search

code-423n4 / 2024-03-coinbase-findings

1 stars 0 forks source link

unchecked loop increments no valid in solidity `> v0.8.22` #38

Open c4-bot-7 opened 8 months ago

c4-bot-7 commented 8 months ago

Lines of code

https://github.com/code-423n4/2024-03-coinbase/blob/e0573369b865d47fed778de00a7b6df65ab1744e/src/SmartWallet/CoinbaseSmartWallet.sol#L208-L210

Vulnerability details

Impact

The new optimization in v0.8.22 removes the need for poor unchecked increment patterns in for loop bodies such

Proof of Concept

Solidity 0.8.22 introduces an overflow check optimization that automatically generates an unchecked arithmetic increment of the counter of for loops.

Tools Used

manual

Recommended Mitigation Steps

do not use ++i in >v0.8.22

Assessed type

Other

c4-pre-sort commented 8 months ago

raymondfam marked the issue as insufficient quality report

c4-pre-sort commented 8 months ago

raymondfam marked the issue as primary issue

raymondfam commented 8 months ago

It's meant for gas optimization.

3docSec commented 8 months ago

The lookout made a good point.

c4-judge commented 8 months ago

3docSec changed the severity to G (Gas Optimization)

c4-judge commented 8 months ago

3docSec marked the issue as grade-b