search

code-423n4 / 2021-11-vader-findings

0 stars 0 forks source link

Gas: VaderMath's endpoint functions can be made external #222

Closed code423n4 closed 2 years ago

code423n4 commented 3 years ago

Handle

hyh

Vulnerability details

Proof of Concept

VaderMath's library calculateLiquidityUnits, calculateLoss, calculateSwap and calculateSwapReverse functions are public, but being calculation facade are called only from outside contracts and can be made external to reduce calling costs. Inheritance is unlikely here as next generation logic is better be formulated afresh for clarity.

https://github.com/code-423n4/2021-11-vader/blob/main/contracts/dex/math/VaderMath.sol#L19 https://github.com/code-423n4/2021-11-vader/blob/main/contracts/dex/math/VaderMath.sol#L73 https://github.com/code-423n4/2021-11-vader/blob/main/contracts/dex/math/VaderMath.sol#L99 https://github.com/code-423n4/2021-11-vader/blob/main/contracts/dex/math/VaderMath.sol#L117

Recommended Mitigation Steps

Substitute public visibility with external.