Back to sryysryy's contests

PartyDAO contest - sryysryy's results

A protocol for buying, using, and selling NFTs as a group.

General Information

Platform: Code4rena

Start Date: 12/09/2022

Pot Size: $75,000 USDC

Total HM: 19

Participants: 110

Period: 7 days

Judge: HardlyDifficult

Total Solo HM: 9

Id: 160

League: ETH

PartyDAO

Findings Distribution

Researcher Performance

Rank: 87/110

Findings: 1

Award: $35.48

🌟 Selected for report: 0

🚀 Solo Findings: 0

External Links

Code4rena Contest PageGithub Contest RepositoryGithub Findings RepositoryPartyDAO

Findings Information

🌟 Selected for report: CertoraInc

Also found by: 0x1f8b, 0x4non, 0x5rings, 0x85102, 0xNazgul, 0xSmartContract, 0xkatana, Amithuddar, Aymen0909, B2, Bnke0x0, CRYP70, Chom, ChristianKuri, CodingNameKiki, Deivitto, Diraco, Fitraldys, Funen, IgnacioB, JAGADESH, JC, Lambda, LeoS, Matin, Metatron, MiloTruck, Noah3o6, Ocean_Sky, Olivierdem, PaludoX0, RaymondFam, ReyAdmirado, Rohan16, Rolezn, Saintcode_, Sm4rty, SnowMan, StevenL, Tomio, Tomo, V_B, Waze, __141345__, ajtra, asutorufos, aysha, brgltd, bulej93, c3phas, ch0bu, d3e4, delfin454000, dharma09, djxploit, erictee, fatherOfBlocks, francoHacker, gianganhnguyen, gogo, got_targ, ignacio, jag, karanctf, ladboy233, leosathya, lukris02, m_Rassska, malinariy, martin, natzuu, pashov, peanuts, peiw, pfapostol, prasantgupta52, robee, simon135, slowmoses, sryysryy, tnevler

Awards

35.4847 USDC - $35.48

Labels

bug
G (Gas Optimization)
low quality report
sponsor acknowledged
edited-by-warden

External Links

Link to GitHub issue

CACHE THE LENGTH OF ARRAYS IN LOOPS

Caching the array length outside a loop saves reading it on each iteration, as long as the array's length is not changed during the loop. There are 12 instances of this issue

contracts/crowdfund/CollectionBuyCrowdfund.sol::62 => for (uint256 i; i < hosts.length; i++) {
contracts/crowdfund/Crowdfund.sol::180 => for (uint256 i = 0; i < contributors.length; ++i) {
contracts/crowdfund/Crowdfund.sol::300 => for (uint256 i = 0; i < preciousTokens.length; ++i) {
contracts/distribution/TokenDistributor.sol::230 => for (uint256 i = 0; i < infos.length; ++i) {
contracts/distribution/TokenDistributor.sol::239 => for (uint256 i = 0; i < infos.length; ++i) {
contracts/party/PartyGovernance.sol::306 => for (uint256 i=0; i < opts.hosts.length; ++i) {
contracts/proposals/ArbitraryCallsProposal.sol::52 => for (uint256 i = 0; i < hadPreciouses.length; ++i) {
contracts/proposals/ArbitraryCallsProposal.sol::61 => for (uint256 i = 0; i < calls.length; ++i) {
contracts/proposals/ArbitraryCallsProposal.sol::78 => for (uint256 i = 0; i < hadPreciouses.length; ++i) {
contracts/proposals/LibProposal.sol::14 => for (uint256 i = 0; i < preciousTokens.length; ++i) {
contracts/proposals/LibProposal.sol::32 => for (uint256 i = 0; i < preciousTokens.length; ++i) {
contracts/proposals/ListOnOpenseaProposal.sol::291 => for (uint256 i = 0; i < fees.length; ++i) {

   

++I COSTS LESS GAS THAN I++, ESPECIALLY WHEN IT’S USED IN FOR-LOOPS (--I/I-- TOO)

There is 1 instance of this issue

contracts/crowdfund/CollectionBuyCrowdfund.sol::62 =>         for (uint256 i; i < hosts.length; i++) {

   

 <X> -= <Y>COSTS MORE GAS THAN <X> = <X> - <Y> FOR STATE VARIABLES

There is 1 instance of this issue

contracts/distribution/TokenDistributor.sol
381:        _storedBalances[balanceId] -= amount;

   

Don't Initialize Variables with Default Value

Uninitialized variables are assigned with the types default value. Explicitly initializing a variable with it's default value costs unnecesary gas. There are 14 instances of this issue

contracts/crowdfund/Crowdfund.sol::180 => for (uint256 i = 0; i < contributors.length; ++i) {
contracts/crowdfund/Crowdfund.sol::242 => for (uint256 i = 0; i < numContributions; ++i) {
contracts/crowdfund/Crowdfund.sol::300 => for (uint256 i = 0; i < preciousTokens.length; ++i) {
contracts/crowdfund/Crowdfund.sol::348 => for (uint256 i = 0; i < numContributions; ++i) {
contracts/distribution/TokenDistributor.sol::230 => for (uint256 i = 0; i < infos.length; ++i) {
contracts/distribution/TokenDistributor.sol::239 => for (uint256 i = 0; i < infos.length; ++i) {
contracts/party/PartyGovernance.sol::306 => for (uint256 i=0; i < opts.hosts.length; ++i) {
contracts/party/PartyGovernance.sol::432 => uint256 low = 0;
contracts/proposals/ArbitraryCallsProposal.sol::52 => for (uint256 i = 0; i < hadPreciouses.length; ++i) {
contracts/proposals/ArbitraryCallsProposal.sol::61 => for (uint256 i = 0; i < calls.length; ++i) {
contracts/proposals/ArbitraryCallsProposal.sol::78 => for (uint256 i = 0; i < hadPreciouses.length; ++i) {
contracts/proposals/LibProposal.sol::14 => for (uint256 i = 0; i < preciousTokens.length; ++i) {
contracts/proposals/LibProposal.sol::32 => for (uint256 i = 0; i < preciousTokens.length; ++i) {
contracts/proposals/ListOnOpenseaProposal.sol::291 => for (uint256 i = 0; i < fees.length; ++i) {

   

COMPARISONS: != IS MORE EFFICIENT THAN > IN REQUIRE

When dealing with unsigned integer types, comparisons with != 0 are cheaper then with > 0. This change saves 6 gas per instance There are 2 instances of this issue

contracts/crowdfund/Crowdfund.sol::144 => if (initialBalance > 0) {
contracts/crowdfund/Crowdfund.sol::471 => if (votingPower > 0) {

   

USING BOOLS FOR STORAGE INCURS OVERHEAD

There are 5 instances of this issue

contracts/crowdfund/Crowdfund.sol
106:    bool private _splitRecipientHasBurned;

contracts/distribution/TokenDistributor.sol
28:        bool wasFeeClaimed;
30:        mapping(uint256 => bool) hasPartyTokenClaimed;
62:    bool public emergencyActionsDisabled;

contracts/globals/Global.sol
12:    mapping(uint256 => mapping(bytes32 => bool)) private _includedWordValues;

contracts/party/PartyGovernance.sol
108:        bool isDelegated;
197:    bool public emergencyExecuteDisabled;
207:    mapping(address => bool) public isHost;

contracts/vendor/markets/IZoraAuctionHouse.sol
15:        bool approved;

   

ABI.ENCODE() IS LESS EFFICIENT THAN ABI.ENCODEPACKED()

There are 4 instances of this issue

contracts/proposals/ListOnOpenseaProposal.sol
164:                    return abi.encode(ListOnOpenseaStep.ListedOnZora, ZoraProgressData({
219:            return abi.encode(ListOnOpenseaStep.ListedOnOpenSea, orderHash, expiry);

contracts/proposals/ListOnZoraProposal.sol
115:            return abi.encode(ZoraStep.ListedOnZora, ZoraProgressData({

contracts/utils/ReadOnlyDelegateCall.sol
23:        abi.encode(s, r).rawRevert();

   

DIVISION BY TWO SHOULD USE BIT SHIFTING

There is 1 instance of this issue

contracts/party/PartyGovernance.sol::434 => uint256 mid = (low + high) / 2;

   

MULTIPLE ADDRESS MAPPINGS CAN BE COMBINED INTO A SINGLE MAPPING OF AN ADDRESS TO A STRUCT, WHERE APPROPRIATE

There are 6 instances of this issue

contracts/crowdfund/Crowdfund.sol
112:    mapping(address => address) public delegationsByContributor;
115:    mapping (address => Contribution[]) private _contributionsByContributor;

contracts/party/PartyGovernance.sol
148:        mapping (address => bool) hasVoted;
207:    mapping(address => bool) public isHost;
209:    mapping(address => address) public delegationsByVoter;
215:    mapping(address => VotingPowerSnapshot[]) private _votingPowerSnapshotsByVoter;
AuditHub

A portfolio for auditors, a security profile for protocols, a hub for web3 security.

Built bymalatrax © 2024

Auditors

Browse

Contests

Browse

Get in touch

ContactTwitter