Submission Details
Severity:
Time holding variables size can be reduced to uint64. Mentioned as TODO but not implemented.
In TODO Comment states to use tight packing but time is not truncated so truncate time to uint64 to prevent stack too deep as comment states. 3 storage slots will be saved. uint64 is more than enough to hold any realistic time.
/// @notice Collection of market-related parameters.
/// @dev Prevents stack-too-deep.
/// TODO: use 256-bit tight-packing here //@audit So truncated to be tightly packed
struct SwanMarketParameters {
/// @notice The interval at which the buyerAgent can withdraw the funds.
uint256 withdrawInterval;
/// @notice The interval at which the creators can mint assets.
uint256 sellInterval;
/// @notice The interval at which the buyers can buy the assets.
uint256 buyInterval;
/// @notice A fee percentage taken from each listing's buyer fee.
uint256 platformFee;
/// @notice The maximum number of assets that can be listed per round.
uint256 maxAssetCount;
/// @notice Timestamp of the block that this market parameter was added.
/// @dev Even if this is provided by the user, it will get overwritten by the internal `block.timestamp`.
uint256 timestamp;
}
https://github.com/Cyfrin/2024-10-swan-dria/blob/main/contracts/swan/SwanManager.sol#L14C1-L28C2
Although here there is not gas saving rewards but here comment explicilty states as TODO to prevent stack-too-deep. So this mistake can be considered at least low.
Recommendation
struct SwanMarketParameters {
/// @notice The interval at which the buyerAgent can withdraw the funds.
- uint256 withdrawInterval;
+ uint64 withdrawInterval;
/// @notice The interval at which the creators can mint assets.
- uint256 sellInterval;
+ uint64 sellInterval;
/// @notice The interval at which the buyers can buy the assets.
- uint256 buyInterval;
+ uint64 buyInterval;
+ /// @notice Timestamp of the block that this market parameter was added.
+ /// @dev Even if this is provided by the user, it will get overwritten by the internal `block.timestamp`.
+ uint64 timestamp;
/// @notice A fee percentage taken from each listing's buyer fee.
uint256 platformFee;
/// @notice The maximum number of assets that can be listed per round.
uint256 maxAssetCount;
- /// @notice Timestamp of the block that this market parameter was added.
- /// @dev Even if this is provided by the user, it will get overwritten by the internal `block.timestamp`.
- uint256 timestamp;
}
Prize pool breakdown
Total prize
21,000 USDC
nSLOC
1,03420 USDC / LOC
20,000 USDC
1,000 USDC
Live
The contest is live. Earn rewards by submitting a finding.
Appeals
This is your time to appeal against judgements on your submissions.
Appeals Review
Appeals are being carefully reviewed by our judges.