Platform: Code4rena
Start Date: 05/10/2022
Pot Size: $50,000 USDC
Total HM: 2
Participants: 80
Period: 5 days
Judge: GalloDaSballo
Id: 168
League: ETH
Rank: 65/80
Findings: 1
Award: $32.65
🌟 Selected for report: 0
🚀 Solo Findings: 0
🌟 Selected for report: IllIllI
Also found by: 0x1f8b, 0xNazgul, 0xSmartContract, Aymen0909, Heuss, Lambda, Pheonix, RaymondFam, ReyAdmirado, Ruhum, Shinchan, Shishigami, __141345__, adriro, ajtra, c3phas, ch0bu, cryptostellar5, d3e4, enckrish, gogo, halden, lucacez, mcwildy, medikko, neko_nyaa, pedr02b2, pfapostol, ret2basic, rvierdiiev, saian, sakman, sakshamguruji
32.6464 USDC - $32.65
Overriting varibles with defualt values with their default value will waste only gas and not necessary.
There are 7 instances of this issue:
File: BlurExchange.sol lines 199, 475, 476
for (uint8 i = 0; i < orders.length; i++) {
uint256 totalFee = 0;
for (uint8 i = 0; i < fees.length; i++) {
File: PolicyManager.sol line 77
for (uint256 i = 0; i < length; i++) {
File: EIP712.sol line 77
for (uint256 i = 0; i < fees.length; i++) {
File: MarkleVarifier.sol line 38
for (uint256 i = 0; i < proof.length; i++) {
File: ReentrancyGuarded.sol line 10
bool reentrancyLock = false;
For loop written like thisfor (uint256 i; i < array.length; ++i) { will cost more gas than for (uint256 i; i < _lengthOfArray; ++i) { because for every iteration we use mload and memory_offset
that will cost about 6 gas
There are 4 instances of this issue:
File: BlurExchange.sol lines 199, 476
for (uint8 i = 0; i < orders.length; i++) {
for (uint8 i = 0; i < fees.length; i++) {
File: EIP712.sol line 77
for (uint256 i = 0; i < fees.length; i++) {
File: MerkleVerifier.sol line 38
for (uint256 i = 0; i < proof.length; i++) {
If you use longer require strings than 32 bytes that will cost more expensive than short require string.
There are 2 instances of this issue:
File: BlurExchange.sol line 482
require(totalFee <= price, "Total amount of fees are more than the price");
File: ExecutionDelegate.sol line 22
require(contracts[msg.sender], "Contract is not approved to make transfers");
++i will save about 5 gas for each iteration
There are 5 instances of this issue:
File: BlurExchange.sol lines 199, 475, 476
for (uint8 i = 0; i < orders.length; i++) {
for (uint8 i = 0; i < fees.length; i++) {
File: PolicyManager.sol line 77
for (uint256 i = 0; i < length; i++) {
File: EIP712.sol line 77
for (uint256 i = 0; i < fees.length; i++) {
File: MarkleVarifier.sol line 38
for (uint256 i = 0; i < proof.length; i++) {
uncheck() in for loops whenere overflow and undeflow is not possibleUsing of uncheck(i++)/uncheck(++i) will save about 30 gas per iteration because compiler not save check everytime. This feature come from 0.8
There are 5 instances of this issue:
File: BlurExchange.sol lines 199, 475, 476
for (uint8 i = 0; i < orders.length; i++) {
for (uint8 i = 0; i < fees.length; i++) {
File: PolicyManager.sol line 77
for (uint256 i = 0; i < length; i++) {
File: EIP712.sol line 77
for (uint256 i = 0; i < fees.length; i++) {
File: MarkleVarifier.sol line 38
for (uint256 i = 0; i < proof.length; i++) {
uint256(1)/uint256(2) for true and falseIf you don't use boolean for storage you will avoid Gwarmaccess 100 gas. Also boolean from true to false cost 20000 gas rather than uint256(2) to uint256(1) that cost less.
There have 5 istance of this issues:
File: BlurExchange.sol line 71
mapping(bytes32 => bool) public cancelledOrFilled;
File: ExecutionDelegate.sol lines 18, 19
mapping(address => bool) public contracts;
mapping(address => bool) public revokedApproval;
File: ReentrancyGuarded.sol line 10
bool reentrancyLock = false;
If you use >= or <= this will cost more gas because in the EVM there is no implementation of Opcodes for >= and <=and two operations are done. You can use instead x < y + 1 or x + 1 > y and save some gas.
There have 3 istance of this issues:
File: BlurExchange.sol lines 168, 422, 482
sell.order.listingTime <= buy.order.listingTime ? sell.order.trader : buy.order.trader,
if (sell.listingTime <= buy.listingTime) {
require(totalFee <= price, "Total amount of fees are more than the price");
There have 1 istance of this issues:
File: BlurExchange.sol line 479
totalFee += fee;
require()/revert() strings will save deployment gasThere have 10 istance of this issues:
File: BlurExchange.sol lines 36, 134, 139, 140, 142, 143, 183, 219, 228, 237, 318, 407, 424, 428, 431, 452, 482, 534
require(isOpen == 1, "Closed");
require(sell.order.side == Side.Sell);
require(_validateOrderParameters(sell.order, sellHash), "Sell has invalid parameters");
require(_validateOrderParameters(buy.order, buyHash), "Buy has invalid parameters");
require(_validateSignatures(sell, sellHash), "Sell failed authorization");
require(_validateSignatures(buy, buyHash), "Buy failed authorization");
require(msg.sender == order.trader);
require(address(_executionDelegate) != address(0), "Address cannot be zero");
require(address(_policyManager) != address(0), "Address cannot be zero");
237: require(_oracle != address(0), "Address cannot be zero");
#0 - GalloDaSballo
2022-10-23T00:40:38Z
5k for NonReentrant Rest 150
5150