Flow

Sablier

FoundryDeFi

20,000 USDC

View results

Previous Next

Submission Details

Severity: medium

Invalid

Function Visibility

hackz

Summary

The transferAdmin function in the Adminable contract is marked as public but can be declared as external, which is more gas-efficient.

Finding Description

In the Adminable contract, the transferAdmin function is currently defined with public visibility. This allows the function to be called both internally (from within the contract) and externally (from other contracts or users). However, since this function is not intended to be called from within the contract itself, it should be declared as external.

Using public instead of external can result in unnecessary gas costs for users, as Solidity uses different mechanisms for calling functions based on their visibility. When a function is marked as external, it can only be called from outside the contract, leading to slightly lower gas usage because of the optimizations the Solidity compiler applies for external function calls.

Security Guarantees Broken

While this issue does not directly break any security guarantees, it can lead to higher gas costs for users. In a smart contract environment, where gas prices can fluctuate, this might discourage users from interacting with the contract.

Vulnerability Details

Current Function Declaration:
function transferAdmin(address newAdmin) public virtual override onlyAdmin {
Proposed Change: Change the visibility from public to external.

Impact

This issue is classified as low severity since it does not affect the contract's functionality or security but can lead to increased costs for users. Efficient gas usage is important in smart contracts to enhance user experience and optimize interaction costs.

Proof of Concept

Here is the existing function declaration that can be improved:

function transferAdmin(address newAdmin) public virtual override onlyAdmin {

// Implementation...

}

By changing the visibility to external, it would look like this:

function transferAdmin(address newAdmin) external virtual override onlyAdmin {

// Implementation...

}

Recommendations

To fix this issue, modify the visibility of the transferAdmin function from public to external. This change will optimize gas costs without altering the intended functionality of the contract.

Updated Code Snippet

/// @inheritdoc IAdminable

function transferAdmin(address newAdmin) external virtual override onlyAdmin {

// Effect: update the admin.

admin = newAdmin;

// Log the transfer of the admin.

emit IAdminable.TransferAdmin({ oldAdmin: msg.sender, newAdmin: newAdmin });

}

File Location

Adminable.sol

Updates

Lead Judging Commences

inallhonesty Lead Judge 11 months ago

Submission Judgement Published

Invalidated

Reason: Non-acceptable severity

Prize pool breakdown

Total prize

20,000 USDC

nSLOC

699

29 USDC / LOC

High Medium

19,000 USDC

Low

1,000 USDC

Live

The contest is live. Earn rewards by submitting a finding.

Judging

Submissions are being carefully reviewed by our judges.

View all submissions

Appeals

This is your time to appeal against judgements on your submissions.

Appeals Review

Appeals are being carefully reviewed by our judges.

Rewards Distribution

The contest is complete and the rewards are being distributed.

View results

Support

FAQs

Can't find an answer? Chat with us on Discord, Twitter or Linkedin.