search

code-423n4 / 2022-06-nibbl-findings

1 stars 0 forks source link

Gas Optimizations #156

Open code423n4 opened 2 years ago

code423n4 commented 2 years ago

Project

Nibbl contest

Contracts in Scope

File LoC External Calls Description
NibblVaultFactory.sol 70 0 Vault Factory that deploys vault and handles governance and access control.
NibblVault.sol 290 0 Vault which holds NFT and has logic for trading and buyout
Basket.sol 80 0 Basket that can be used to fractionalize multiple NFTs.
Twav.sol 25 0 Implements time-weighted valuation to be consumed in NibblVault for buyouts
ProxyVault.sol 17 0 Proxy contract that gets deployed with implementation as NibblVault
ProxyBasket.sol 17 0 Proxy contract that gets deployed with implementation as Basket
AccessControlMechanism.sol 19 0 Inherited in NibblVaultFactory for access control on certain actions
EIP712Base.sol 21 0 To implement permit functionality with EIP712 signing.

Report files

File SHA-1 HASH
NibblVaultFactory.sol 300fad385735fe6bfc11f614ec56cfed56f8441a
NibblVault.sol c0fc67ecb42b4019b3f49690d5faffc5091c53b9
Basket.sol eac3ba192488131f2a126660b9502c1b1754b231

Low risk, non-critical, and gas optimization findings

  1. Use != 0 instead of > 0. The variable is uint256, so it will not be below 0 so it can just check != 0. https://github.com/code-423n4/2022-06-nibbl/blob/main/contracts/NibblVault.sol#L227 https://github.com/code-423n4/2022-06-nibbl/blob/main/contracts/NibblVault.sol#L243

  2. Splitting require() statements that use && saves gas https://github.com/code-423n4/2022-06-nibbl/blob/main/contracts/NibblVaultFactory.sol#L107 https://github.com/code-423n4/2022-06-nibbl/blob/main/contracts/NibblVaultFactory.sol#L131 https://github.com/code-423n4/2022-06-nibbl/blob/main/contracts/NibblVaultFactory.sol#L149 https://github.com/code-423n4/2022-06-nibbl/blob/main/contracts/NibblVaultFactory.sol#L166

  3. .length should not be looked up in every loop https://github.com/code-423n4/2022-06-nibbl/blob/main/contracts/Basket.sol#L43 https://github.com/code-423n4/2022-06-nibbl/blob/main/contracts/Basket.sol#L70 https://github.com/code-423n4/2022-06-nibbl/blob/main/contracts/Basket.sol#L93 https://github.com/code-423n4/2022-06-nibbl/blob/main/contracts/NibblVault.sol#L506 https://github.com/code-423n4/2022-06-nibbl/blob/main/contracts/NibblVault.sol#L525 https://github.com/code-423n4/2022-06-nibbl/blob/main/contracts/NibblVault.sol#L547

  4. X = X + Y is cheaper than X += Y and X = X - Y is cheaper than X -= Y https://github.com/code-423n4/2022-06-nibbl/blob/main/contracts/NibblVault.sol#L219 https://github.com/code-423n4/2022-06-nibbl/blob/main/contracts/NibblVault.sol#L225 https://github.com/code-423n4/2022-06-nibbl/blob/main/contracts/NibblVault.sol#L242 https://github.com/code-423n4/2022-06-nibbl/blob/main/contracts/NibblVault.sol#L320 https://github.com/code-423n4/2022-06-nibbl/blob/main/contracts/NibblVault.sol#L322 https://github.com/code-423n4/2022-06-nibbl/blob/main/contracts/NibblVault.sol#L380 https://github.com/code-423n4/2022-06-nibbl/blob/main/contracts/NibblVault.sol#L383 https://github.com/code-423n4/2022-06-nibbl/blob/main/contracts/NibblVault.sol#L428 https://github.com/code-423n4/2022-06-nibbl/blob/main/contracts/NibblVault.sol#L429 https://github.com/code-423n4/2022-06-nibbl/blob/main/contracts/NibblVault.sol#L457

  5. Use of block.timestamp in NibblVault.sol and NibblVaultFactory.sol. Weak PRNG due to a modulo on block.timestamp. It can be influenced by miners to some extent so they should be avoided.

mundhrakeshav commented 2 years ago

Duplicate https://github.com/code-423n4/2022-06-nibbl-findings/issues/2, https://github.com/code-423n4/2022-06-nibbl-findings/issues/3, https://github.com/code-423n4/2022-06-nibbl-findings/issues/6, https://github.com/code-423n4/2022-06-nibbl-findings/issues/7, https://github.com/code-423n4/2022-06-nibbl-findings/issues/8, https://github.com/code-423n4/2022-06-nibbl-findings/issues/82

mundhrakeshav commented 2 years ago

16