First Flight #20: The Predicter

First Flight #20

Beginner FriendlyFoundry

100 EXP

View results

Previous Next

Submission Details

Severity: low

Invalid

[L-2] The length member of the storage array `players` is being referenced instead of using cached array length in `ThePredicter::withdraw` function

nupur06

Summary: Many places in the code during comparison in the loop, the `players.length` variable is reference instead of using a local variable to cache the length of the array `players`.

Vulnerability Details: In the below code in the `ThePredicter::withdraw` function, the `players.length` is being used which will cost more gas. It is also used at other places like `ThePredicter::withdrawPredictionFees` function.

function withdraw() public {

if (!scoreBoard.isEligibleForReward(msg.sender)) {

revert ThePredicter__NotEligibleForWithdraw();

}

int8 score = scoreBoard.getPlayerScore(msg.sender);

int8 maxScore = -1;

int256 totalPositivePoints = 0;

for (uint256 i = 0; i < players.length; ++i) {

int8 cScore = scoreBoard.getPlayerScore(players[i]);

if (cScore > maxScore) maxScore = cScore;

if (cScore > 0) totalPositivePoints += cScore;

}

uint256 fees = address(this).balance - players.length * entranceFee;

Impact: This is costing more gas. As there is no modification in the length of array. Hence, a local variable could be used to make it more gas efficient.

Tools Used: Slither and VScode.

Recommendations: A local variable `length` is created and assigned to the `players.length`.

uint256 private _length = players.length;

function withdraw() public lock {

if (!scoreBoard.isEligibleForReward(msg.sender)) {

revert ThePredicter__NotEligibleForWithdraw();

}

int8 score = scoreBoard.getPlayerScore(msg.sender);

int8 maxScore = -1;

int256 totalPositivePoints = 0;

int8[] memory playerScores = new int8[](_length);

for (uint256 i = 0; i < _length; ++i) {

playerScores[i] = scoreBoard.getPlayerScore(players[i]);

}

for (uin t256 i = 0; i < _length; ++i) {

int8 cScore = playerScores[i];

if (cScore > maxScore) maxScore = cScore;

if (cScore > 0) totalPositivePoints += cScore;

}

Updates

Lead Judging Commences

NightHawK Lead Judge 12 months ago

Submission Judgement Published

Invalidated

Reason: Non-acceptable severity

Rewards breakdown

nSLOC

191

This contest has a flat reward structure with the following payouts:

High

100 EXP

Medium

20 EXP

Low

2 EXP

Live

The contest is live. Earn rewards by submitting a finding.

Judging

Submissions are being carefully reviewed by our judges.

View all submissions

Appeals

This is your time to appeal against judgements on your submissions.

Appeals Review

Appeals are being carefully reviewed by our judges.

Rewards Distribution

The contest is complete and the rewards are being distributed.