Code Improvement Report - GmxProxy.sol
Summary
In GmxProxy.sol, the condition require(msg.sender == perpVault, "invalid caller"); is used multiple times. Instead of repeating this line of code, a modifier can be introduced to enhance code reusability, readability, and maintainability.
Vulnerability Details
The repeated use of require(msg.sender == perpVault, "invalid caller"); across multiple functions violates the DRY (Don't Repeat Yourself) principle, making the contract harder to maintain and increasing the likelihood of inconsistencies.
Impact
Code Maintainability: Any change to this validation must be manually updated across multiple occurrences, increasing the chance of errors.
Readability: The contract becomes less readable due to redundant checks.
Gas Optimization: Consolidating repeated code into a modifier can slightly optimize gas usage by reducing redundant bytecode.
Tools Used
Manual Code Review
Solidity Static Analysis Tools
Recommendations
Solution: Implementing a Modifier
To address this issue, a modifier should be created to enforce this condition consistently across all relevant functions.
Suggested Code Refactor
Applying the Modifier
Instead of writing the require statement repeatedly, apply the onlyPerpVault modifier to functions that require this check:
Lead Judging Commences
Informational or Gas
Please read the CodeHawks documentation to know which submissions are valid. If you disagree, provide a coded PoC and explain the real likelihood and the detailed impact on the mainnet without any supposition (if, it could, etc) to prove your point.
Prize pool breakdown
Live
The contest is live. Earn rewards by submitting a finding.
Appeals
This is your time to appeal against judgements on your submissions.
Appeals Review
Appeals are being carefully reviewed by our judges.