search

code-423n4 / 2021-08-gravitybridge-findings

1 stars 0 forks source link

Avoid long revert strings. #49

Open code423n4 opened 2 years ago

code423n4 commented 2 years ago

Handle

hrkrshnn

Vulnerability details

Avoid long revert strings.

There are currently several strings that are larger than 32 bytes.

Revert strings above 32 characters would need an additional mstore. This would incur cost for an additional mstore, along with cost for memory expansion, as well as cost for additional stack operations. This cost is only relevant when the revert condition is met.

Shortening would also reduce the deploy cost for the contract in all cases.

Consider using Custom errors from solidity 0.8.4, which is more gas efficient than revert strings.

Examples of lengthy revert strings

  1. https://github.com/althea-net/cosmos-gravity-bridge/blob/92d0e12cea813305e6472851beeb80bd2eaf858d/solidity/contracts/Gravity.sol#L347
  2. https://github.com/althea-net/cosmos-gravity-bridge/blob/92d0e12cea813305e6472851beeb80bd2eaf858d/solidity/contracts/Gravity.sol#L449
  3. https://github.com/althea-net/cosmos-gravity-bridge/blob/92d0e12cea813305e6472851beeb80bd2eaf858d/solidity/contracts/Gravity.sol#L323
  4. https://github.com/althea-net/cosmos-gravity-bridge/blob/92d0e12cea813305e6472851beeb80bd2eaf858d/solidity/contracts/Gravity.sol#L329

Functions that can be made external

It is a good practice to make public functions that are not referenced inside the code to external. In very old Solidity versions, in some cases, this lead to a decrease in gas. However, this is unlikely to be the case now.

Examples

  1. https://github.com/althea-net/cosmos-gravity-bridge/blob/92d0e12cea813305e6472851beeb80bd2eaf858d/solidity/contracts/Gravity.sol#L224
  2. https://github.com/althea-net/cosmos-gravity-bridge/blob/92d0e12cea813305e6472851beeb80bd2eaf858d/solidity/contracts/Gravity.sol#L301
  3. https://github.com/althea-net/cosmos-gravity-bridge/blob/92d0e12cea813305e6472851beeb80bd2eaf858d/solidity/contracts/Gravity.sol#L414
  4. https://github.com/althea-net/cosmos-gravity-bridge/blob/92d0e12cea813305e6472851beeb80bd2eaf858d/solidity/contracts/Gravity.sol#L530
  5. https://github.com/althea-net/cosmos-gravity-bridge/blob/92d0e12cea813305e6472851beeb80bd2eaf858d/solidity/contracts/Gravity.sol#L546
jkilpatr commented 2 years ago

Partial duplicate of #50 from the same submitter.

albertchon commented 2 years ago

Agreed, although marking this as a unique report

loudoguno commented 2 years ago

reopening as per judges assessment as "primary issue" on findings sheet