Trick or Treat
First Flight #27
Beginner FriendlyFoundry
100 EXP
View results
Previous Next
Submission Details
Severity: medium
Invalid

High Deployment Gas Cost for Treat Initialization

bryanconquer

Summary

The current contract design initializes treats in the constructor by requiring an array of Treat structs as input. This approach leads to high gas costs during deployment, especially when adding a large number of treats (e.g., 100+). Initializing treats within the constructor also risks exceeding the block gas limit, making deployment expensive or potentially impossible on certain networks.

Vulnerability Details

The constructor currently initializes treats using a loop to add each treat from an array input.

  1. High Gas Costs: Storing multiple Treat structs in a single transaction directly increases gas usage, making deployment costly.

Impact

Increased Deployment Costs: Deploying with a large number of treats can be prohibitively expensive due to the high gas costs.

Tools Used

manual review

Recommendations

Refactor the treat initialization by removing the treat array parameter from the constructor and using a batch addition function that allows treats to be added after deployment:

function batchAddTreats(Treat[] memory _treats) public onlyOwner { for (uint256 i = 0; i < _treats.length; i++) { addTreat(_treats[i].name, _treats[i].cost, _treats[i].metadataURI); } }

This approach will:

  • Reduce Deployment Gas Costs: By deploying the contract with an empty treat list, deployment becomes lighter and more gas-efficient.

Updates

Appeal created

bube Lead Judge 10 months ago
Submission Judgement Published
Invalidated
Reason: Non-acceptable severity

Support

FAQs

Can't find an answer? Chat with us on Discord, Twitter or Linkedin.