Christmas Dinner

First Flight #31

Beginner FriendlyFoundrySolidity

100 EXP

View results

Previous Next

Submission Details

Severity: low

Invalid

Redundant Getter Function for Public State Variable

koinerdegen

Summary
The contract defines a public state variable `host` as `address public host;`, which automatically provides a getter function for accessing its value. However, a separate explicit getter function `getHost()` is also implemented, introducing unnecessary redundancy. This redundant getter is used in the `withdraw()` function, where directly accessing the state variable `host` would be more efficient and clear.

Vulnerability Details
The code includes the following redundant getter:

function getHost() public view returns (address _host) {

return host;

}

Since host is already declared as public, the Solidity compiler automatically generates a getter function with the same functionality. The explicit implementation of getHost() adds no value and introduces unnecessary complexity.

In the withdraw() function:

function withdraw() external onlyHost {

address _host = getHost(); // Uses redundant getter

i_WETH.safeTransfer(_host, i_WETH.balanceOf(address(this)));

i_WBTC.safeTransfer(_host, i_WBTC.balanceOf(address(this)));

i_USDC.safeTransfer(_host, i_USDC.balanceOf(address(this)));

}

The use of getHost() adds overhead and decreases readability. Instead, the variable host can be accessed directly:

address _host = host;

Impact

The explicit getter introduces:

Redundancy: Public state variables already have built-in getter functions, so implementing an additional one is unnecessary.
Code Complexity: Using the redundant getter in other functions (e.g., withdraw()) increases the complexity and makes the code less intuitive.
Gas Overhead: While minimal, calling an external getter adds slightly more gas cost than directly accessing the state variable.

Tools Used

Manual code review.
Solidity compiler analysis for behavior confirmation.

Recommendations

Remove the Redundant Getter: Eliminate the getHost() function since it duplicates the functionality provided by the public state variable.

// Remove this function
function getHost() public view returns (address _host) {
return host;
}
Directly Access the State Variable: In the withdraw() function and other parts of the code, replace getHost()with direct access to the host variable:

function withdraw() external onlyHost {
address _host = host; // Directly access the state variable
i_WETH.safeTransfer(_host, i_WETH.balanceOf(address(this)));
i_WBTC.safeTransfer(_host, i_WBTC.balanceOf(address(this)));
i_USDC.safeTransfer(_host, i_USDC.balanceOf(address(this)));
}

These changes will improve code clarity, reduce redundancy, and ensure better gas efficiency.

Updates

Lead Judging Commences

0xtimefliez Lead Judge 7 months ago

Submission Judgement Published

Invalidated

Reason: Non-acceptable severity

0xtimefliez Lead Judge 7 months ago

Submission Judgement Published

Invalidated

Reason: Non-acceptable severity

Rewards breakdown

nSLOC

129

This contest has a flat reward structure with the following payouts:

High

100 EXP

Medium

20 EXP

Low

2 EXP

Live

The contest is live. Earn rewards by submitting a finding.

Judging

Submissions are being carefully reviewed by our judges.

View all submissions

Appeals

This is your time to appeal against judgements on your submissions.

Appeals Review

Appeals are being carefully reviewed by our judges.

Rewards Distribution

The contest is complete and the rewards are being distributed.