Back to w0Lfrum's contests

Holograph contest - w0Lfrum's results

Omnichain protocol for deploying, minting, & bridging NFTs between blockchains.

General Information

Platform: Code4rena

Start Date: 18/10/2022

Pot Size: $75,000 USDC

Total HM: 27

Participants: 144

Period: 7 days

Judge: gzeon

Total Solo HM: 13

Id: 170

League: ETH

Holograph

Findings Distribution

Researcher Performance

Rank: 121/144

Findings: 2

Award: $0.00

QA:
grade-c
Gas:
grade-c

🌟 Selected for report: 0

🚀 Solo Findings: 0

External Links

Code4rena Contest PageGithub Contest RepositoryGithub Findings RepositoryHolograph

Findings Information

🌟 Selected for report: Rolezn

Also found by: 0x1f8b, 0x52, 0x5rings, 0xNazgul, 0xSmartContract, 0xZaharina, 0xhunter, 0xzh, 8olidity, Amithuddar, Aymen0909, B2, Bnke0x0, Chom, Deivitto, Diana, Diraco, Dravee, Franfran, JC, Jeiwan, Josiah, JrNet, Jujic, KingNFT, KoKo, Lambda, Margaret, Migue, Ocean_Sky, PaludoX0, Picodes, Rahoz, RaoulSchaffranek, RaymondFam, RedOneN, ReyAdmirado, Shinchan, Tagir2003, Trust, Waze, Yiko, __141345__, a12jmx, adriro, ajtra, arcoun, aysha, ballx, bin2chen, bobirichman, brgltd, bulej93, catchup, catwhiskeys, caventa, cccz, cdahlheimer, ch0bu, chaduke, chrisdior4, cloudjunky, cryptostellar5, cryptphi, csanuragjain, cylzxje, d3e4, delfin454000, djxploit, durianSausage, erictee, fatherOfBlocks, francoHacker, gianganhnguyen, gogo, hansfriese, i_got_hacked, ignacio, imare, karanctf, kv, leosathya, louhk, lukris02, lyncurion, m_Rassska, malinariy, martin, mcwildy, mics, minhtrng, nicobevi, oyc_109, pashov, peanuts, pedr02b2, peiw, rbserver, ret2basic, rotcivegaf, rvierdiiev, ryshaw, sakman, sakshamguruji, saneryee, securerodd, seyni, sikorico, svskaushik, teawaterwire, tnevler, w0Lfrum

Awards

0 USDC - $0.00

Labels

bug
QA (Quality Assurance)
edited-by-warden
responded
grade-c

External Links

Link to GitHub issue

QA Report

Summary

The overall code is well-commented. Unit tests are provided. The logic is split into the corresponding files. The logic is clear when referring to the docs/information given in the code4rena contest page. There may be instances where ether may be sent to the contract via the receive() or fallback functions. These contracts may lock the sent ether as they do not have functionality to withdraw ether from the contract.

1. Payable Fallback Function :

It is optional whether to add the payable functionality for a fallback function. Since the fallback() is purposefully made to revert to prevent any calls to undefined functions and there is no need to send any ether to the contract. Hence the payable keyword may be removed.

fallback() external payable {
    revert();
}

Can be changed to :

fallback() external {
    revert();
}

Findings Information

🌟 Selected for report: oyc_109

Also found by: 0x040, 0x1f8b, 0x5rings, 0xNazgul, 0xSmartContract, 0xZaharina, 0xsam, 0xzh, 2997ms, Amithuddar, Aymen0909, B2, Bnke0x0, Deivitto, Diana, Dinesh11G, Franfran, JC, JrNet, Jujic, KingNFT, KoKo, Mathieu, Metatron, Mukund, Olivierdem, PaludoX0, Pheonix, Picodes, RaymondFam, RedOneN, ReyAdmirado, Rolezn, Saintcode_, Satyam_Sharma, Shinchan, Tagir2003, Tomio, Waze, Yiko, __141345__, adriro, ajtra, aysha, ballx, beardofginger, bobirichman, brgltd, bulej93, catchup, catwhiskeys, cdahlheimer, ch0bu, chaduke, chrisdior4, cryptostellar5, cylzxje, d3e4, delfin454000, dharma09, djxploit, durianSausage, emrekocak, erictee, exolorkistis, fatherOfBlocks, gianganhnguyen, gogo, halden, hxzy, i_got_hacked, iepathos, karanctf, leosathya, lucacez, lukris02, lyncurion, m_Rassska, martin, mcwildy, mics, nicobevi, peanuts, peiw, rbserver, ret2basic, rotcivegaf, ryshaw, sakman, sakshamguruji, saneryee, sikorico, skyle, svskaushik, tnevler, vv7, w0Lfrum, zishansami

Awards

0 USDC - $0.00

Labels

bug
G (Gas Optimization)
sponsor confirmed
edited-by-warden
responded
grade-c

External Links

Link to GitHub issue

Gas Optimization Report

This report describes opportunity for gas optimization in the order of appearance in the code.

1. Using Unchecked Blocks(Along with Pre-Increment) for Incrementing the Loop Variable

Lines of Code :

HolographOperator.sol#L781-783

HolographOperator.sol#L871-L876

Details :

Checks for overflow/underflow consume extra gas. Using an unchecked block for incrementing loop variable saves gas.

For Example :

for (uint256 i = 0; i < length; i++) {
    operators[i] = _operatorPods[pod][index + i];
}

Can be changed to :

for (uint256 i; i < length;) {  // default value of i will be 0
    operators[i] = _operatorPods[pod][index + i];
    unchecked {
        ++i;
    }
}

The value of length would not be greater than (2^256) - 1, so the value of i would not overflow. Hence an unchecked block can be used.

2. Using Custom Strings instead of require Strings to Save Gas

Custom errors are available from solidity version 0.8.4. These custom errors avoid having to allocate space to store revert strings. Not defining the error strings in the custom errors also saves gas.

3. In For Loops, ++i Costs Much Lesser Gas than i++

Saves 5 gas per iteration in the For loop.

4. Using 1e10 Instead of 10**10

Lines of Code:

LayerZeroModule.sol#L274

LayerZeroModule.sol#L293

Using 1e10 Instead of 10**10 saves gas.

AuditHub

A portfolio for auditors, a security profile for protocols, a hub for web3 security.

Built bymalatrax © 2024

Auditors

Browse

Contests

Browse

Get in touch

ContactTwitter