search

code-423n4 / 2021-11-fei-findings

0 stars 0 forks source link

Remove unnecessary variables can make the code simpler and save some gas #99

Open code423n4 opened 2 years ago

code423n4 commented 2 years ago

Handle

WatchPug

Vulnerability details

https://github.com/code-423n4/2021-11-fei/blob/add34324513b863f58e4ef7b3cd0c12d776dbb7f/contracts/TRIBERagequit.sol#L138-L145

function verifyClaim(
    address claimer,
    uint256 key,
    bytes32[] memory merkleProof
) private view returns (bool) {
    bytes32 leaf = keccak256(abi.encodePacked(claimer, key));
    return verifyProof(merkleProof, merkleRoot, leaf);
}

leaf is unnecessary as it's being used only once. Can be changed to:

function verifyClaim(
    address claimer,
    uint256 key,
    bytes32[] memory merkleProof
) private view returns (bool) {
    return verifyProof(merkleProof, merkleRoot, keccak256(abi.encodePacked(claimer, key)));
}

https://github.com/code-423n4/2021-11-fei/blob/add34324513b863f58e4ef7b3cd0c12d776dbb7f/contracts/TRIBERagequit.sol#L59-L82

function ngmi(
    uint256 multiplier,
    uint256 key,
    bytes32[] memory merkleProof
) public {
    require(isExpired() == false, "Redemption period is over");
    require(isEnabled() == true, "Proposals are not both passed");
    require(minProtocolEquity > 0, "no equity");
    address thisSender = msg.sender;
    require(
        verifyClaim(thisSender, key, merkleProof) == true,
        "invalid proof"
    );
    require(
        (claimed[thisSender] + multiplier) <= key,
        "already ragequit all you tokens"
    );
    claimed[thisSender] = claimed[thisSender] + multiplier;
    uint256 token0TakenTotal = token0InBase * multiplier;
    uint256 token1GivenTotal = token1OutBase * multiplier;
    takeFrom(thisSender, token0TakenTotal);
    giveTo(thisSender, token1GivenTotal);
    emit Exchange(thisSender, token0TakenTotal, token1GivenTotal);
}

thisSender is unnecessary, it can be replaced with msg.sender.

pauliax commented 2 years ago

Valid optimization.