search

code-423n4 / 2021-10-ambire-findings

0 stars 0 forks source link

Save Gas With The Unchecked Keyword #22

Closed code423n4 closed 2 years ago

code423n4 commented 2 years ago

Handle

ye0lde

Vulnerability details

Impact

Redundant arithmetic underflow/overflow checks can be avoided when an underflow/overflow cannot happen.

Proof of Concept

The "unchecked" keyword can be applied here since there is a "require" statement before to ensure the arithmetic operations would not cause an integer underflow or overflow. https://github.com/code-423n4/2021-10-ambire/blob/bc01af4df3f70d1629c4e22a72c19e6a814db70d/contracts/libs/SignatureValidatorV2.sol#L54-L58

Change the code at 57,58 to: IERC1271Wallet wallet; unchecked { wallet = IERC1271Wallet(address(uint160(uint256(sig.readBytes32(sig.length - 33))))); sig.trimToSize(sig.length - 33); }

A similar change can be made here: https://github.com/code-423n4/2021-10-ambire/blob/bc01af4df3f70d1629c4e22a72c19e6a814db70d/contracts/libs/SignatureValidatorV2.sol#L31-L32

Tools Used

Visual Studio Code, Remix

Recommended Mitigation Steps

Add the "unchecked" keyword as shown above.

Ivshti commented 2 years ago

resolved in https://github.com/AmbireTech/adex-protocol-eth/commit/d86f7199b39bc52cb88a3d76e2f8f06de10a07e5 and https://github.com/AmbireTech/adex-protocol-eth/commit/67a9bf713e1e21f9d6e5d19dbee1964a2db0fca4

GalloDaSballo commented 2 years ago

Duplicate of #46