Large Literal Values Can Be Replaced with Scientific Notation
Summary
The constant uint256 BPS = 10_000;in KeeperProxy contract, uint256 public constant BASIS_POINTS_DIVISOR = 10_000 in GmxProxy contract and uint256 constant BPS = 10_000, uint256 public constant BASIS_POINTS_DIVISOR = 10_000 and callbackGasLimit = 2_000_000 in PerpetualVault contract
are declared using a large literal value which can be represented more concisely using scientific notation to enhance readability and reduce potential formatting errors.
Vulnerability Details
Large numeric literals formatted with underscores can sometimes be misread or mistyped. Using scientific notation (e.g., 1e4) improves clarity and ensures consistency.
Impact
Improves readability and maintainability of the code.
Reduces potential errors from misreading large numeric literals.
Tools Used
Manual code review
Recommendations
Replace 10_000 with 1e4and 2_000_000 with 2e6
Lead Judging Commences
Informational or Gas
Please read the CodeHawks documentation to know which submissions are valid. If you disagree, provide a coded PoC and explain the real likelihood and the detailed impact on the mainnet without any supposition (if, it could, etc) to prove your point.
Prize pool breakdown
Live
The contest is live. Earn rewards by submitting a finding.
Appeals
This is your time to appeal against judgements on your submissions.
Appeals Review
Appeals are being carefully reviewed by our judges.