GalloDaSballo
commented
2 years ago Finding is valid, before committing to implementation make sure to verify that setting to 0 doesn't break any invariant
Open code423n4 opened 3 years ago
GalloDaSballo
commented
2 years ago Finding is valid, before committing to implementation make sure to verify that setting to 0 doesn't break any invariant
Handle
kenzo
Vulnerability details
Vulnerability details
In some places where data is discarded such as
bondBurn, part of the data is set to 0 (auctionBonder), and other parts are not (bondTimestamp). Setting unnecessary data back to 0 will save gas.Impact
Almost 2000 gas saved for each variable reset. In some places, like
createBasket(which only needs to save the proposal's "basket" field after creating the basket), this can save almost 15000 gas.Proof of Concept
Places where data is not reset: Factory's createBasket (set all _proposals[idNumber]'s fields to be 0 except basket) Basket's changePublisher: (set pendingPublisher.block = 0) Basket's changeLicenseFee: (set pendingLicenseFee.block = 0) Basket's setNewWeights and deleteNewIndex: (set pendingWeights.tokens and pendingWeights.weights to empty arrays) Auction's killAuction: (set auctionStart = 0) Auction's settleAuction: (set bondBlock, auctionBonder = 0) Auction's bondBurn: (set bondBlock= 0) Auction's withdrawBounty: (set bounty.token, bounty.amount= 0)
Tools Used
Manual analysis, hardhat.
Recommended Mitigation Steps
Detailed above.