Handle

Dravee

Vulnerability details

Impact

SLOADs are expensive (~100 gas) compared to MLOADs/MSTOREs (~3 gas). Minimizing them can save gas.

Proof of Concept

The code in the title's function is as such (see @audit-info comments for the opcodes):

File: Sherlock.sol
329:   function pause() external onlyOwner {
330:     _pause();
331:     if (!Pausable(address(yieldStrategy)).paused()) yieldStrategy.pause();
332:     // sherDistributionManager can be 0, pause isn't needed in that case
333:     if (
334:       address(sherDistributionManager) != address(0) && //@audit-info SLOAD
335:       !Pausable(address(sherDistributionManager)).paused()//@audit-info SLOAD
336:     ) {
337:       sherDistributionManager.pause();
338:     }
339:     if (!Pausable(address(sherlockProtocolManager)).paused()) sherlockProtocolManager.pause();
340:     if (!Pausable(address(sherlockClaimManager)).paused()) sherlockClaimManager.pause();
341:   }

The code can be optimized by minimizing the number of SLOADs. Here's what I suggest:

File: Sherlock.sol
329:   function pause() external onlyOwner {
330:     _pause();
331:     if (!Pausable(address(yieldStrategy)).paused()) yieldStrategy.pause();
332:     // sherDistributionManager can be 0, pause isn't needed in that case
333:     address sherDistributionManagerAddress = address(sherDistributionManager);//@audit-info SLOAD + MSTORE
334:     if (
335:       sherDistributionManagerAddress != address(0) && //@audit-info MLOAD
336:       !Pausable(sherDistributionManagerAddress).paused()//@audit-info MLOAD
337:     ) {
338:       sherDistributionManager.pause();
339:     }
340:     if (!Pausable(address(sherlockProtocolManager)).paused()) sherlockProtocolManager.pause();
341:     if (!Pausable(address(sherlockClaimManager)).paused()) sherlockClaimManager.pause();
342:   }

Tools Used

VS Code

Recommended Mitigation Steps

Apply the suggested optimization

code-423n4 / 2022-01-sherlock-findings