Vanguard

First Flight #56

Beginner FriendlyDeFiFoundry

0 EXP

View all submissions

Previous Next

Submission Details

Impact: medium

Likelihood: medium

Unused State Variables Waste Gas and Imply Non-Existent Functionality

Author Revealed upon completion

Description

Several state variables are declared and initialized but never updated or used:
- totalPenaltyFeesCollected - Always remains 0
- addressTotalSwaps - Mapping is never written to
- addressPenaltyCount - Mapping is never written to

// These are declared but never used

uint256 public totalPenaltyFeesCollected; // @> Never updated, always 0

mapping(address => uint256) public addressTotalSwaps; // @> Never written

mapping(address => uint256) public addressPenaltyCount; // @> Never written

Risk

Likelihood:

These unused variables exist in every deployment

Impact:

Extra gas cost for storage slot initialization (cold storage access)
Misleading public interface - external parties may expect these to contain data
Code suggests penalty tracking exists when it doesn't
Potential confusion in audits and integrations

Proof of Concept

Execute 5 penalty-triggering swaps - all tracking variables remain 0.

function test_UnusedStateVariables() public {

// totalPenaltyFeesCollected is always 0

assertEq(antiBotHook.totalPenaltyFeesCollected(), 0, "Always 0");

// Do some swaps that trigger penalties

vm.deal(bot1, 10 ether);

vm.startPrank(bot1);

SwapParams memory params = SwapParams({

zeroForOne: true,

amountSpecified: -int256(0.001 ether),

sqrtPriceLimitX96: TickMath.MIN_SQRT_PRICE + 1

});

PoolSwapTest.TestSettings memory testSettings =

PoolSwapTest.TestSettings({takeClaims: false, settleUsingBurn: false});

// Multiple rapid swaps should trigger penalties

for (uint i = 0; i < 5; i++) {

swapRouter.swap{value: 0.001 ether}(key, params, testSettings, ZERO_BYTES);

}

vm.stopPrank();

// Still 0 - never updated

assertEq(antiBotHook.totalPenaltyFeesCollected(), 0, "Still 0 after penalties");

assertEq(antiBotHook.addressTotalSwaps(address(swapRouter)), 0, "Never tracked");

assertEq(antiBotHook.addressPenaltyCount(address(swapRouter)), 0, "Never tracked");

}

Recommended Mitigation

Remove unused variables or implement actual tracking.

Option 1: Remove unused variables

- uint256 public totalPenaltyFeesCollected;

- mapping(address => uint256) public addressTotalSwaps;

- mapping(address => uint256) public addressPenaltyCount;

Option 2: Implement the tracking (if intended)

function _beforeSwap(...) internal override returns (...) {

// ... existing logic ...

+ addressTotalSwaps[sender] += 1;

if (applyPenalty) {

feeOverride = uint24((phasePenaltyBps * 100));

+ addressPenaltyCount[sender] += 1;

+ // Note: tracking actual fee amount collected would require afterSwap hook

}

// ...

}

Rewards breakdown

nSLOC

273

This contest has a flat reward structure with the following payouts:

Live

The contest is live. Earn rewards by submitting a finding.

Judging

Submissions are being carefully reviewed by our judges.

View all submissions

Appeals

This is your time to appeal against judgements on your submissions.

Appeals Review

Appeals are being carefully reviewed by our judges.

Rewards Distribution

The contest is complete and the rewards are being distributed.

Support

FAQs

Can't find an answer? Chat with us on Discord, Twitter or Linkedin.

Give us feedback!