Several revert strings in SwappableYieldSource.sol are more than 32
bytes. Try to keep everything below 32 bytes. Even better would be
replacing it with Solidity's custom errors from 0.8.4.
function transferERC20(IERC20Upgradeable erc20Token, address to, uint256 amount) external onlyOwnerOrAssetManager returns (bool) {
require(address(erc20Token) != address(yieldSource), "SwappableYieldSource/yield-source-token-transfer-not-allowed");
...
}
The above string is 60 characters. Everything above 32 characters would
need an additional mstore. This would incur a cost for an additional
mstore, cost for memory expansion, as well as additional stack
operation costs. This is only relevant when the revert condition is met.
Shortening would also reduce the deploy cost for the contract in all
cases.
If possible, it's recommended to change this to:
pragma solidity ^0.8.4;
/// A long NatSpec comment explaning this in detail, without costing on chain gas.
error YieldSourceTokenTransferNotAllowed();
function transferERC20(IERC20Upgradeable erc20Token, address to, uint256 amount) external onlyOwnerOrAssetManager returns (bool) {
if (address(erc20Token) == address(yieldSource))
revert YieldSourceTokenTransferNotAllowed();
...
}
The above change will also decrease gas.
There are several other instances where large revert strings are used.
All of them can be shortened / replaced.
This feature is only available for Solidity version 0.8.4, we are using version 0.7.6 in the swappable yield source and 0.8.2 in the mStable yield source.
Handle
hrkrshnn
Vulnerability details
Consider shortening revert strings
Several revert strings in
SwappableYieldSource.sol
are more than 32 bytes. Try to keep everything below 32 bytes. Even better would be replacing it with Solidity's custom errors from 0.8.4.Example:
The above string is 60 characters. Everything above 32 characters would need an additional
mstore
. This would incur a cost for an additionalmstore
, cost for memory expansion, as well as additional stack operation costs. This is only relevant when the revert condition is met.Shortening would also reduce the deploy cost for the contract in all cases.
If possible, it's recommended to change this to:
The above change will also decrease gas.
There are several other instances where large revert strings are used. All of them can be shortened / replaced.