search

code-423n4 / 2021-12-amun-findings

0 stars 0 forks source link

Only using `SafeMath` when necessary can save gas #206

Closed code423n4 closed 2 years ago

code423n4 commented 2 years ago

Handle

WatchPug

Vulnerability details

For the arithmetic operations that will never over/underflow, using SafeMath will cost more gas.

For example:

https://github.com/code-423n4/2021-12-amun/blob/98f6e2ff91f5fcebc0489f5871183566feaec307/contracts/basket/contracts/facets/Basket/BasketFacet.sol#L257

uint256 timePassed = block.timestamp.sub(lastFeeClaimed);

block.timestamp - lastFeeClaimed will never underflow.

https://github.com/code-423n4/2021-12-amun/blob/98f6e2ff91f5fcebc0489f5871183566feaec307/contracts/basket/contracts/facets/ERC20/LibERC20.sol#L20

es.balances[_to] = es.balances[_to].add(_amount);
es.totalSupply = es.totalSupply.add(_amount);

es.balances[_to] + _amount will not overflow if es.totalSupply.add(_amount) dose not overflow.

https://github.com/code-423n4/2021-12-amun/blob/98f6e2ff91f5fcebc0489f5871183566feaec307/contracts/basket/contracts/facets/ERC20/LibERC20.sol#L30

es.balances[_from] = es.balances[_from].sub(_amount);
es.totalSupply = es.totalSupply.sub(_amount);

es.totalSupply - _amount will not underflow if es.balances[_from].sub(_amount) dose not underflow.

0xleastwood commented 2 years ago

Duplicate of #106