Omniscia Mitosis Audit
CCDMClient Code Style Findings
CCDMClient Code Style Findings
CCM-01C: Generic Typographic Mistakes
Type | Severity | Location |
---|---|---|
Code Style | CCDMClient.sol:L29, L30, L31, L32, L33 |
Description:
The referenced lines contain typographical mistakes (i.e. private
variable without an underscore prefix) or generic documentational errors (i.e. copy-paste) that should be corrected.
Example:
29ExtAddr _ccdmHost;
Recommendation:
We advise them to be corrected enhancing the legibility of the codebase.
Alleviation (58e8cc66dfa900c03c47df78f5170d9960005629):
All referenced variables have been renamed accordingly, omitting their underscore prefix for the sake of legibility as they do not constitute actual private
/ internal
variables.
CCM-02C: Ineffectual Usage of Safe Arithmetics
Type | Severity | Location |
---|---|---|
Language Specific | CCDMClient.sol:L140 |
Description:
The linked mathematical operation is guaranteed to be performed safely by surrounding conditionals evaluated in either require
checks or if-else
constructs.
Example:
139if (spent < msg_.amount) {140 _processRefund(msg_.receiver, msg_.token, msg_.amount - spent);141}
Recommendation:
Given that safe arithmetics are toggled on by default in pragma
versions of 0.8.X
, we advise the linked statement to be wrapped in an unchecked
code block thereby optimizing its execution cost.
Alleviation (58e8cc66dfa900c03c47df78f5170d9960005629):
The refund calculation has been properly wrapped in an unchecked
code block safely, optimizing its gas cost.
CCM-03C: Inefficient Duplicate Query of Storage Location
Type | Severity | Location |
---|---|---|
Gas Optimization | CCDMClient.sol:L130, L153 |
Description:
The CCDMClient::_handle
function will invoke the CCDMClient::_processSpent
function and both functions will re-calculate the storage location of the VaultInfo
structure redundantly.
Example:
125function _handle(uint32, bytes32, bytes calldata rawMsg) internal {126 MsgDeposit memory msg_ = Message.decodeDeposit(rawMsg);127
128 StorageV1 storage $ = _getStorageV1();129
130 VaultInfo storage info = $._vaults[$._vaultIdxByL1Asset[msg_.token]];131
132 ISudoVault vault = info.vault;133
134 if (address(vault) == address(0x0)) {135 revert Error.InvalidDepositRequest("non-registered asset");136 }137
138 try vault.manualDeposit(msg_.amount, msg_.receiver.toAddress()) returns (uint256 spent) {139 if (spent < msg_.amount) {140 _processRefund(msg_.receiver, msg_.token, msg_.amount - spent);141 }142 _processSpent(msg_.receiver, msg_.token, spent);143 emit DepositSuccess(msg_.receiver.toAddress(), info.l1Asset, info.l2Asset, spent);144 } catch {145 _processRefund(msg_.receiver, msg_.token, msg_.amount);146 emit DepositFailure(msg_.receiver.toAddress(), info.l1Asset, info.l2Asset, msg_.amount);147 }148}149
150function _processSpent(bytes32, bytes32 token, uint256 amount) internal {151 StorageV1 storage $ = _getStorageV1();152
153 $._vaults[$._vaultIdxByL1Asset[token]].unresolved += amount;154}
Recommendation:
We advise the CCDMClient::_processSpent
function to accept a VaultInfo storage
argument that is consequently utilized to increment its unresolved
data point, optimizing the function's gas cost.
Alleviation (58e8cc66dfa900c03c47df78f5170d9960005629):
The code instead updated all _process
prefixed functions to accept the storage pointer as an argument, optimizing the gas cost of the function throughout.
CCM-04C: Inefficient Loop Limit Evaluation
Type | Severity | Location |
---|---|---|
Gas Optimization | CCDMClient.sol:L76 |
Description:
The linked for
loop evaluates its limit inefficiently on each iteration.
Example:
76for (uint256 i = 0; i < $._vaults.length; i++) {
Recommendation:
We advise the statements within the for
loop limit to be relocated outside to a local variable declaration that is consequently utilized for the evaluation to significantly reduce the codebase's gas cost. We should note the same optimization is applicable for storage reads present in such limits as they are newly read on each iteration (i.e. length
members of arrays in storage).
Alleviation (58e8cc66dfa900c03c47df78f5170d9960005629):
The Mitosis team evaluated this exhibit but opted to acknowledge it in the current iteration of the codebase
CCM-05C: Loop Iterator Optimization
Type | Severity | Location |
---|---|---|
Gas Optimization | CCDMClient.sol:L76 |
Description:
The linked for
loop increments / decrements the iterator "safely" due to Solidity's built-in safe arithmetics (post-0.8.X
).
Example:
76for (uint256 i = 0; i < $._vaults.length; i++) {
Recommendation:
We advise the increment / decrement operation to be performed in an unchecked
code block as the last statement within the for
loop to optimize its execution cost.
Alleviation (0d29218ad3c34106523fd3eaab2f5336ab028c36):
The optimization has been regressed by removing the referenced unchecked
code block and thus rendering this exhibit acknowledged.
CCM-06C: Suboptimal Struct Declaration Styles
Type | Severity | Location |
---|---|---|
Code Style | CCDMClient.sol:L85, L117 |
Description:
The linked declaration styles of the referenced structs are using index-based argument initialization.
Example:
85Message.encodeBridge(MsgBridge(address(info.vault).toBytes32(), info.l1Asset, unresolved));
Recommendation:
We advise the key-value declaration format to be utilized instead in each instance, greatly increasing the legibility of the codebase.
Alleviation (0d29218ad3c34106523fd3eaab2f5336ab028c36):
The key-value declaration style is now properly in use within the referenced struct
declarations, addressing this exhibit in full.