RP-runtime-safety-and-performance.md

Runtime Safety and Performance

Description

The Runtime Safety and Performance category focuses on the operational aspects of smart contracts during execution. It ensures that the language and its compiler generate efficient and secure code that performs reliably on the blockchain platform. Key considerations include correct gas charging to prevent denial-of-service attacks and unnecessary costs, optimization of contract size to meet platform constraints, and efficient memory management to avoid resource exhaustion or leaks. Additionally, this category emphasizes the importance of safe compiler optimizations that do not introduce unexpected behaviors or vulnerabilities.

This section helps auditors assess the language's ability to produce performant and safe contracts, ensuring that they operate reliably and efficiently in the blockchain environment.

---

Ref Number	Name	Objective	Potential Issues
RP-001	Correct Gas Charging	Ensure gas is charged correctly to prevent denial-of-service scenarios and unnecessary costs, maintaining contract reliability and network stability. Verify that storage opcodes are not mispriced and validate that it is not free to store values under any circumstances.	Denial-of-service attacks Unnecessary user costs Exploitation of gas accounting Network instability
RP-002	Contract Size Optimization	Ensure the build output is optimized for size to reduce deployment costs and meet platform size constraints.	High deployment costs Exceeding size limits Deployment failures Need for refactoring
RP-003	Efficient Memory Allocation and Management	Ensure the language provides secure and efficient memory allocation mechanisms, managing memory usage effectively to optimize performance and prevent resource exhaustion or leaks.	Memory leaks leading to increased gas costs Resource exhaustion causing contract failures Vulnerabilities from improper memory handling Inefficient memory usage impacting performance
RP-004	Compiler Optimization Safety	Ensure compiler optimizations do not introduce unexpected behavior or vulnerabilities, maintaining contract security while improving performance.	Unexpected behavior from optimizations Vulnerabilities introduced by optimizations Compromised contract security

---

References

For more information, see also:

• Gas Gauge: A Security Analysis Tool for Smart Contract Out-of-Gas Vulnerabilities
• Improve the throughput of wasm contracts on parachains
• FullInliner Non-Expression-Split Argument Evaluation Order Bug
• There Ain’t No Such Thing as a Free Custom Memory Allocator
• Incorrect gas estimate for BALANCE opcode - Vyper contest