Nested Finance contest - m_smirnova2020's results

The one-stop Defi app to build, manage and monetize your portfolio.

General Information

Platform: Code4rena

Start Date: 10/02/2022

Pot Size: $30,000 USDC

Total HM: 5

Participants: 24

Period: 3 days

Judge: harleythedog

Total Solo HM: 3

Id: 86

League: ETH

Nested Finance

Findings Distribution

Researcher Performance

Rank: 20/24

Findings: 1

Award: $90.00

🌟 Selected for report: 0

🚀 Solo Findings: 0

External Links

Code4rena Contest Page Github Contest Repository Github Findings Repository Nested Finance

Findings Information

🌟 Selected for report: pauliax

Also found by: 0x1f8b, Dravee, GreyArt, Omik, ShippooorDAO, Tomio, bobi, cmichel, csanuragjain, defsec, gzeon, kenta, kenzo, m_smirnova2020, rfa, robee, sirhashalot, ye0lde

Awards

90.0012 USDC - $90.00

Labels

bug

G (Gas Optimization)

sponsor confirmed

External Links

Link to GitHub issue

1. Prefix increaments are cheaper than postfix increaments

Vulnerability details

Impact

The functions use prefix increaments (i ++) instead of postfix increaments (++ i). Prefix increaments are cheaper than postfix increaments.

Proof of Concept

for (uint256 i = 0; i < namesLength; i++) {

Tools

Manual analysis

Recommended Mitigation Steps

Change all prefix increaments to postfix increaments where it doesn't affects the functionality.

2. Unnecessary initialization of loop index variable

Vulnerability details

Impact

For loop indices across the contract functions use explicit 0 initializations which are not required because the default value of uints is 0. Removing this explicit unnecessary initialization will save a little gas.

Proof of Concept

for (uint256 i = 0; i < namesLength; i++) {

Tools

Remix

Recommended Mitigation Steps

Remove unnecessary initialization of loop index variable

3. Cache array length in for loops can save gas

Vulnerability details

Impact

Reading array length at each iteration of the loop takes 6 gas (3 for mload and 3 to place memory_offset) in the stack. Caching the array length in the stack saves around 3 gas per iteration.

Proof of Concept

https://github.com/code-423n4/2022-02-nested/blob/fe6f9ef7783c3c84798c8ab5fc58085a55cebcfc/contracts/FeeSplitter.sol#L261 https://github.com/code-423n4/2022-02-nested/blob/fe6f9ef7783c3c84798c8ab5fc58085a55cebcfc/contracts/FeeSplitter.sol#L318

function findShareholder(address _account) external view returns (uint256) {
        for (uint256 i = 0; i < shareholders.length; i++) {
            if (shareholders[i].account == _account) return i;
        }
        revert("FS: SHAREHOLDER_NOT_FOUND");
    }

Tools

Manual

Recommended Mitigation Steps

Caching len = shareholders.length and using the len instead will save gas.

4. Adding unchecked directive can save gas

Vulnerability details

Impact

For the arithmetic operations that will never over/underflow, using the unchecked directive (Solidity v0.8 has default overflow/underflow checks) can save some gas from the unnecessary internal over/underflow checks.

Proof of Concept

https://github.com/code-423n4/2022-02-nested/blob/fe6f9ef7783c3c84798c8ab5fc58085a55cebcfc/contracts/NestedFactory.sol#L445-L446

https://github.com/code-423n4/2022-02-nested/blob/fe6f9ef7783c3c84798c8ab5fc58085a55cebcfc/contracts/NestedFactory.sol#L572

Tools

Manual analysis

Recommended Mitigation Steps

Consider using 'unchecked' where it is safe to do so.

5. Avoid use of state variables in event emissions to save gas

Vulnerability details

Impact

Where possible, use equivalent function parameters or local variables in event emits instead of state variables to prevent expensive SLOADs. Post-Berlin, SLOADs on state variables accessed first-time in a transaction increased from 800 gas to 2100, which is a 2.5x increase.

Proof of Concept

https://github.com/code-423n4/2022-02-nested/blob/fe6f9ef7783c3c84798c8ab5fc58085a55cebcfc/contracts/NestedRecords.sol#L55

function setMaxHoldingsCount(uint256 _maxHoldingsCount) external onlyOwner {
        require(_maxHoldingsCount != 0, "NRC: INVALID_MAX_HOLDINGS");
        maxHoldingsCount = _maxHoldingsCount;
        emit MaxHoldingsChanges(maxHoldingsCount);
    }

Tools

Manual analysis

Recommended Mitigation Steps

6. Long Revert Strings

Vulnerability details

Impact

Revert strings that are longer than 32 bytes require at least one additional mstore, along with additional overhead for computing memory offset, etc.

Proof of Concept

https://github.com/code-423n4/2022-02-nested/blob/fe6f9ef7783c3c84798c8ab5fc58085a55cebcfc/contracts/NestedFactory.sol#L444 https://github.com/code-423n4/2022-02-nested/blob/fe6f9ef7783c3c84798c8ab5fc58085a55cebcfc/contracts/operators/ZeroEx/ZeroExOperator.sol#L36 https://github.com/code-423n4/2022-02-nested/blob/fe6f9ef7783c3c84798c8ab5fc58085a55cebcfc/contracts/operators/ZeroEx/ZeroExOperator.sol#L37 https://github.com/code-423n4/2022-02-nested/blob/fe6f9ef7783c3c84798c8ab5fc58085a55cebcfc/contracts/abstracts/OwnableProxyDelegation.sol#L56

 require(amounts[1] <= _amountToSpend, "NestedFactory::_safeSubmitOrder: Overspent");

Tools

Manual analysis

Recommended Mitigation Steps

Shorten the revert strings to fit in 32 bytes.

#0 - adrien-supizet
2022-02-15T11:34:25Z

1, 2, 3, 4 -> disputed, already acknowledged during the first audit 5 -> disputed, after applying the change, I see no difference 6 -> confirmed

#1 - harleythedogC4
2022-03-13T04:09:37Z

My personal judgments:

"Prefix vs Postfix". This arose in the previous contest. Invalid.
"Unnecessary initialization of loop index variable". This arose in the previous contest. Invalid.
"Cache array length in for loops can save gas". This arose in the previous contest. Invalid.
"Adding unchecked directive can save gas". This arose in the previous contest. Invalid.
"Avoid use of state variables in event emissions to save gas". Optimization described makes sense. Valid and small-optimization.
"Long Revert Strings". Valid and small-optimization.

#2 - harleythedogC4
2022-03-13T06:17:05Z

Now, here is the methodology I used for calculating a score for each gas report. I first assigned each submission to be either small-optimization (1 point), medium-optimization (5 points) or large-optimization (10 points), depending on how useful the optimization is. The score of a gas report is the sum of these points, divided by the maximum number of points achieved by a gas report. This maximum number was 10 points, achieved by #67.

The number of points achieved by this report is 2 points. Thus the final score of this gas report is (2/10)*100 = 20.

Nested Finance contest - m_smirnova2020's results

The one-stop Defi app to build, manage and monetize your portfolio.

General Information

Findings Distribution

Researcher Performance

External Links

[G-10] Gas Report - $90.00

Findings Information

Awards

Labels

External Links

1. Prefix increaments are cheaper than postfix increaments

Vulnerability details

Impact

Proof of Concept

Tools

Recommended Mitigation Steps

2. Unnecessary initialization of loop index variable

Vulnerability details

Impact

Proof of Concept

Tools

Recommended Mitigation Steps

3. Cache array length in for loops can save gas

Vulnerability details

Impact

Proof of Concept

Tools

Recommended Mitigation Steps

4. Adding unchecked directive can save gas

Vulnerability details

Impact

Proof of Concept

Tools

Recommended Mitigation Steps

5. Avoid use of state variables in event emissions to save gas

Vulnerability details

Impact

Proof of Concept

Tools

Recommended Mitigation Steps

6. Long Revert Strings

Vulnerability details

Impact

Proof of Concept

Tools

Recommended Mitigation Steps

#0 - adrien-supizet2022-02-15T11:34:25Z

#1 - harleythedogC42022-03-13T04:09:37Z

#2 - harleythedogC42022-03-13T06:17:05Z

#0 - adrien-supizet
2022-02-15T11:34:25Z

#1 - harleythedogC4
2022-03-13T04:09:37Z

#2 - harleythedogC4
2022-03-13T06:17:05Z