Back to slywaters's contests

Cudos contest - slywaters's results

Decentralised cloud computing for Web3.

General Information

Platform: Code4rena

Start Date: 03/05/2022

Pot Size: $75,000 USDC

Total HM: 6

Participants: 55

Period: 7 days

Judge: Albert Chon

Total Solo HM: 2

Id: 116

League: COSMOS

Cudos

Findings Distribution

Researcher Performance

Rank: 48/55

Findings: 1

Award: $81.64

🌟 Selected for report: 0

🚀 Solo Findings: 0

External Links

Code4rena Contest PageGithub Contest RepositoryGithub Findings RepositoryCudos

Findings Information

🌟 Selected for report: GermanKuber

Also found by: 0v3rf10w, 0x1f8b, 0xDjango, 0xNazgul, 0xf15ers, 0xkatana, AlleyCat, CertoraInc, Dravee, Funen, GimelSec, IllIllI, JC, MaratCerby, WatchPug, Waze, defsec, delfin454000, ellahi, gzeon, hake, hansfriese, ilan, jonatascm, nahnah, oyc_109, peritoflores, rfa, robee, simon135, slywaters, sorrynotsorry

Awards

81.6446 USDC - $81.64

Labels

bug
G (Gas Optimization)

External Links

Link to GitHub issue

Gas Report

Variables do not need to be initialized with 'empty' values such as 0, false, or address(0)

Uninitialized variables by default contain a value equivalent to 0: uints are initialized to 0; bools to false; addresses to address(0).

Explicitly assigning these values to variables when they are declared increases gas costs while providing no funciton.

e.g. change this code:

uint256 var = 0;

to

uint256 var;

For more information, please consult the following resources:

Tips and Tricks to Save Gas and Reduce Bytecode Size

The following lines of code are affected:

code4rena/2022-05-cudos/solidity/contracts/Gravity.sol:54:      uint256 public state_lastValsetNonce = 0;
code4rena/2022-05-cudos/solidity/contracts/Gravity.sol:128:              for (uint256 i = 0; i < _users.length; i++) {
code4rena/2022-05-cudos/solidity/contracts/Gravity.sol:231:             uint256 cumulativePower = 0;
code4rena/2022-05-cudos/solidity/contracts/Gravity.sol:233:             for (uint256 i = 0; i < _currentValidators.length; i++) {
code4rena/2022-05-cudos/solidity/contracts/Gravity.sol:263:             for (uint256 i = 0; i < _newValset.validators.length; i++) {
code4rena/2022-05-cudos/solidity/contracts/Gravity.sol:453:                             for (uint256 i = 0; i < _amounts.length; i++) {
code4rena/2022-05-cudos/solidity/contracts/Gravity.sol:568:             for (uint256 i = 0; i < _args.transferAmounts.length; i++) {
code4rena/2022-05-cudos/solidity/contracts/Gravity.sol:579:             for (uint256 i = 0; i < _args.feeAmounts.length; i++) {
code4rena/2022-05-cudos/solidity/contracts/Gravity.sol:659:             uint256 cumulativePower = 0;
code4rena/2022-05-cudos/solidity/contracts/Gravity.sol:660:             for (uint256 i = 0; i < _powers.length; i++) {

Unchecked increment can be used in for-loop

Newer versions of the Solidity compiler will check for integer overflows and underflows automatically. This provides safety but increases gas costs.

When an unsigned integer is guaranteed to never overflow, the unchecked feature of Solidity can be used to save gas costs.

A common case for this is for-loops using a strictly-less-than comparision in their conditional statement, e.g.:

uint256 length = someArray.length;
for (uint256 i; i < length; ++i) {
}

In cases like this, the maximum value for length is 2**256 - 1. Therefore, the maximum value of i is 2**256 - 2 as it will always be strictly less than length.

This example can be replaced with the following construction to reduce gas costs:

for (uint i = 0; i < length; i = unchecked_inc(i)) {
    // do something that doesn't change the value of i
}

function unchecked_inc(uint i) returns (uint) {
    unchecked {
        return i + 1;
    }
}

For more information, consult the following resources:

Solidity gas optimizations

Solidity docs: underflows, overflows, and unchecked

The following lines of code are affected:

code4rena/2022-05-cudos/solidity/contracts/Gravity.sol:128:              for (uint256 i = 0; i < _users.length; i++) {
code4rena/2022-05-cudos/solidity/contracts/Gravity.sol:233:             for (uint256 i = 0; i < _currentValidators.length; i++) {
code4rena/2022-05-cudos/solidity/contracts/Gravity.sol:263:             for (uint256 i = 0; i < _newValset.validators.length; i++) {
code4rena/2022-05-cudos/solidity/contracts/Gravity.sol:453:                             for (uint256 i = 0; i < _amounts.length; i++) {
code4rena/2022-05-cudos/solidity/contracts/Gravity.sol:568:             for (uint256 i = 0; i < _args.transferAmounts.length; i++) {
code4rena/2022-05-cudos/solidity/contracts/Gravity.sol:579:             for (uint256 i = 0; i < _args.feeAmounts.length; i++) {
code4rena/2022-05-cudos/solidity/contracts/Gravity.sol:660:             for (uint256 i = 0; i < _powers.length; i++) {

Replace postfix increment (var++) with prefix increment (++var)

Using ++i costs less gas than using i++. In the context of a for-loop, gas is saved on each iteration.

The following lines of code are affected:

code4rena/2022-05-cudos/solidity/contracts/Gravity.sol:128:              for (uint256 i = 0; i < _users.length; i++) {
code4rena/2022-05-cudos/solidity/contracts/Gravity.sol:233:             for (uint256 i = 0; i < _currentValidators.length; i++) {
code4rena/2022-05-cudos/solidity/contracts/Gravity.sol:263:             for (uint256 i = 0; i < _newValset.validators.length; i++) {
code4rena/2022-05-cudos/solidity/contracts/Gravity.sol:453:                             for (uint256 i = 0; i < _amounts.length; i++) {
code4rena/2022-05-cudos/solidity/contracts/Gravity.sol:568:             for (uint256 i = 0; i < _args.transferAmounts.length; i++) {
code4rena/2022-05-cudos/solidity/contracts/Gravity.sol:579:             for (uint256 i = 0; i < _args.feeAmounts.length; i++) {
code4rena/2022-05-cudos/solidity/contracts/Gravity.sol:660:             for (uint256 i = 0; i < _powers.length; i++) {

Array length can be cached

In the context of a for-loop that iterates over an array, it costs less gas to cache the array's length in a variable and read from this variable rather than use the arrays .length property. Reading the .length property for on the array will cause a recalculation of the array's length on each iteration of the loop which is a more expensive operation than reading from a stack variable.

For example, the following code:

for (uint i; i < arr.length; ++i) {
	// ...
}

should be changed to:

uint length = arr.length;
for (uint i; i < length; ++i) {
	// ...
}

Note that in the second case, the length of the array must not change during the loop's execution.

For more information, see the following resource:

Solidity gas optimizations

The following lines of code are affected:

code4rena/2022-05-cudos/solidity/contracts/Gravity.sol:128:              for (uint256 i = 0; i < _users.length; i++) {
code4rena/2022-05-cudos/solidity/contracts/Gravity.sol:233:             for (uint256 i = 0; i < _currentValidators.length; i++) {
code4rena/2022-05-cudos/solidity/contracts/Gravity.sol:263:             for (uint256 i = 0; i < _newValset.validators.length; i++) {
code4rena/2022-05-cudos/solidity/contracts/Gravity.sol:453:                             for (uint256 i = 0; i < _amounts.length; i++) {
code4rena/2022-05-cudos/solidity/contracts/Gravity.sol:568:             for (uint256 i = 0; i < _args.transferAmounts.length; i++) {
code4rena/2022-05-cudos/solidity/contracts/Gravity.sol:579:             for (uint256 i = 0; i < _args.feeAmounts.length; i++) {
code4rena/2022-05-cudos/solidity/contracts/Gravity.sol:660:             for (uint256 i = 0; i < _powers.length; i++) {

Shorter require() messages can save gas costs

Revert message strings included in calls to require() are stored in 32-byte chunks when contracts are deployed. To optimize gas costs, consider using revert messages that are less than 32 bytes in length.

For more information, see the following resource: Gas optimization tips: Shorter revert strings

The following lines of code are affected:

code4rena/2022-05-cudos/solidity/contracts/Gravity.sol:119:             "The caller is not whitelisted for this operation"
code4rena/2022-05-cudos/solidity/contracts/Gravity.sol:240:             "Validator signature does not match."
code4rena/2022-05-cudos/solidity/contracts/Gravity.sol:256:             "Submitted validator set signatures do not have enough power."
code4rena/2022-05-cudos/solidity/contracts/Gravity.sol:291:             "New valset nonce must be greater than the current nonce"
code4rena/2022-05-cudos/solidity/contracts/Gravity.sol:312:             "Supplied current validators and powers do not match checkpoint."
code4rena/2022-05-cudos/solidity/contracts/Gravity.sol:317:             "The sender of the transaction is not validated orchestrator"
code4rena/2022-05-cudos/solidity/contracts/Gravity.sol:386:             "New batch nonce must be greater than the current nonce"
code4rena/2022-05-cudos/solidity/contracts/Gravity.sol:392:             "Batch timeout must be greater than the current block height"
code4rena/2022-05-cudos/solidity/contracts/Gravity.sol:418:             "The sender of the transaction is not validated orchestrator
code4rena/2022-05-cudos/solidity/contracts/Gravity.sol:496:             "New invalidation nonce must be greater than the current nonce"
code4rena/2022-05-cudos/solidity/contracts/Gravity.sol:511:             "Supplied current validators and powers do not match checkpoint."
code4rena/2022-05-cudos/solidity/contracts/Gravity.sol:527:             "The sender of the transaction is not validated orchestrator"
code4rena/2022-05-cudos/solidity/contracts/Gravity.sol:655:             require(address(_cudosAccessControls) != address(0), "Access control contract address is incorrect");
code4rena/2022-05-cudos/solidity/contracts/Gravity.sol:668:             "Submitted validator set signatures do not have enough power."
AuditHub

A portfolio for auditors, a security profile for protocols, a hub for web3 security.

Built bymalatrax © 2024

Auditors

Browse

Contests

Browse

Get in touch

ContactTwitter