Use .call instead of .transfer to send ether
.transfer will relay 2300 gas and .call will relay all the gas. If the receive/fallback function from the recipient proxy contract has complex logic, using .transfer will fail, causing integration issues.
Unbounded loop
1 2 3 4 5 6 7 8 9 10 11
function claimGovFees() public { address[] memory assets = bondNFT.getAssets();
- address public owner; + address public immutable owner;
mapping(address⇒bool) using bool for storage incurs overhead
1 2
- mapping(address => bool) public allowedAsset; + mapping(address => uint256) public allowedAsset;
Save gas with the use of the import statement
Solidity code is also cleaner in another way that might not be noticeable: the struct Point. We were importing it previously with global import but not using it. The Point struct polluted the source code with an unnecessary object we were not using because we did not need it.
This was breaking the rule of modularity and modular programming: only import what you need Specific imports with curly braces allow us to apply this rule better.
Recommendation:
import {contract1 , contract2} from "filename.sol";
Sort Solidity operations using short-circuit mode
//f(x) is a low gas cost operation
//g(y) is a high gas cost operation
//Sort operations with different gas costs as follows
f(x) || g(y)
f(x) && g(y)
Change for loop behavior by removing add (+1) and ++x is more gas efficient
1 2 3 4 5 6 7 8
functionbuy(uint256 _amount) external payable { ... - for (uint48 x = sale_.currentId + 1; x <= newId; x++) { + for (uint48 x = sale_.currentId; x < newId; ++x) { nft.mint(msg.sender, x); } ... }
Multiple access to mapping/array should use local variable cache
Duplicated require should be modifier or function
Use custom error rather than revert()/require()
Use calldata instead of memory for read-only variable
require()/revert() string longer than 32 bytes cost extra gas
Using Openzeppelin Ownable2Step.sol is gas efficient
Using UniswapV3 mulDiv function is gas-optimized
Use nested if and, avoid multiple check combinations
Avoid using state variable in emit (130 gas)
Instead of cache a whole object ,try cache single Attributes
Using int32 for time
Don’t use _msgSender() if not supporting EIP-2771
Using > 0 costs more gas than != 0 when used on a uint in a require() statement(version>0.8.13)
Using bools for storage incurs overhead
.length should not be looked up in every loop of a for-loop
Using calldata instead of memory for read-only arguments in external functions saves gas
Splitting require() statements that use && saves gas
Use a more recent version of solidity
require()/revert() strings longer than 32 bytes cost extra gas
+= costs more gas than = + for state variables
Using storage instead of memory for structs/arrays saves gas
After the contract is destroyed,the subsequent execution of the contract’s function buy() is going on.That causes the msg.value token to be lost in the contract forever.
Proof of concept
Note:When there is no code at the address, the transaction will succeed, and the msg.value will be stored in the contract.
Let’s say Alice and bob are invoking the contact simultaneously. The transactions are sent to the mempool. Alice is finished executes her transaction when bob is still waiting for his result. And then the contract is destroyed. Finally, bob finished his transaction and sent his token to this contract. This way bob’s token is lost and locked forever in this empty contract.
Recommended mitigation steps
Instead of using self-destruct, we could modify the state to represent the contract has completed the process.We could modify the code like this: