Summary

This audit focuses on the _sortIndexesDescending function in the FundFlowController contract, which uses the Bubble Sort algorithm to sort an array. The implementation lacks a swapped flag, an essential feature that allows the algorithm to terminate early when the array is already sorted. This results in excessive and unnecessary gas consumption.

Vulnerability Details

Missing Swapped Flag Leading to Unnecessary Gas Consumption:

• The Bubble Sort implementation does not include a swapped flag, which would detect if no swaps occurred in a pass through the array. Without this flag, the algorithm continues iterating even when the array is sorted, causing unnecessary gas consumption due to redundant operations, particularly for already sorted or nearly sorted arrays.

Impact

• Increased Gas Costs: The absence of a swapped flag leads to wasteful iterations, significantly increasing gas costs for sorting operations.

• Decreased Performance: For arrays that are already sorted, the algorithm runs its full course without an early exit, making the contract inefficient in terms of gas consumption and execution time.

Tools Used

Recommendations

Implement a Swapped Flag for Early Termination:

• Introduce a swapped flag to detect when the array is already sorted and stop further iterations. This will reduce unnecessary operations and lower gas costs.

  bool swapped;

  for (uint256 i = 0; i < n - 1; ++i) {

  swapped = false;

  for (uint256 j = 0; j < n - i - 1; ++j) {

  if (_values[j] < _values[j + 1]) {

  (_values[j], _values[j + 1]) = (_values[j + 1], _values[j]);

  (indexes[j], indexes[j + 1]) = (indexes[j + 1], indexes[j]);

  swapped = true;

  }

  }

  if (!swapped) break;

  }