Core Contracts

Regnum Aurum Acquisition Corp
HardhatReal World AssetsNFT
77,280 USDC
View results
Submission Details
Severity: low
Invalid

Unnecessary Transaction Execution in updateAllocation Function

Summary

In the SabilityPool.sol the updateAllocation function allows the contract owner to update a manager’s allocation. However, if the new allocation entered is the same as the existing allocation, the function still executes and emits an event, even though no actual state change occurs. This results in unnecessary gas consumption, reducing contract efficiency.

Vulnerability Details

Affected Function:

function updateAllocation(address manager, uint256 newAllocation)
external
onlyOwner
validAmount(newAllocation)
{
if (!managers[manager]) revert ManagerNotFound();
totalAllocation = totalAllocation - managerAllocation[manager] + newAllocation;
managerAllocation[manager] = newAllocation;
emit AllocationUpdated(manager, newAllocation);
}

Steps to Reproduce:

  1. Deploy the contract and assign an allocation to a manager (e.g., managerAllocation[0x1234] = 100).

  2. Call updateAllocation(0x1234, 100); (same allocation value as before).

  3. The transaction is processed, gas is consumed, and the event AllocationUpdated is emitted despite no actual change.

Expected Behavior:

  • If the new allocation matches the existing allocation, the function should exit early without modifying state or emitting an event.

Actual Behavior:

  • The function executes fully, performing redundant calculations and emitting an event, leading to unnecessary gas usage.

Impact

  • Saves Gas: Reduces gas costs by preventing unnecessary transactions.

  • Enhances Efficiency: Avoids redundant state updates and event emissions.

  • Improves UX: Prevents users from unknowingly wasting gas on meaningless updates.

Tools Used

Manuel Review

Recommendations

Add a check at the start of the function to prevent redundant updates:

if (managerAllocation[manager] == newAllocation) return; // Avoid unnecessary transaction

Fixed Function:

function updateAllocation(address manager, uint256 newAllocation)
external
onlyOwner
validAmount(newAllocation)
{
if (!managers[manager]) revert ManagerNotFound();
if (managerAllocation[manager] == newAllocation) return; // Prevent unnecessary updates
totalAllocation = totalAllocation - managerAllocation[manager] + newAllocation;
managerAllocation[manager] = newAllocation;
emit AllocationUpdated(manager, newAllocation);
}
Updates

Lead Judging Commences

inallhonesty Lead Judge about 1 month ago
Submission Judgement Published
Invalidated
Reason: Non-acceptable severity
inallhonesty Lead Judge about 1 month ago
Submission Judgement Published
Invalidated
Reason: Non-acceptable severity

Support

FAQs

Can't find an answer? Chat with us on Discord, Twitter or Linkedin.