Petite Spruce Mammoth - Gas inefficiencies in loops (O(n²) complexity) can result in prohibitively high gas costs for users in `DiamondLoupFacet.sol` #72
While this is not a security vulnerability per se, it can result in prohibitively high gas costs for users, especially if the contract has a large number of facets and function selectors. This could lead to transaction failures due to out-of-gas errors.
PoC
No response
Mitigation
Use mappings instead of iterating through arrays to find facets or selectors. Mappings allow for O(1) lookup times instead of O(n), which would drastically improve gas efficiency.
Petite Spruce Mammoth
Low/Info
Gas inefficiencies in loops (O(n²) complexity) can result in prohibitively high gas costs for users in
DiamondLoupFacet.sol
Summary
Gas inefficiencies in loops (O(n²) complexity) in
DiamondLoupFacet.sol
can result in prohibitively high gas costs for users.Root Cause
The contract performs multiple nested loops to find or filter selectors and facet addresses. Specifically: The
facets()
, https://github.com/sherlock-audit/2024-09-symmio-v0-8-4-update-contest/blob/main/protocol-core/contracts/facets/DiamondLoup/DiamondLoupFacet.sol#L26-L60facetFunctionSelectors()
, https://github.com/sherlock-audit/2024-09-symmio-v0-8-4-update-contest/blob/main/protocol-core/contracts/facets/DiamondLoup/DiamondLoupFacet.sol#L76-L83 andfacetAddresses()
https://github.com/sherlock-audit/2024-09-symmio-v0-8-4-update-contest/blob/main/protocol-core/contracts/facets/DiamondLoup/DiamondLoupFacet.sol#L99-L118 functions loop through selectors and repeatedly check for facet addresses. These loops can grow linearly with the number of selectors and facets, resulting in O(n²) complexity, which can be very expensive in terms of gas, especially when dealing with a large number of function selectors and facets.Internal pre-conditions
No response
External pre-conditions
No response
Attack Path
No response
Impact
While this is not a security vulnerability per se, it can result in prohibitively high gas costs for users, especially if the contract has a large number of facets and function selectors. This could lead to transaction failures due to out-of-gas errors.
PoC
No response
Mitigation
Use mappings instead of iterating through arrays to find facets or selectors. Mappings allow for O(1) lookup times instead of O(n), which would drastically improve gas efficiency.