Skip to content

[Bug]: Solidity 0.4.24 allocates more memory than needed #1443

New issue
New issue
Open
Bug
Open
[Bug]: Solidity 0.4.24 allocates more memory than needed#1443
Bug
Labels
auditIssue comes as a result of an external auditbugSomething isn't workingvaultsLido stVaults related changes
@shoham-certora

Description

@shoham-certora
shoham-certora
opened on Sep 14, 2025

Summary

Certora identified a bug in the Solidity 0.4.24 compiler that affects the gas consumption of the Lido contract, with the help of the Certora prover. When creating a memory bytes array new bytes(48) in contracts/0.4.24/lib/SigningKeys.sol, the compiler actually allocates 32 * 48 = 1536 bytes, which is a waste of gas.

core/contracts/0.4.24/lib/SigningKeys.sol

Line 52 in 22cab0f

bytes memory tmpKey = new bytes(48);

We believe this affects also other constant size array allocations. We've also confirmed this issue exists in the currently deployed version.

Expected Behavior

Allocate on 48 bytes.

Potential Impact

Waste of gas.

Steps to Reproduce

Any call to SigningKeys.saveKeysSigs will allocate too much memory.

Possible Solutions

No response

Guidelines

Metadata

Metadata

Assignees

No one assigned

    Labels

    auditIssue comes as a result of an external auditbugSomething isn't workingvaultsLido stVaults related changes

    Type

    Bug

    Projects

    No projects

    Milestone

    No milestone

    Relationships

    None yet

    Development

    No branches or pull requests

    Issue actions