Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Gas Optimizations #118

Open
code423n4 opened this issue Aug 5, 2022 · 0 comments
Open

Gas Optimizations #118

code423n4 opened this issue Aug 5, 2022 · 0 comments
Labels

Comments

@code423n4
Copy link
Contributor

c4udit Report

Files analyzed

  • 2022-08-rigor/contracts/Community.sol
  • 2022-08-rigor/contracts/DebtToken.sol
  • 2022-08-rigor/contracts/Disputes.sol
  • 2022-08-rigor/contracts/HomeFi.sol
  • 2022-08-rigor/contracts/HomeFiProxy.sol
  • 2022-08-rigor/contracts/Project.sol
  • 2022-08-rigor/contracts/ProjectFactory.sol
  • 2022-08-rigor/contracts/interfaces/ICommunity.sol
  • 2022-08-rigor/contracts/interfaces/IDebtToken.sol
  • 2022-08-rigor/contracts/interfaces/IDisputes.sol
  • 2022-08-rigor/contracts/interfaces/IHomeFi.sol
  • 2022-08-rigor/contracts/interfaces/IProject.sol
  • 2022-08-rigor/contracts/interfaces/IProjectFactory.sol
  • 2022-08-rigor/contracts/libraries/SignatureDecoder.sol
  • 2022-08-rigor/contracts/libraries/Tasks.sol
  • 2022-08-rigor/contracts/mock/CommunityV2Mock.sol
  • 2022-08-rigor/contracts/mock/DebtTokenV2Mock.sol
  • 2022-08-rigor/contracts/mock/DisputesV2Mock.sol
  • 2022-08-rigor/contracts/mock/HomeFiMock.sol
  • 2022-08-rigor/contracts/mock/HomeFiV2Mock.sol
  • 2022-08-rigor/contracts/mock/HomeFiV3Mock.sol
  • 2022-08-rigor/contracts/mock/MockMinimalForwarder.sol
  • 2022-08-rigor/contracts/mock/ProjectV2Mock.sol
  • 2022-08-rigor/contracts/mock/SignatureDecoderMockTest.sol
  • 2022-08-rigor/contracts/mock/USDC.sol

Issues found

Don't Initialize Variables with Default Value

Impact

Issue Information: G001

Findings:

2022-08-rigor/contracts/Community.sol::624 => for (uint256 i = 0; i < _communities[_communityID].memberCount; i++) {
2022-08-rigor/contracts/HomeFiProxy.sol::87 => for (uint256 i = 0; i < _length; i++) {
2022-08-rigor/contracts/HomeFiProxy.sol::136 => for (uint256 i = 0; i < _length; i++) {
2022-08-rigor/contracts/Project.sol::248 => for (uint256 i = 0; i < _length; i++) {
2022-08-rigor/contracts/Project.sol::311 => for (uint256 i = 0; i < _length; i++) {
2022-08-rigor/contracts/Project.sol::322 => for (uint256 i = 0; i < _length; i++) {
2022-08-rigor/contracts/libraries/Tasks.sol::181 => for (uint256 i = 0; i < _length; i++) _alerts[i] = _self.alerts[i];

Tools used

c4udit

Cache Array Length Outside of Loop

Impact

Issue Information: G002

Findings:

2022-08-rigor/contracts/Community.sol::618 => // Initiate empty equal equal to member count length
2022-08-rigor/contracts/HomeFiProxy.sol::78 => uint256 _length = allContractNames.length;
2022-08-rigor/contracts/HomeFiProxy.sol::80 => // Revert if _implementations length is wrong. Indicating wrong set of _implementations.
2022-08-rigor/contracts/HomeFiProxy.sol::81 => require(_length == _implementations.length, "Proxy::Lengths !match");
2022-08-rigor/contracts/HomeFiProxy.sol::87 => for (uint256 i = 0; i < _length; i++) {
2022-08-rigor/contracts/HomeFiProxy.sol::130 => uint256 _length = _contractNames.length;
2022-08-rigor/contracts/HomeFiProxy.sol::132 => // Revert if _contractNames and _contractAddresses length mismatch
2022-08-rigor/contracts/HomeFiProxy.sol::133 => require(_length == _contractAddresses.length, "Proxy::Lengths !match");
2022-08-rigor/contracts/HomeFiProxy.sol::136 => for (uint256 i = 0; i < _length; i++) {
2022-08-rigor/contracts/Project.sol::243 => // Revert if IPFS hash array length is not equal to task cost array length.
2022-08-rigor/contracts/Project.sol::244 => uint256 _length = _hash.length;
2022-08-rigor/contracts/Project.sol::245 => require(_length == _taskCosts.length, "Project::Lengths !match");
2022-08-rigor/contracts/Project.sol::248 => for (uint256 i = 0; i < _length; i++) {
2022-08-rigor/contracts/Project.sol::306 => // Revert if taskList array length not equal to scList array length.
2022-08-rigor/contracts/Project.sol::307 => uint256 _length = _taskList.length;
2022-08-rigor/contracts/Project.sol::308 => require(_length == _scList.length, "Project::Lengths !match");
2022-08-rigor/contracts/Project.sol::311 => for (uint256 i = 0; i < _length; i++) {
2022-08-rigor/contracts/Project.sol::321 => uint256 _length = _taskList.length;
2022-08-rigor/contracts/Project.sol::322 => for (uint256 i = 0; i < _length; i++) {
2022-08-rigor/contracts/Project.sol::367 => uint256 _length = taskCount;
2022-08-rigor/contracts/Project.sol::368 => for (uint256 _taskID = 1; _taskID <= _length; _taskID++) {
2022-08-rigor/contracts/Project.sol::592 => taskCount - j + _changeOrderedTask.length - i
2022-08-rigor/contracts/Project.sol::601 => if (_changeOrderedTask.length > 0) {
2022-08-rigor/contracts/Project.sol::602 => // Loop from lastAllocatedChangeOrderTask to _changeOrderedTask length (until _maxLoop)
2022-08-rigor/contracts/Project.sol::603 => for (; i < _changeOrderedTask.length; i++) {
2022-08-rigor/contracts/Project.sol::635 => if (i == _changeOrderedTask.length) {
2022-08-rigor/contracts/Project.sol::707 => uint256 _length = taskCount;
2022-08-rigor/contracts/Project.sol::710 => for (uint256 _taskID = 1; _taskID <= _length; _taskID++) {
2022-08-rigor/contracts/libraries/SignatureDecoder.sol::25 => if (messageSignatures.length % 65 != 0) {
2022-08-rigor/contracts/libraries/Tasks.sol::180 => uint256 _length = _alerts.length;
2022-08-rigor/contracts/libraries/Tasks.sol::181 => for (uint256 i = 0; i < _length; i++) _alerts[i] = _self.alerts[i];

Tools used

c4udit

Use != 0 instead of > 0 for Unsigned Integer Comparison

Impact

Issue Information: G003

Findings:

2022-08-rigor/contracts/Community.sol::261 => if (projectPublished[_project] > 0) {
2022-08-rigor/contracts/Community.sol::425 => // First claim interest if principal lent > 0
2022-08-rigor/contracts/Community.sol::427 => _communities[_communityID].projectDetails[_project].lentAmount > 0
2022-08-rigor/contracts/Community.sol::764 => require(_repayAmount > 0, "Community::!repay");
2022-08-rigor/contracts/Community.sol::840 => if (_interestEarned > 0) {
2022-08-rigor/contracts/Disputes.sol::107 => _actionType > 0 && _actionType <= uint8(ActionType.TaskPay),
2022-08-rigor/contracts/HomeFi.sol::245 => return projectTokenId[_project] > 0;
2022-08-rigor/contracts/Project.sol::195 => require(_cost > 0, "Project::!value>0");
2022-08-rigor/contracts/Project.sol::380 => if (_leftOutTokens > 0) {
2022-08-rigor/contracts/Project.sol::601 => if (_changeOrderedTask.length > 0) {
2022-08-rigor/contracts/Project.sol::691 => if (_loopCount > 0) emit TaskAllocated(_tasksAllocated);
2022-08-rigor/contracts/mock/HomeFiMock.sol::171 => return projectTokenId[_project] > 0;

Tools used

c4udit

Use immutable for OpenZeppelin AccessControl's Roles Declarations

Impact

Issue Information: G006

Findings:

2022-08-rigor/contracts/Community.sol::175 => bytes32 _hash = keccak256(_data);
2022-08-rigor/contracts/Community.sol::213 => bytes32 _hash = keccak256(_data);
2022-08-rigor/contracts/Community.sol::530 => bytes32 _hash = keccak256(_data);
2022-08-rigor/contracts/Disputes.sol::91 => keccak256(_data),
2022-08-rigor/contracts/Project.sol::499 => keccak256(_data),
2022-08-rigor/contracts/Project.sol::795 => bytes32 _hash = keccak256(_data);
2022-08-rigor/contracts/Project.sol::836 => bytes32 _hash = keccak256(_data);
2022-08-rigor/contracts/libraries/SignatureDecoder.sol::14 => * @param messageHash bytes32 - keccak256 hash of message
2022-08-rigor/contracts/libraries/SignatureDecoder.sol::49 => keccak256(

Tools used

c4udit

Long Revert Strings

Impact

Issue Information: G007

Findings:

2022-08-rigor/contracts/Community.sol::8 => import {PausableUpgradeable} from "@openzeppelin/contracts-upgradeable/security/PausableUpgradeable.sol";
2022-08-rigor/contracts/Community.sol::9 => import {ReentrancyGuardUpgradeable} from "@openzeppelin/contracts-upgradeable/security/ReentrancyGuardUpgradeable.sol";
2022-08-rigor/contracts/Community.sol::10 => import {ContextUpgradeable, ERC2771ContextUpgradeable} from "@openzeppelin/contracts-upgradeable/metatx/ERC2771ContextUpgradeable.sol";
2022-08-rigor/contracts/Community.sol::11 => import {SafeERC20Upgradeable} from "@openzeppelin/contracts-upgradeable/token/ERC20/utils/SafeERC20Upgradeable.sol";
2022-08-rigor/contracts/DebtToken.sol::6 => import {ERC20Upgradeable} from "@openzeppelin/contracts-upgradeable/token/ERC20/ERC20Upgradeable.sol";
2022-08-rigor/contracts/Disputes.sol::8 => import {ReentrancyGuardUpgradeable} from "@openzeppelin/contracts-upgradeable/security/ReentrancyGuardUpgradeable.sol";
2022-08-rigor/contracts/Disputes.sol::9 => import {ContextUpgradeable, ERC2771ContextUpgradeable} from "@openzeppelin/contracts-upgradeable/metatx/ERC2771ContextUpgradeable.sol";
2022-08-rigor/contracts/HomeFi.sol::7 => import {ReentrancyGuardUpgradeable} from "@openzeppelin/contracts-upgradeable/security/ReentrancyGuardUpgradeable.sol";
2022-08-rigor/contracts/HomeFi.sol::8 => import {ERC721URIStorageUpgradeable} from "@openzeppelin/contracts-upgradeable/token/ERC721/extensions/ERC721URIStorageUpgradeable.sol";
2022-08-rigor/contracts/HomeFi.sol::9 => import {ContextUpgradeable, ERC2771ContextUpgradeable} from "@openzeppelin/contracts-upgradeable/metatx/ERC2771ContextUpgradeable.sol";
2022-08-rigor/contracts/HomeFiProxy.sol::5 => import {TransparentUpgradeableProxy} from "@openzeppelin/contracts/proxy/transparent/TransparentUpgradeableProxy.sol";
2022-08-rigor/contracts/HomeFiProxy.sol::6 => import {ProxyAdmin} from "@openzeppelin/contracts/proxy/transparent/ProxyAdmin.sol";
2022-08-rigor/contracts/HomeFiProxy.sol::7 => import {OwnableUpgradeable} from "@openzeppelin/contracts-upgradeable/access/OwnableUpgradeable.sol";
2022-08-rigor/contracts/Project.sol::9 => import {ReentrancyGuardUpgradeable} from "@openzeppelin/contracts-upgradeable/security/ReentrancyGuardUpgradeable.sol";
2022-08-rigor/contracts/Project.sol::10 => import {ERC2771ContextUpgradeable} from "@openzeppelin/contracts-upgradeable/metatx/ERC2771ContextUpgradeable.sol";
2022-08-rigor/contracts/Project.sol::11 => import {SafeERC20Upgradeable} from "@openzeppelin/contracts-upgradeable/token/ERC20/utils/SafeERC20Upgradeable.sol";
2022-08-rigor/contracts/ProjectFactory.sol::8 => import {ClonesUpgradeable} from "@openzeppelin/contracts-upgradeable/proxy/ClonesUpgradeable.sol";
2022-08-rigor/contracts/ProjectFactory.sol::9 => import {Initializable, ERC2771ContextUpgradeable} from "@openzeppelin/contracts-upgradeable/metatx/ERC2771ContextUpgradeable.sol";
2022-08-rigor/contracts/interfaces/IDebtToken.sol::5 => import {IERC20Upgradeable} from "@openzeppelin/contracts-upgradeable/token/ERC20/IERC20Upgradeable.sol";
2022-08-rigor/contracts/interfaces/IDisputes.sol::81 => *   - const types = ["address", "uint256", "uint8", "bytes", "bytes"]
2022-08-rigor/contracts/mock/HomeFiMock.sol::6 => import {IProjectFactory} from "../interfaces/IProjectFactory.sol";
2022-08-rigor/contracts/mock/HomeFiMock.sol::7 => import {ReentrancyGuardUpgradeable} from "@openzeppelin/contracts-upgradeable/security/ReentrancyGuardUpgradeable.sol";
2022-08-rigor/contracts/mock/HomeFiMock.sol::8 => import {ERC721URIStorageUpgradeable} from "@openzeppelin/contracts-upgradeable/token/ERC721/extensions/ERC721URIStorageUpgradeable.sol";
2022-08-rigor/contracts/mock/HomeFiMock.sol::9 => import {ContextUpgradeable, ERC2771ContextUpgradeable} from "@openzeppelin/contracts-upgradeable/metatx/ERC2771ContextUpgradeable.sol";
2022-08-rigor/contracts/mock/MockMinimalForwarder.sol::5 => import "@openzeppelin/contracts/metatx/MinimalForwarder.sol";
2022-08-rigor/contracts/mock/SignatureDecoderMockTest.sol::5 => import "../libraries/SignatureDecoder.sol";
2022-08-rigor/contracts/mock/USDC.sol::3 => import "@openzeppelin/contracts/token/ERC20/presets/ERC20PresetMinterPauser.sol";
2022-08-rigor/contracts/mock/USDC.sol::4 => import "@openzeppelin/contracts/token/ERC20/extensions/draft-ERC20Permit.sol";

Tools used

c4udit

Use Shift Right/Left instead of Division/Multiplication if possible

Impact

Issue Information: G008

Findings:

2022-08-rigor/contracts/Community.sol::686 => _communityProject.lastTimestamp) / 86400; // 24*60*60

Tools used

c4udit

@code423n4 code423n4 added bug Something isn't working G (Gas Optimization) labels Aug 5, 2022
code423n4 added a commit that referenced this issue Aug 5, 2022
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Labels
Projects
None yet
Development

No branches or pull requests

2 participants