search

code-423n4 / 2021-08-gravitybridge-findings

1 stars 0 forks source link

State Variables that can be changed to `immutable` #48

Open code423n4 opened 2 years ago

code423n4 commented 2 years ago

Handle

hrkrshnn

Vulnerability details

State Variables that can be changed to immutable

Solidity 0.6.5 introduced immutable as a major feature. It allows setting contract-level variables at construction time which gets stored in code rather than storage.

Consider the following generic example:

contract C {
    /// The owner is set during contruction time, and never changed afterwards.
    address public owner = msg.sender;
}

In the above example, each call to the function owner() reads from storage, using a sload. After EIP-2929, this costs 2100 gas cold or 100 gas warm. However, the following snippet is more gas efficient:

contract C {
    /// The owner is set during contruction time, and never changed afterwards.
    address public immutable owner = msg.sender;
}

In the above example, each storage read of the owner state variable is replaced by the instruction push32 value, where value is set during contract construction time. Unlike the last example, this costs only 3 gas.

Examples

  1. https://github.com/althea-net/cosmos-gravity-bridge/blob/92d0e12cea813305e6472851beeb80bd2eaf858d/solidity/contracts/Gravity.sol#L59
  2. https://github.com/althea-net/cosmos-gravity-bridge/blob/92d0e12cea813305e6472851beeb80bd2eaf858d/solidity/contracts/Gravity.sol#L60
jkilpatr commented 2 years ago

This is a good improvement that will have some nice gas savings considering how often we access these variables. Which should probably be hardcoded rather than constructor arguments anyways.

also mentioned (not directly though) in #44

loudoguno commented 2 years ago

reopening as per judges assessment as "primary issue" on findings sheet