Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom

Fenwick Rounding Improvements (Invariant fix F3 F4) #719

Merged
merged 20 commits into from
Apr 7, 2023
Merged

Fenwick Rounding Improvements (Invariant fix F3 F4) #719

merged 20 commits into from
Apr 7, 2023

Conversation

mattcushman
Copy link
Contributor

@mattcushman mattcushman commented Mar 31, 2023
edited
Loading

Rounding Improvements - Changes to address invariants F3 and F4

High level

  • Round down in Deposits.sol using floorWmul instead of wmul
  • Modify three-way multiplications that occur in Deposits.sol and in Bucket.sol
    • As much as possible, multiply multiple values together and rescale at the end for accuracy. For example (x * y * x) / 1e36 is generally more accurate than Maths.wmul(Maths.wmul(x,y),z), as the latter rounds off x*y which is then multiplied by z, amplifying the roundoff error
    • In certain three-way multiplications, the price * collateral can result in large number in high priced and heavily used pool, so to reduce the risk of overflow we partially round along the way and rescale: (price * collateral / 1e12) * z / 1e6 retains enough of the accuracy gain, while allowing for an additional 1e12 quantity in the product.
  • Modify the exchange rate invariant as follows
  • If there are more than 1e9 LP in the bucket, tighten the constraint to be within 1 basis point (1e14)
  • If there are less than 1e9 LP in the bucket, require the total QT change in bucket value to be less than 0.1 QT (1e17)

Description of bug or vulnerability and solution

  • <PARAGRAPH_EXP_OF_VULN_BUG>
  • <PARAGRAPH_EXP_OF_HOW_CHANGE_SOLVES_VULN_OR_BUG>

Contract size

Pre Change

<PASTE_OUTPUT_HERE>

Post Change

<PASTE_OUTPUT_HERE>

Gas usage

Pre Change

<PASTE_OUTPUT_HERE>

Post Change

<PASTE_OUTPUT_HERE>

@grandizzy grandizzy changed the base branch from master to develop April 1, 2023 05:07
grandizzy
grandizzy reviewed Apr 3, 2023
View reviewed changes
src/libraries/external/LenderActions.sol Outdated
// If clearing out the bucket deposit, ensure it's zeroed out
if (redeemedLPs_ == params_.bucketLPs) {
removedAmount_ = scaledDepositAvailable;
removedAmount_ = scaledDepositAvailable; // TODO: shouldn't this be moved below the below, and use unscaled amount?
Copy link
Contributor

@grandizzy grandizzy Apr 3, 2023
edited
Loading

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

we need the scaled removed amount for further calculations in moveQuoteToken and removeQuoteToken

Copy link
Contributor Author

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

What worries me is that, if we do this by setting scaledDeposit, we might mess up the subsequent line that tries to ensure that we remove everything. scaledDepositAvailable/depositScale could be less than unscaledDeposit, perhaps, especially because / rounds down.

My gut is that it would be better to move this below where we set unscaledRemovedAmount, and if redeemedLPs==bucketLPs, THEN we set unscaledRemovedAmount to unscaledDepositAvailable, and removedAmount_ to scaledDepositAvailable.

Copy link
Contributor

@grandizzy grandizzy Apr 3, 2023
edited
Loading

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

kk, makes sense, not sure though if we should add it in this PR or if in different but should be OK to make

@grandizzy grandizzy changed the title Invariant fix f3 f4 Rounding Improvements (Invariant fix F3 F4) Apr 4, 2023
@grandizzy grandizzy marked this pull request as ready for review April 5, 2023 19:47
@grandizzy grandizzy mentioned this pull request Apr 5, 2023
Closed
MikeHathaway
MikeHathaway reviewed Apr 5, 2023
View reviewed changes
foundry.toml Outdated
runs = 1000 # Number of times that a sequence of function calls is generated and run
depth = 30 # Number of function calls made in a given run.
runs = 100 # Number of times that a sequence of function calls is generated and run
depth = 200 # Number of function calls made in a given run.
Copy link
Collaborator

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

is there value in decreasing runs and increasing depth?

Copy link
Contributor

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

restored to 1000 with 5e8bcff

MikeHathaway
MikeHathaway approved these changes Apr 5, 2023
View reviewed changes
Copy link
Collaborator

@MikeHathaway MikeHathaway left a comment

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

LGTM

@grandizzy grandizzy changed the title Rounding Improvements (Invariant fix F3 F4) Fenwick Rounding Improvements (Invariant fix F3 F4) Apr 6, 2023
prateek105
prateek105 approved these changes Apr 6, 2023
View reviewed changes
Copy link
Contributor

@prateek105 prateek105 left a comment

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

LGTM! Just that the PR description is not up to date as per the code.

@grandizzy grandizzy merged commit 0a0f58f into develop Apr 7, 2023
@grandizzy grandizzy deleted the invariant-fix-f3-f4 branch April 7, 2023 05:44
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Reviewers

@grandizzy grandizzy grandizzy left review comments

@MikeHathaway MikeHathaway MikeHathaway approved these changes

@prateek105 prateek105 prateek105 approved these changes

@ith-harvey ith-harvey Awaiting requested review from ith-harvey

@EdNoepel EdNoepel Awaiting requested review from EdNoepel

Assignees
No one assigned
Labels
Priority: High Scope: Bug fix Scope: Edits /src Status: Ready for Review
Projects
None yet
Milestone
No milestone
Development

Successfully merging this pull request may close these issues.
6 participants
@mattcushman @prateek105 @MikeHathaway @grandizzy @ith-harvey @EdNoepel