Submission Details
Impact:
Likelihood:
Gas inefficiencies (loop caching, repeated balance calls)
Minor gas inefficiencies: loops and repeated external calls.
Description
Repeatedly reading usersAddress.length or calling IERC20(asset()).balanceOf(address(this)) multiple times is marginally wasteful.
// Root cause in the codebase with @> marks to highlight the relevant section
Risk
Likelihood:
-
Reason 1 // Describe WHEN this will occur (avoid using "if" statements)
-
Reason 2
Impact:
Higher gas costs (not security-critical) — scales poorly at high user counts.
Proof of Concept
No exploit — suggestion only.
Recommended Mitigation
Cache uint256 len = usersAddress.length; in loops.
• Cache uint256 vaultBal = IERC20(asset()).balanceOf(address(this)); once per function where used multiple times.
- for (uint256 i = 0; i < usersAddress.length; ++i) {
+ uint256 len = usersAddress.length;
+ for (uint256 i = 0; i < len; ++i) {
address user = usersAddress[i];
totalWinnerShares += userSharesToCountry[user][winnerCountryId];
}
Updates
Appeal created
bube 19 days ago
Submission Judgement Published Reason: Non-acceptable severity
Assigned finding tags:
Gas optimizations
Gas optimizations are invalid according to the CodeHawks documentation.
Rewards breakdown
nSLOC
193This contest has a flat reward structure with the following payouts:
100 EXP
20 EXP
2 EXP
Live
The contest is live. Earn rewards by submitting a finding.
Appeals
This is your time to appeal against judgements on your submissions.
Appeals Review
Appeals are being carefully reviewed by our judges.