byterocket / c4-common-issues Goto Github PK
View Code? Open in Web Editor NEWA collection of common security issues and possible gas optimizations in solidity smart contracts
License: Other
A collection of common security issues and possible gas optimizations in solidity smart contracts
License: Other
As per this SO answer, the "external is cheaper than public" mantra seems to be wrong.
However, this is only the case for versions >=0.6.9
. Adjust the issue description to reflect this.
immutable
for OpenZeppelin AccessControl
's Roles DeclarationsSince Solidity version 0.6.12
the keccak256
of string literals are treated specially and the hash is evaluated at compile time. It's not even necessary to have optimizations enabled.
Which severity would you assign to this Issue?
Which severity would you assign to this Issue?
See https://twitter.com/danielvf/status/1519381832592199681.
If applicable, provide a small example. If not, delete this section.
π€¦ Bad:
unit[] public array;
function _requireLength(unit[] memory _array) internal pure {
// The memory keyword leads to SLOADing the entire array into memory, i.e. creates hidden, unbounded loop.
require(_array.length > 0, "Empty array");
}
π Good:
unit[] public array;
function _requireLength(unit[] storage _array) internal pure {
// No hidden loop.
require(_array.length > 0, "Empty array");
}
See https://twitter.com/danielvf/status/1519381832592199681.
TODO: Not found yet
solmate
's SafeTransferLib
Which severity would you assign to this Issue?
solmate
's SafeTransferLib
states in the contract docs that none of the functions in this library check that a token has code at all! That responsibility is delegated to the caller.
A call to an address with no code will be a no-op since low-level calls to non-contracts always return success.
Consider verifying whether a contract, i.e. token, exists before using any SafeTransferLib
functions:
require(token.code.length != 0, "Contract does not exist");
π€¦ Bad:
// Note that this function is for demonstration purposes only and should not be used as is.
function fetchTokens(address token, address from, uint amount) {
ERC20(token).safeTransferFrom(from, amount);
}
π Good:
// Note that this function is for demonstration purposes only and should not be used as is.
function fetchToken(address token, address from, uint amount) {
require(token.code.length != 0, "Contract does not exist");
ERC20(token).safeTransferFrom(from, amount);
}
++i
is more gas efficient than i++
or i += x
(if x = 1)Which severity would you assign to this Issue?
writing a value to a slot that doesnβt have one will be more expensive than writing to one that does.
when incrementing an integer, ++i (return old value, then add 1) is cheaper than i++ (add 1, then return new value)
π€¦ Bad:
/// @dev Consumes ~21586 gas on average.
function war() external pure returns (uint256 result) {
uint i = 1;
result += i;
}
or
/// @dev Consumes ~21557 gas on average.
function bar() external pure returns (uint256 result) {
result ++;
}
π Good:
/// @dev Consumes ~21530 gas on average.
function foo() external pure returns (uint256 result) {
++ result;
}
https://m1guelpf.blog/d0gBiaUn48Odg8G2rhs3xLIjaL8MfrWReFkjg8TmDoM
iszero(x)
instruction is more gas efficient than x == 0
Which severity would you assign to this Issue?
With the use of the EVM dialect (=Yul), zero checking can be made more efficient via inline assembly.
π€¦ Bad:
/// @dev Consumes ~21812 gas on average.
function foo(uint256 x) external pure returns (bool result) {
return x == 0;
}
π Good:
/// @dev Consumes ~21787 gas on average.
function bar(uint256 x) external pure returns (bool result) {
assembly {
result := iszero(x)
}
}
A declarative, efficient, and flexible JavaScript library for building user interfaces.
π Vue.js is a progressive, incrementally-adoptable JavaScript framework for building UI on the web.
TypeScript is a superset of JavaScript that compiles to clean JavaScript output.
An Open Source Machine Learning Framework for Everyone
The Web framework for perfectionists with deadlines.
A PHP framework for web artisans
Bring data to life with SVG, Canvas and HTML. πππ
JavaScript (JS) is a lightweight interpreted programming language with first-class functions.
Some thing interesting about web. New door for the world.
A server is a program made to process requests and deliver data to clients.
Machine learning is a way of modeling and interpreting data that allows a piece of software to respond intelligently.
Some thing interesting about visualization, use data art
Some thing interesting about game, make everyone happy.
We are working to build community through open source technology. NB: members must have two-factor auth.
Open source projects and samples from Microsoft.
Google β€οΈ Open Source for everyone.
Alibaba Open Source for everyone
Data-Driven Documents codes.
China tencent open source team.