Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom

Usage of zero storage for reentrancy guard increases chance that gas refund is capped #1

Open
code423n4 opened this issue Jan 4, 2022 · 3 comments
Open

Usage of zero storage for reentrancy guard increases chance that gas refund is capped #1

code423n4 opened this issue Jan 4, 2022 · 3 comments
Labels
bug Something isn't working G (Gas Optimization) resolved Finding has been patched by sponsor (sponsor pls link to PR containing fix) sponsor confirmed Sponsor agrees this is a problem and intends to fix it (OK to use w/ "disagree with severity")

Comments

@code423n4
Copy link
Contributor

Handle

TomFrenchBlockchain

Vulnerability details

Impact

Reduction of potential gas refunds.

Proof of Concept

The reentrancy guard variable is initially set to zero, set to a nonzero value and then reset to zero:

https://github.com/OpenZeppelin/openzeppelin-contracts/blob/4a9cc8b4918ef3736229a5cc5a310bdc17bf759f/contracts/security/ReentrancyGuard.sol#L29-L35

We then have to the higher cost for writing to clean storage rather than dirty storage (which is then refunded). This is not recommended as it can cause the size of the gas refunded to users to be capped. For more info see the OZ implementation:

https://github.com/OpenZeppelin/openzeppelin-contracts/blob/4a9cc8b4918ef3736229a5cc5a310bdc17bf759f/contracts/security/ReentrancyGuard.sol#L29-L35

Recommended Mitigation Steps

Change from 0->1->0 to 1->2->1
@code423n4 code423n4 added bug Something isn't working G (Gas Optimization) labels Jan 4, 2022
code423n4 added a commit that referenced this issue Jan 4, 2022
@code423n4
TomFrenchBlockchain issue #1
1d4f521
@deluca-mike deluca-mike added the sponsor confirmed Sponsor agrees this is a problem and intends to fix it (OK to use w/ "disagree with severity") label Jan 5, 2022
@deluca-mike
Copy link
Collaborator

For some cases 0 -> 1 -> 0 is cheaper, but after some testing, its overall cheaper to use 1 -> 2 -> 1 (specifically in the batch functions).

This was referenced Jan 9, 2022
Closed
Closed
Closed
Closed
Closed
Closed
@deluca-mike
Copy link
Collaborator

deluca-mike commented Jan 13, 2022
edited
Loading

See changes from PR and release candidate result.

@deluca-mike deluca-mike added the resolved Finding has been patched by sponsor (sponsor pls link to PR containing fix) label Jan 14, 2022
@Ivshti
Copy link
Member

Ivshti commented Jan 16, 2022

it's resolved now, valid finding

@Ivshti Ivshti closed this as completed Jan 16, 2022
@CloudEllie CloudEllie reopened this Jan 22, 2022
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Assignees
No one assigned
Labels
bug Something isn't working G (Gas Optimization) resolved Finding has been patched by sponsor (sponsor pls link to PR containing fix) sponsor confirmed Sponsor agrees this is a problem and intends to fix it (OK to use w/ "disagree with severity")
Projects
None yet
Milestone
No milestone
Development

No branches or pull requests
4 participants
@Ivshti @deluca-mike @code423n4 @CloudEllie