Pieces Protocol
First Flight #32
Beginner FriendlyFoundrySolidityNFT
100 EXP
View results
Previous Next
Submission Details
Severity: medium
Invalid

Use of memory Instead of storage for ERC20Info in transferErcTokens()

teoslaf

Summary

The function uses memory for the ERC20Info struct (tokenInfo), but this struct should be accessed via storage instead of memory. This leads to unnecessary gas costs and potential issues with data consistency.

Vulnerability Details

ERC20Info memory tokenInfo = nftToErc20Info[nftAddress];

ERC20Info is loaded into memory instead of being accessed directly from storage. This may lead to unnecessary gas costs because copying data into memory incurs additional expenses. Moreover, memory data will not reflect any changes made to the nftToErc20Info mapping after the function execution, which can cause issues if there are modifications to this mapping during or after the function call.

Impact

  • Increased Gas Costs: Loading data into memory is more expensive than directly using storage, especially when dealing with mappings or structs.

  • Data Consistency: Modifying memory variables does not affect the original storage data. If the nftToErc20Info mapping is modified elsewhere in the contract, those changes would not be reflected in the tokenInfo variable in the function.

Tools Used

Manual code review..

Recommendations

Change the ERC20Info type to use storage instead of memory to directly reference the data from the nftToErc20Info mapping. This will save gas and ensure the function works with the most up-to-date data.

Updates

Lead Judging Commences

fishy Lead Judge 8 months ago
Submission Judgement Published
Invalidated
Reason: Non-acceptable severity

Support

FAQs

Can't find an answer? Chat with us on Discord, Twitter or Linkedin.