Omniscia Xcaliswap Audit
SwapPair Code Style Findings
SwapPair Code Style Findings
SPR-01C: Inefficient Calculation of Domain Separator
Type | Severity | Location |
---|---|---|
Gas Optimization | SwapPair.sol:L479-L487 |
Description:
The DOMAIN_SEPARATOR
of the contract is calculated and stored on each invocation of the permit
function which is inefficient.
Example:
477function permit(address owner, address spender, uint value, uint deadline, uint8 v, bytes32 r, bytes32 s) external {478 require(deadline >= block.timestamp, 'SwapPair: EXPIRED');479 DOMAIN_SEPARATOR = keccak256(480 abi.encode(481 keccak256('EIP712Domain(string name,string version,uint256 chainId,address verifyingContract)'),482 keccak256(bytes(name)),483 keccak256('1'),484 block.chainid,485 address(this)486 )487 );
Recommendation:
We advise a pattern similar to the draft-ERC20Permit
contract of OpenZeppelin whereby the canonical DOMAIN_SEPARATOR
(the one that is calculated with the chainid
that the contract is deployed in) is cached in storage and is only re-calculated if the dynamic block.chainid
differs from the one the original DOMAIN_SEPARATOR
was calculated in. This will significantly reduce the gas cost of the permit
function.
Alleviation:
The Xcaliswap team evaluated this exhibit but opted not to apply any changes for it in the current iteration of the protocol.
SPR-02C: Inexistent Error Messages
Type | Severity | Location |
---|---|---|
Code Style | SwapPair.sol:L114, L346, L533, L536 |
Description:
The linked require
checks have no error messages explicitly defined.
Example:
114require(_unlocked == 1);
Recommendation:
We advise each to be set so to increase the legibility of the codebase and aid in validating the require
checks' conditions.
Alleviation:
The Xcaliswap team evaluated this exhibit but opted not to apply any changes for it in the current iteration of the protocol.
SPR-03C: Loop Iterator Optimization
Type | Severity | Location |
---|---|---|
Gas Optimization | SwapPair.sol:L268 |
Description:
The linked for
loop increments / decrements the iterator "safely" due to Solidity's built-in safe arithmetics(post - 0.8.X
).
Example:
268for (uint i = 0; i < _prices.length; i++) {
Recommendation:
We advise the increment / decrement operation to be performed in an unchecked
code block as the last statement within the for
loop to optimize its execution cost.
Alleviation:
The Xcaliswap team evaluated this exhibit but opted not to apply any changes for it in the current iteration of the protocol.
SPR-04C: Repetitive Value Literal
Type | Severity | Location |
---|---|---|
Code Style | SwapPair.sol:L367, L368, L425 |
Description:
The linked value literal is repeated across the codebase multiple times.
Example:
367if (amount0In > 0) _update0(amount0In * fee / 1e6); // accrue fees for token0 and move them out of pool
Recommendation:
We advise it to be set to a constant
variable instead optimizing the legibility of the codebase.
Alleviation:
The Xcaliswap team evaluated this exhibit but opted not to apply any changes for it in the current iteration of the protocol.