search

code-423n4 / 2022-04-abranft-findings

0 stars 0 forks source link

Gas Optimizations #40

Open code423n4 opened 2 years ago

code423n4 commented 2 years ago

  1. Title: Using storage to declare struct variable inside function

Proof of Concept: https://github.com/code-423n4/2022-04-abranft/blob/main/contracts/NFTPair.sol#L182 https://github.com/code-423n4/2022-04-abranft/blob/main/contracts/NFTPair.sol#L187 https://github.com/code-423n4/2022-04-abranft/blob/main/contracts/NFTPair.sol#L220

Recommended Mitigation Steps: instead of caching TokenLoan to memory. read it directly from storage.

    TokenLoan storage loan = tokenLoan[tokenId];

========================================================================

2. Title: Using calldata on struct parameter

Proof of Concept: https://github.com/code-423n4/2022-04-abranft/blob/main/contracts/NFTPair.sol#L181 https://github.com/code-423n4/2022-04-abranft/blob/main/contracts/NFTPair.sol#L208 https://github.com/code-423n4/2022-04-abranft/blob/main/contracts/NFTPair.sol#L274 https://github.com/code-423n4/2022-04-abranft/blob/main/contracts/NFTPair.sol#L323

Recommended Mitigation Steps: Using calldata to store struct data type can save gas

    function updateLoanParams(uint256 tokenId, TokenLoanParams calldata params) public {

========================================================================

3. Title: Using multiple require instead && can save gas

Proof of Concept: https://github.com/code-423n4/2022-04-abranft/blob/main/contracts/NFTPair.sol#L188-L191 https://github.com/code-423n4/2022-04-abranft/blob/main/contracts/NFTPair.sol#L283-L288 https://github.com/code-423n4/2022-04-abranft/blob/main/contracts/NFTPair.sol#L622

Recommended Mitigation Steps: Change to:

    require(params.duration >= cur.duration,"NFTPair: worse params");
    require(params.valuation <= cur.valuation,"NFTPair: worse params");
    require(params.annualInterestBPS <= cur.annualInterestBPS,"NFTPair: worse params");

========================================================================

4. Title: Using > is cheaper than >=

Proof of Concept: https://github.com/code-423n4/2022-04-abranft/blob/main/contracts/NFTPair.sol#L189 https://github.com/code-423n4/2022-04-abranft/blob/main/contracts/NFTPair.sol#L285-L286 https://github.com/code-423n4/2022-04-abranft/blob/main/contracts/NFTPair.sol#L297 https://github.com/code-423n4/2022-04-abranft/blob/main/contracts/NFTPair.sol#L405

Recommended Mitigation Steps: Change >= to >

========================================================================

5. Title: use unchecked for calculation can save gas

Proof of Concept: https://github.com/code-423n4/2022-04-abranft/blob/main/contracts/NFTPair.sol#L536

Recommended Mitigation Steps: no underflow comment in L#535

    unchecked{
    feesEarnedShare += feeShare;
    }

========================================================================

  1. Title: unnecessary value set. the default value of uint is 0.

Proof of Concept: https://github.com/code-423n4/2022-04-abranft/blob/main/contracts/NFTPair.sol#L96 https://github.com/code-423n4/2022-04-abranft/blob/main/contracts/NFTPair.sol#L641 https://github.com/code-423n4/2022-04-abranft/blob/main/contracts/BentoBoxFlat.sol#L1009 https://github.com/code-423n4/2022-04-abranft/blob/main/contracts/BentoBoxFlat.sol#L1018

Recommended Mitigation Steps: remove 0 value can save gas

========================================================================

7. Title: Using delete statement to empty feesEarnedShare can save gas

Proof of Concept: https://github.com/code-423n4/2022-04-abranft/blob/main/contracts/NFTPair.sol#L719 https://github.com/code-423n4/2022-04-abranft/blob/main/contracts/BentoBoxFlat.sol#L1075-L1076

Recommended Mitigation Steps:

    delete feesEarnedShare;

========================================================================

  1. Title: Caching .length for loop can save gas

Proof of Concept: https://github.com/code-423n4/2022-04-abranft/blob/main/contracts/NFTPair.sol#L641

Recommended Mitigation Steps: Change to:

    uint256 Length = actions.length;
    for (uint256 i = 0; i < Length; i++) {

========================================================================

9. Title: Using unchecked and prefix increment

Proof of Concept: https://github.com/code-423n4/2022-04-abranft/blob/main/contracts/BentoBoxFlat.sol#L627

Recommended Mitigation Steps:

    for (uint256 i = 0; i < calls.length;) {
            (bool success, bytes memory result) = address(this).delegatecall(calls[i]);
            require(success || !revertOnFail, _getRevertMsg(result));
            successes[i] = success;
            results[i] = result;
    unchecked{
        ++i; //@audit-info: Place here with unchecked
        }
        }

========================================================================

10. Title: Using != is more gas efficient

Proof of Concept: https://github.com/code-423n4/2022-04-abranft/blob/main/contracts/NFTPair.sol#L717 https://github.com/code-423n4/2022-04-abranft/blob/main/contracts/BentoBoxFlat.sol#L1062 https://github.com/code-423n4/2022-04-abranft/blob/main/contracts/BentoBoxFlat.sol#L1106

Recommended Mitigation Steps:

    if (_share != 0) {

========================================================================

11. Title: Prefix increments are cheaper than postfix increments

Proof of Concept: https://github.com/code-423n4/2022-04-abranft/blob/main/contracts/BentoBoxFlat.sol#L954

Recommended Mitigation Steps: Change to ++i

========================================================================

cryptolyndon commented 2 years ago

Fair call on number 2