search

code-423n4 / 2022-01-yield-findings

1 stars 0 forks source link

less gas usage by calling the `TransferHelper` lib directly #72

Open code423n4 opened 2 years ago

code423n4 commented 2 years ago

Handle

rfa

Vulnerability details

Impact

spend at least 6930 more gas on deployment, and spend 40 gas more per call (by using current implementasion)

Proof of Concept

https://github.com/code-423n4/2022-01-yield/blob/main/contracts/ConvexStakingWrapper.sol#L184 https://github.com/code-423n4/2022-01-yield/blob/main/contracts/ConvexStakingWrapper.sol#L239

the TransferHelper lib just used twice in this contract. remove:(line 16) https://github.com/code-423n4/2022-01-yield/blob/main/contracts/ConvexStakingWrapper.sol#L16

and just call TransferHelper.safeTransfer() directly at those line.

This method is using almost exact the same gas as if we just copying the safeTransfer() and remove the TransferHelper lib from the contract. (since we need just 1 function from the lib)

devtooligan commented 2 years ago

nice!

GalloDaSballo commented 2 years ago

Finding is valid