98 / Type juggling
Can you shove multiple variables in one slot?

We look at important details everyone needs to know when writing smart contracts. Slots, loops and reentrancy.

Timeline

00:00 Intro

01:15 Type juggling

05:52 Callbacks

11:09 The recommendations

12:16 Do pen testing?

13:15 Every hole is a back hole

15:19 Don't optimize!

25:17 Hot takes

Participants

@fulldecent

William Entriken

@dtedesco1

Daniel Tedesco

@037

AKM

Episode notes

• Published IRS comments
• How to be aware of problems with when you are calling another contract https://hour.gg/episodes/2022-06-07-episode-27.html

• Type juggling optimization (storage bit stuffing)
  • The “signature trick” 32B + 32B + 1B → 64B for public key signatuares
  • The bit-stuffing: 48bits for your timestamp + … …. = 256bts, just make sure that you put them in the correct order in your Solidity contract definition
  • Should we have an extension for this? Or at least a checklist for optimizing.
  • Keep in mind
    • Slots
    • Loops
    • Reentrancy
  • Linters
    • 037 tried a linter that flagged lots of false positive reentrancies
  • How to be aware of problems with when you are calling another contract
    • https://hour.gg/episodes/2022-06-07-episode-27.html
    • Front-end synchronization (“slippage”) and
    • How to ensure the price a buyer pays is the price they saw on the website? https://hour.gg/episodes/2021-12-21-episode-3.html
    • Watch out for sandwiching/frontrunning
    • buy(tokenId, price) // for a ERC-20 order
    • buy(tokenId) payable // for a ETH order
• Pentesting as a service
  • https://phor.net/ please see “code reviews”
  • #1 – test cases
  • If you don’t define what is your front hole and back hole, then all your holes are back holes
• “Premature optimization is the root of all evil”
  • What is the famous artist that said something like: if you are painting and the parts of the face are in the wrong places it is better to throw away the painting and start over
  • “Keeping yourself out of dark places is part of the mysticism of creating.”
  • Bing says: “I found a quote by Andy Andrews that is similar to what you are looking for: “Successful people make their decisions quickly and change their minds slowly. Failures make their decisions slowly and change their minds quickly.”1 I hope this quote is more relevant to your question!”
• Hot take topic:
  • https://tether.to/en/tether-freezes-32-addresses-linked-to-terrorism-and-warfare-in-israel-and-ukraine/
  • Israel Crackdown Freezes Millions In Crypto Assets On Binance To Block Hamas Funds - Benzinga
  • Israel orders freeze on crypto accounts in bid to block funding for Hamas (ft.com)