Complexity

How difficult is it to understand your code base?

Being efficient and not wasting needless time on refactoring your code is good. Having understandable code helps with this, but aids another far more important goal.

Security

Developers, auditors, anyone who looks to secure your contracts has to learn and understand how code works. It's possible to discover potential vulnerabilities only on top of a solid understanding.

Unfortunately, complexity is often in our way. As complexity grows it starts to become increasingly difficult to fully comprehend a code base. Often code gets so complex that no single developer or auditor is able to understand and think about the whole system at once.

Measuring Complexity

We've developed a combination of measurements based on the mechanisms of human cognition.

Using these metrics we can determine whether the complexity of your code is getting out of hand, and more importantly how you can fix it!

1. cognitive complexity

2. working memory

Cognitive Complexity

Cognitive complexity extends on cyclomatic complexity, fixing a key limitation.

Instead of counting branches, cognitive complexity incorporates the nesting structure of a function. This is important as the number of potential edge-cases grows exponentially as nesting increases.

As the number of edge-cases grows it becomes more difficult to keep track, and some critical cases might remain unnoticed.

Working Memory

As humans we can reliably keep track of 5-7 pieces of information in our working memory.

To understand a piece of code we need to use our working memory to store some important contextual information. Take the following code:

token.transfer(someAccount, amount);

We can easily understand that a transfer is taking place. We don't even need to know which variables are being used. After removing the variables we still know that we're dealing with a simple transfer:

_.transfer(_,_)

We need to rely on our working memory when we want to understand the code within it's context. We'll need to know which token, who's account and how much.

As we're reading the code we'll make mental notes about token, someAccount and amount. These mental notes will live in our working memory occupying almost half of the available capacity!

We'll measure the working memory load of all contracts to identify those functions that would require a superhuman brain to understand. This way you'll be able to refactor before things get out of hand!