Back to mcwildy's contests

SIZE contest - mcwildy's results

An on-chain sealed bid auction protocol.

General Information

Platform: Code4rena

Start Date: 04/11/2022

Pot Size: $42,500 USDC

Total HM: 9

Participants: 88

Period: 4 days

Judge: 0xean

Total Solo HM: 2

Id: 180

League: ETH

SIZE

Findings Distribution

Researcher Performance

Rank: 70/88

Findings: 1

Award: $21.13

Gas:
grade-b

🌟 Selected for report: 0

🚀 Solo Findings: 0

External Links

Code4rena Contest PageGithub Contest RepositoryGithub Findings RepositorySIZE

Findings Information

🌟 Selected for report: 0x1f8b

Also found by: 0xSmartContract, 0xdeadbeef, Aymen0909, B2, Bnke0x0, Deivitto, Diana, Dinesh11G, JC, RaymondFam, ReyAdmirado, Rolezn, Sathish9098, TomJ, ajtra, aviggiano, chaduke, cryptostellar5, djxploit, gianganhnguyen, gogo, halden, karanctf, leosathya, lukris02, mcwildy, oyc_109, ret2basic, skyle, slowmoses

Awards

21.132 USDC - $21.13

Labels

bug
G (Gas Optimization)
grade-b
G-23

External Links

Link to GitHub issue

GAS OPTIMIZATIONS REPORT

SIZE

Use unchecked for the counter in for loops

Since it is compared to a target value (usually the length of an array) there is no way the counter overflows

SizeSealed.sol:

line#L244: for (uint256 i; i < bidIndices.length; i++) {

line#L302: for (uint256 i; i < seenBidMap.length - 1; i++) {

Use calldata where possible instead of memory to save gas

SizeSealed.sol:

line#L217: function finalize(uint256 auctionId, uint256[] memory bidIndices, uint128 clearingBase, uint128 clearingQuote)

ECCMath.sol:


line#L37:  function encryptMessage(Point memory encryptToPub, uint256 encryptWithPriv, bytes32 message)

line#L51:  function decryptMessage(Point memory sharedPoint, bytes32 encryptedMessage)

line#L60:  function hashPoint(Point memory point) internal pure returns (bytes32) {

++i costs less gas than i++ (same for --i/i--)

Prefix increments are cheaper than postfix increments

SizeSealed.sol:

line#L244: for (uint256 i; i < bidIndices.length; i++) {

line#L302: for (uint256 i; i < seenBidMap.length - 1; i++) {

Use uint256 instead of the smaller uints where possible

The word-size in ethereum is 32 bytes which means that every variables which is sized with less bytes will cost more to operate with

SizeSealed.sol:

line#L124: uint128 quoteAmount,

line#L196: (uint256[] memory bidIndices, uint128 clearingBase, uint128 clearingQuote) =

line#L206: uint128 filledBase;

line#L217: function finalize(uint256 auctionId, uint256[] memory bidIndices, uint128 clearingBase, uint128 clearingQuote)

line#L319: uint128 unsoldBase = data.totalBaseAmount - data.filledBase;

line#L365: uint128 baseAmount = b.filledBaseAmount;

line#L451: function tokensAvailableForWithdrawal(uint256 auctionId, uint128 baseAmount)

line#L454: returns (uint128 tokensAvailable)

CommonTokenMath.sol:

line#L48:  uint32 vestingStart,

line#L49:  uint32 vestingEnd,

line#L51:  uint128 cliffPercent,

line#L52:  uint128 baseAmount

x < y + 1 is cheaper than x <= y

SizeSealed.sol:

line#L35:  } else if (block.timestamp <= a.timings.endTimestamp + 24 hours) {

line#L60:  if (timings.endTimestamp <= block.timestamp) {

line#L157: if (bidIndex >= 1000) {

line#L270: if (quotePerBase >= data.previousQuotePerBase) {

line#L426: if (a.data.lowestQuote != type(uint128).max || block.timestamp <= a.timings.endTimestamp + 24 hours) {

CommonTokenMath.sol:

line#L56:  } else if (currentTime <= vestingStart) {

#0 - c4-judge

2022-11-10T02:06:34Z

0xean marked the issue as grade-b

AuditHub

A portfolio for auditors, a security profile for protocols, a hub for web3 security.

Built bymalatrax © 2024

Auditors

Browse

Contests

Browse

Get in touch

ContactTwitter