Core Contracts
Regnum Aurum Acquisition Corp
HardhatReal World AssetsNFT
77,280 USDC
View results
Previous Next
Submission Details
Severity: low
Invalid

Lack of names imports increases gas cost due to increased byte code size

vicjuma945

Summary

Relying on full imports is not recommended. This import method introduces unnecessary dependencies, which may increase bytecode size and lead to gas inefficiencies. Full imports can also introduce extended attack vectors by including functions that may not be necessary for the contract. In addition to expanding the attack surface, they can also pollute the namespace, potentially causing unexpected behavior.

Vulnerability Details

Upon reviewing the contracts, the following full imports were identified:

import "@openzeppelin/contracts/token/ERC20/ERC20.sol";
import "@openzeppelin/contracts/access/Ownable.sol";

Impact

  • Increased gas costs due to unnecessary dependencies.

  • Expanded attack surface, increasing potential security risks.

Recommendations

Use named imports to include only the necessary components:

import { ERC20 } from "@openzeppelin/contracts/token/ERC20/ERC20.sol";
import { Ownable } from "@openzeppelin/contracts/access/Ownable.sol";

This approach enhances security, reduces bytecode size, and optimizes gas costs.

Updates

Lead Judging Commences

inallhonesty Lead Judge 7 months ago
Submission Judgement Published
Invalidated
Reason: Non-acceptable severity

Support

FAQs

Can't find an answer? Chat with us on Discord, Twitter or Linkedin.

Give us feedback!