Closed code423n4 closed 2 years ago
1) Invalid. They are already immutable.
2) Invalid. None of this makes sense and not all of these are even state variables.
3) Valid! Good catch, will implement this.
4) 1. Invalid, 2. Valid, been thinking of a way to do this, since you cannot slap an unchecked {}
in a for increment statement, the only way to do this is to have an internal (either in the contract or in a library so you can just i.increment()
.
5) Valid! Will implement this.
6) Invalid, setting private functions internal does not save gas or affect anything except inheritance.
7) Valid, but since these are basically all basic NFT functions (except the public burn()
& burnWithSig()
which will be changed) I opt not to modify them.
8) Valid, will change.
9) Invalid, some of these are immutables and don't take a storage slot.
10) Invalid, we opt to keep the standard ERC721 revert messages.
11) Invalid, they are used, not sure what this means.
12) Invalid, the constructors construct inherited contracts.
13) Invalid... They are used in inheriting contracts :(
14) Valid! Good catch, will implement.
15) Invalid, doing so leads to a stack too deep
error or would change basic ERC721 functionality.
16) Valid-ish, most of this is because we want to keep a clean interface that can be built upon and maintain readable code.
17) Valid-ish, again mostly this is because we want to keep a clean readable codebase and don't want to change the standard ERC721 too much.
18) Invalid, as far as I know modern errors save code size and gas on reverts, especially if the condition does not require a negation, where it would in the case of a require (extra NOT opcode).
19) Invalid, these are done this way to match the standard defined interfaces.
While a couple of these issues are valid, its obvious that the warden has used automated tooling and has not taken the time to validate the output of any issues raised. Please stop doing this, you are wasting the sponsor's time and judge's time with this kind of behaviour. To make it clear for this warden and others, I will not reward submissions which are directly sourced from automated tooling and are without proper context and detail. As such I'm marking this as invalid
.
While a couple of these issues are valid, its obvious that the warden has used automated tooling and has not taken the time to validate the output of any issues raised. Please stop doing this, you are wasting the sponsor's time and judge's time with this kind of behaviour. To make it clear for this warden and others, I will not reward submissions which are directly sourced from automated tooling and are without proper context and detail. As such I'm marking this as
invalid
.
Gigachad answer
Title: State variables that could be set immutable Severity: GAS
In the following files there are state variables that could be set immutable to save gas.
Title: Unused state variables Severity: GAS
Unused state variables are gas consuming at deployment (since they are located in storage) and are a bad code practice. Removing those variables will decrease deployment gas cost and improve code quality. This is a full list of all the unused storage variables we found in your code base.
Title: Caching array length can save gas Severity: GAS
Caching the array length is more gas efficient. This is because access to a local variable in solidity is more efficient than query storage / calldata / memory. We recommend to change from:
to:
Title: Prefix increments are cheaper than postfix increments Severity: GAS
Prefix increments are cheaper than postfix increments. Further more, using unchecked {++x} is even more gas efficient, and the gas saving accumulates every iteration and can make a real change There is no risk of overflow caused by increamenting the iteration index in for loops (the
++i
infor (uint256 i = 0; i < numIterations; ++i)
). But increments perform overflow checks that are not necessary in this case. These functions use not using prefix increments (++x
) or not using the unchecked keyword:Title: Unnecessary index init Severity: GAS
In for loops you initialize the index to start from 0, but it already initialized to 0 in default and this assignment cost gas. It is more clear and gas efficient to declare without assigning 0 and will have the same meaning:
Title: Internal functions to private Severity: GAS
The following functions could be set private to save gas and improve code quality:
Title: Public functions to external Severity: GAS
The following functions could be set external to save gas and improve code quality. External call cost is less expensive than of public functions.
Title: Unnecessary default assignment Severity: GAS
Unnecessary default assignments, you can just declare and it will save gas and have the same meaning.
Title: Rearrange state variables Severity: GAS
You can change the order of the storage variables to decrease memory uses.
In FollowNFT.sol,rearranging the storage fields can optimize to: 5 slots from: 6 slots. The new order of types (you choose the actual variables):
In CollectNFT.sol,rearranging the storage fields can optimize to: 4 slots from: 5 slots. The new order of types (you choose the actual variables):
Title: Short the following require messages Severity: GAS
The following require messages are of length more than 32 and we think are short enough to short them into exactly 32 characters such that it will be placed in one slot of memory and the require function will cost less gas. The list:
Title: Unused inheritance Severity: GAS
Title: Unnecessary constructor Severity: GAS
The following constructors are empty. (A similar issue https://github.com/code-423n4/2021-11-fei-findings/issues/12)
Title: Unnecessary functions Severity: GAS
Title: Use unchecked to save gas for certain additive calculations that cannot overflow Severity: GAS
You can use unchecked in the following calculations since there is no risk to overflow:
Title: Use calldata instead of memory Severity: GAS
Use calldata instead of memory for function parameters In some cases, having function arguments in calldata instead of memory is more optimal.
Title: Consider inline the following functions to save gas Severity: GAS
Title: Inline one time use functions Severity: GAS
The following functions are used exactly once. Therefore you can inline them and save gas and improve code clearness.
Title: Change if -> revert pattern to require Severity: GAS
Change if -> revert pattern to 'require' to save gas and improve code quality, if (some_condition) { revert(revert_message) }
to: require(!some_condition, revert_message)
In the following locations:
Title: Never used parameters Severity: GAS / Low
Those are functions and parameters pairs that the function doesn't use the parameter. In case those functions are external/public this is even worst since the user is required to put value that never used and can misslead him and waste its time and also costs GAS.