to save gas

G-03 In the EVM, there is no opcode for >= or <=. When using greater than or equal, two operations are performed: > and = and the same for <=. Use strict comparison operators to save gas.

G-04 Identifying a function as payable saves gas because it lowers the number of opcodes being executed. Functions that have the onlyOwner modifier cannot be called by normal users and will not mistakenly receive ETH. These functions can be payable to save gas.

G-05 Similar to adding payable modifier to onlyOwner functions to save gas, we can do the same for onlyAdmin functions to avoid the extra opcodes being executed and save some gas. These functions can be payable to save gas.

G-06 Using > 0 is less efficient than using != 0. Use != 0 when comparing uint variables to zero, which cannot hold values below zero.

G-06 Using `> 0` is less efficient than using `!= 0`. Use `!= 0` when comparing uint variables to zero, which cannot hold values below zero.