Open code423n4 opened 2 years ago
I have tested this (and you can do by changing it and rerunning the hardhat tests and comparing the gas reports) and this seems to be fixed in solidity now, so it is not valid in this specific case. At least is not in 0.8.10
. Thankfully, because uint256(2**128)
is more readable.
Handle
Dravee
Vulnerability details
Impact
Due to how
constant
variables are implemented, an expression assigned to aconstant
variable is recomputed each time that the variable is used, which wastes some gas.If the variable was
immutable
instead: the calculation would only be done once at deploy time (in the constructor), and then the result would be saved and read directly at runtime rather than being recalculated.See: ethereum/solidity#9232
Proof of Concept
Here, the exponentiation operation is computed everytime the
_pointsMultiplier
variable is used:Tools Used
VS Code
Recommended Mitigation Steps
Change expressions that are
constant
toimmutable
and implement the calculation in the constructor