Was this helpful?
Submitted on Mar 18th 2025 at 07:54:52 UTC by @Victor_TheOracle for
Report ID: #41765
Report Type: Smart Contract
Report severity: Insight
Target: https://github.com/immunefi-team/audit-comp-yeet/blob/main/src/Yeetback.sol
Impacts:
The issue involves two state variables in the yeetback.sol contract that are set only during construction but are not declared as immutable. In non-upgradeable contracts, failing to mark such variables as immutable results in unnecessary gas costs since these variables occupy storage slots, potentially increasing the cost of contract interactions on mainnet.
In Solidity, variables that are assigned a value only once in the constructor and never modified should be declared as immutable. This allows the Solidity compiler to optimize these variables by embedding their values directly into the bytecode rather than storing them in a storage slot.
In yeetback.sol, the variables entropy and entropyProvider are initialized in the constructor but are not declared as immutable:
The main impact of this vulnerability is increased gas consumption during contract execution. By storing these values in storage rather than embedding them in the contract's code, each access to these variables requires an SLOAD operation, which is more gas-intensive.
Relevant Code snippet: https://github.com/immunefi-team/audit-comp-yeet/blob/da15231cdefd8f385fcdb85c27258b5f0d0cc270/src/Yeetback.sol#L33-L35
