Back to nahnah's contests

Axelar Network contest - nahnah's results

Decentralized interoperability network.

General Information

Platform: Code4rena

Start Date: 07/04/2022

Pot Size: $50,000 USDC

Total HM: 5

Participants: 19

Period: 5 days

Judge: 0xean

Total Solo HM: 4

Id: 109

League: COSMOS

Axelar Network

Findings Distribution

Researcher Performance

Rank: 19/19

Findings: 1

Award: $74.19

🌟 Selected for report: 0

🚀 Solo Findings: 0

External Links

Code4rena Contest PageGithub Contest RepositoryGithub Findings RepositoryAxelar Network

Findings Information

🌟 Selected for report: IllIllI

Also found by: 0v3rf10w, 0xNazgul, 0xkatana, CertoraInc, Chom, Dravee, Funen, Hawkeye, Tomio, ilan, nahnah, rayn, rfa

Labels

bug
G (Gas Optimization)
sponsor disputed

Awards

74.1944 USDC - $74.19

External Links

Link to GitHub issue

Title: Less code can save gas

Summary

instead of executing the same function in every if statements and then return it. we can put that function in the end line to save gas

POC https://github.com/code-423n4/2022-04-axelar/blob/main/src/AxelarGateway.sol#L294-L334

before '''

    bool burnSuccess = false;

    if (tokenType == TokenType.External) {
        _checkTokenStatus(symbol);

        burnSuccess = _callERC20Token(
            tokenAddress,
            abi.encodeWithSelector(IERC20.transferFrom.selector, sender, address(this), amount)
        );

        if (!burnSuccess) revert BurnFailed(symbol);

        return;
    }

    if (tokenType == TokenType.InternalBurnableFrom) {
        burnSuccess = _callERC20Token(
            tokenAddress,
            abi.encodeWithSelector(IERC20BurnFrom.burnFrom.selector, sender, amount)
        );

        if (!burnSuccess) revert BurnFailed(symbol);

        return;
    }

    burnSuccess = _callERC20Token(
        tokenAddress,
        abi.encodeWithSelector(
            IERC20.transferFrom.selector,
            sender,
            BurnableMintableCappedERC20(tokenAddress).depositAddress(bytes32(0)),
            amount
        )
    );

    if (!burnSuccess) revert BurnFailed(symbol);

    BurnableMintableCappedERC20(tokenAddress).burn(bytes32(0));

'''

after '''

    bool burnSuccess = false;

    if (tokenType == TokenType.External) {
        _checkTokenStatus(symbol);

        burnSuccess = _callERC20Token(
            tokenAddress,
            abi.encodeWithSelector(IERC20.transferFrom.selector, sender, address(this), amount)
        );
    }
    else if (tokenType == TokenType.InternalBurnableFrom) {
        burnSuccess = _callERC20Token(
            tokenAddress,
            abi.encodeWithSelector(IERC20BurnFrom.burnFrom.selector, sender, amount)
        );
    }
    else { 
        burnSuccess = _callERC20Token(
        tokenAddress,
        abi.encodeWithSelector(
            IERC20.transferFrom.selector,
            sender,
            BurnableMintableCappedERC20(tokenAddress).depositAddress(bytes32(0)),
            amount ));
    }

    if (!burnSuccess) revert BurnFailed(symbol);

    BurnableMintableCappedERC20(tokenAddress).burn(bytes32(0));

'''

#0 - deluca-mike

2022-04-20T09:53:39Z

Disputed, since this would break the functionality. Notice that BurnableMintableCappedERC20(tokenAddress).burn(bytes32(0)); is only called if tokenType is neither TokenType.External or TokenType.InternalBurnableFrom.

AuditHub

A portfolio for auditors, a security profile for protocols, a hub for web3 security.

Built bymalatrax © 2024

Auditors

Browse

Contests

Browse

Get in touch

ContactTwitter