Vanguard

First Flight #56

Beginner FriendlyDeFiFoundry

100 EXP

View results

Previous Next

Submission Details

Impact: medium

Likelihood: medium

Invalid

Unused State Variables Waste Gas and Imply Non-Existent Functionality

kudaliar

Description

Several state variables are declared and initialized but never updated or used:
- totalPenaltyFeesCollected - Always remains 0
- addressTotalSwaps - Mapping is never written to
- addressPenaltyCount - Mapping is never written to

// These are declared but never used

uint256 public totalPenaltyFeesCollected; // @> Never updated, always 0

mapping(address => uint256) public addressTotalSwaps; // @> Never written

mapping(address => uint256) public addressPenaltyCount; // @> Never written

Risk

Likelihood:

These unused variables exist in every deployment

Impact:

Extra gas cost for storage slot initialization (cold storage access)
Misleading public interface - external parties may expect these to contain data
Code suggests penalty tracking exists when it doesn't
Potential confusion in audits and integrations

Proof of Concept

Execute 5 penalty-triggering swaps - all tracking variables remain 0.

function test_UnusedStateVariables() public {

// totalPenaltyFeesCollected is always 0

assertEq(antiBotHook.totalPenaltyFeesCollected(), 0, "Always 0");

// Do some swaps that trigger penalties

vm.deal(bot1, 10 ether);

vm.startPrank(bot1);

SwapParams memory params = SwapParams({

zeroForOne: true,

amountSpecified: -int256(0.001 ether),

sqrtPriceLimitX96: TickMath.MIN_SQRT_PRICE + 1

});

PoolSwapTest.TestSettings memory testSettings =

PoolSwapTest.TestSettings({takeClaims: false, settleUsingBurn: false});

// Multiple rapid swaps should trigger penalties

for (uint i = 0; i < 5; i++) {

swapRouter.swap{value: 0.001 ether}(key, params, testSettings, ZERO_BYTES);

}

vm.stopPrank();

// Still 0 - never updated

assertEq(antiBotHook.totalPenaltyFeesCollected(), 0, "Still 0 after penalties");

assertEq(antiBotHook.addressTotalSwaps(address(swapRouter)), 0, "Never tracked");

assertEq(antiBotHook.addressPenaltyCount(address(swapRouter)), 0, "Never tracked");

}

Recommended Mitigation

Remove unused variables or implement actual tracking.

Option 1: Remove unused variables

- uint256 public totalPenaltyFeesCollected;

- mapping(address => uint256) public addressTotalSwaps;

- mapping(address => uint256) public addressPenaltyCount;

Option 2: Implement the tracking (if intended)

function _beforeSwap(...) internal override returns (...) {

// ... existing logic ...

+ addressTotalSwaps[sender] += 1;

if (applyPenalty) {

feeOverride = uint24((phasePenaltyBps * 100));

+ addressPenaltyCount[sender] += 1;

+ // Note: tracking actual fee amount collected would require afterSwap hook

}

// ...

}

Updates

Lead Judging Commences

chaossr Lead Judge

19 days ago

Appeal created

chaossr Lead Judge 17 days ago

Submission Judgement Published

Invalidated

Reason: Non-acceptable severity

Rewards breakdown

nSLOC

273

This contest has a flat reward structure with the following payouts:

High

100 EXP

Medium

20 EXP

Low

2 EXP

Live

The contest is live. Earn rewards by submitting a finding.

Judging

Submissions are being carefully reviewed by our judges.

View all submissions

Appeals

This is your time to appeal against judgements on your submissions.

Appeals Review

Appeals are being carefully reviewed by our judges.

Rewards Distribution

The contest is complete and the rewards are being distributed.

View results

Support

FAQs

Can't find an answer? Chat with us on Discord, Twitter or Linkedin.

Give us feedback!