Adding CDP stake related invariants

[wtj2021]

Summary by CodeRabbit

• New Features

  • Introduced a new function to calculate real stake based on collateral shares.
  • Expanded the interface to include functions for snapshots of total collateral and stakes.

• Tests

  • Enhanced test contracts with new variables and functions for more comprehensive testing of stake and collateral calculations.
  • Implemented additional invariant checks and properties to ensure system integrity.

[coderabbitai]

Walkthrough

The recent updates focus on enhancing the functionality and integrity of the contract ecosystem, particularly around the management of stakes and collaterals. A new function has been introduced to calculate real stakes, and the interface now supports snapshots of total collaterals and stakes. TestContracts have been enriched with new variables and functions to ensure the robustness of stake and collateral calculations, alongside the introduction of invariant checks to maintain system properties.

Changes

Files	Change Summary
.../contracts/CRLens.sol .../contracts/Interfaces/ICdpManagerData.sol	Added getRealStake function in CRLens contract; Introduced totalCollateralSnapshot() and totalStakesSnapshot() in ICdpManagerData interface.
.../contracts/TestContracts/invariants/BeforeAfter.sol	New variables for stake and collateral snapshots.
.../contracts/TestContracts/invariants/Properties.sol	New internal view functions for CDPM and CSP invariants.
.../contracts/TestContracts/invariants/TargetFunctions.sol .../contracts/TestContracts/invariants/echidna/EchidnaProperties.sol	Added _checkStakeInvariants() for stake checks; Added functions for CDPM invariants.

🐇✨
In the land of code, where the smart contracts bloom,
A rabbit hopped in, avoiding the gloom.
With a flick and a click, new functions took flight,
Ensuring the stakes and collaterals just right.
"To integrity and beyond!" the rabbit did cheer,
With every line of code, the vision became clear.
🌟📜🚀

Thank you for using CodeRabbit. We offer it for free to the OSS community and would appreciate your support in helping us grow. If you find it useful, would you consider giving us a shout-out on your favorite social media?

Share

• X
• Mastodon
• Reddit
• LinkedIn

---

Tips

Chat

There are 3 ways to chat with CodeRabbit:

• Review comments: Directly reply to a review comment made by CodeRabbit. Example:
  • I pushed a fix in commit <commit_id>.
  • Generate unit-tests for this file.
  • Open a follow-up GitHub issue for this discussion.
• Files and specific lines of code (under the "Files changed" tab): Tag @coderabbitai in a new review comment at the desired location with your query. Examples:
  • @coderabbitai generate unit tests for this file.
  • @coderabbitai modularize this function.
• PR comments: Tag @coderabbitai in a new PR comment to ask questions about the PR branch. For the best results, please provide a very specific query, as very limited context is provided in this mode. Examples:
  • @coderabbitai generate interesting stats about this repository and render them as a table.
  • @coderabbitai show all the console.log statements in this repository.
  • @coderabbitai read src/utils.ts and generate unit tests.
  • @coderabbitai read the files in the src/scheduler package and generate a class diagram using mermaid and a README in the markdown format.

Note: Be mindful of the bot's finite context window. It's strongly recommended to break down tasks such as reading entire modules into smaller chunks. For a focused discussion, use review comments to chat about specific files and their changes, instead of using the PR comments.

CodeRabbit Commands (invoked as PR comments)

• @coderabbitai pause to pause the reviews on a PR.
• @coderabbitai resume to resume the paused reviews.
• @coderabbitai review to trigger a review. This is useful when automatic reviews are disabled for the repository.
• @coderabbitai resolve resolve all the CodeRabbit review comments.
• @coderabbitai help to get help.

Additionally, you can add @coderabbitai ignore anywhere in the PR description to prevent this PR from being reviewed.

CodeRabbit Configration File (.coderabbit.yaml)

• You can programmatically configure CodeRabbit by adding a .coderabbit.yaml file to the root of your repository.
• The JSON schema for the configuration file is available here.
• If your editor has YAML language server enabled, you can add the path at the top of this file to enable auto-completion and validation: # yaml-language-server: $schema=https://coderabbit.ai/integrations/coderabbit-overrides.v2.json

CodeRabbit Discord Community

Join our Discord Community to get help, request features, and share feedback.

[getrecon-bot]

Job ID	caf59116-8525-49d0-98de-1de66cf017e6
Command	yarn && git submodule init && git submodule update && solc-select use 0.8.17 && cd packages/contracts/ && yarn echidna --test-mode assertion --test-limit 300000
Instance ID	i-0a50904cbda7d5bd3
Instance Type	c5.2xlarge
Status	Started
Elapsed

[getrecon-bot]

Job ID	caf59116-8525-49d0-98de-1de66cf017e6
Command	yarn && git submodule init && git submodule update && solc-select use 0.8.17 && cd packages/contracts/ && yarn echidna --test-mode assertion --test-limit 300000
Instance ID	i-0a50904cbda7d5bd3
Instance Type	c5.2xlarge
Status	Running
Elapsed	49 seconds

[getrecon-bot]

Job ID	caf59116-8525-49d0-98de-1de66cf017e6
Command	yarn && git submodule init && git submodule update && solc-select use 0.8.17 && cd packages/contracts/ && yarn echidna --test-mode assertion --test-limit 300000
Instance ID	i-0a50904cbda7d5bd3
Instance Type	c5.2xlarge
Status	Running
Elapsed	50 seconds

[coderabbitai]

Review Status

Actionable comments generated: 1

Configuration used: CodeRabbit UI

Commits

Files that changed from the base of the PR and between 5a44f60 and 4361708.

Files selected for processing (5)

• packages/contracts/contracts/TestContracts/invariants/BeforeAfter.sol (6 hunks)
• packages/contracts/contracts/TestContracts/invariants/Properties.sol (1 hunks)
• packages/contracts/contracts/TestContracts/invariants/PropertiesDescriptions.sol (1 hunks)
• packages/contracts/contracts/TestContracts/invariants/TargetFunctions.sol (18 hunks)
• packages/contracts/contracts/TestContracts/invariants/echidna/EchidnaProperties.sol (1 hunks)

Files not reviewed due to errors (1)

• (no review received)

Additional comments: 22

packages/contracts/contracts/TestContracts/invariants/echidna/EchidnaProperties.sol (5)

• 43-45: The function echidna_cdp_manager_invariant_7 correctly implements the call to invariant_CDPM_07(vars). This function is expected to test the invariant that stake decreases when collateral shares decrease for a CDP. Ensure that the vars parameter passed to invariant_CDPM_07 is correctly initialized and contains all necessary data for this invariant check.
• 47-49: The function echidna_cdp_manager_invariant_8 is implemented as expected, invoking invariant_CDPM_08(vars). This tests the invariant that stake increases when collateral shares increase for a CDP. Similar to the previous function, verify that vars is properly initialized with the required data for the invariant check.
• 51-53: In echidna_cdp_manager_invariant_10, the function correctly calls invariant_CDPM_10(cdpManager, vars). This function aims to test the invariant related to totalStakesSnapshot matching totalStakes after an operation, if the rebase index changed during the operation. It's crucial to ensure that both cdpManager and vars are correctly set up with the necessary context for this test.
• 55-57: The function echidna_cdp_manager_invariant_11 is well-defined, invoking invariant_CDPM_11(cdpManager, vars). This tests the invariant concerning totalCollateralSnapshot matching the active pool's systemCollShares after an operation, if the rebase index changed. Confirm that cdpManager and vars are adequately prepared with the relevant data.
• 59-61: echidna_cdp_manager_invariant_12 correctly calls invariant_CDPM_12(sortedCdps, vars), testing the invariant that the sum of all individual CDP stakes should equal totalStakes. It's important to verify that sortedCdps and vars are correctly initialized to ensure the accuracy of this invariant check.

packages/contracts/contracts/TestContracts/invariants/PropertiesDescriptions.sol (6)

• 31-31: The description for CDPM-07 clearly communicates the expected behavior that stake decreases when collateral shares decrease for a CDP. This is crucial for understanding the invariant's purpose and ensuring that stakeholders have clear expectations.
• 32-32: The description for CDPM-08 effectively explains the invariant that stake increases when collateral shares increase for a CDP. This clarity is essential for maintaining transparency and facilitating easier understanding of the contract's logic.
• 33-34: The description for CDPM-09 provides a detailed explanation of the expected stake calculation after operations involving a CDP. It's important to ensure that this description accurately reflects the underlying logic in the corresponding invariant function.
• 35-36: The description for CDPM-10 clearly states the condition under which totalStakesSnapshot should match totalStakes after an operation. This clarity helps in understanding the specific scenarios under which this invariant is checked.
• 37-38: The description for CDPM-11 effectively communicates the condition for totalCollateralSnapshot to match the active pool's systemCollShares after an operation. Ensuring that this description matches the logic in the corresponding invariant function is crucial for consistency.
• 39-40: The description for CDPM-12 succinctly states the invariant that the sum of all individual CDP stakes should equal totalStakes. This description is essential for understanding the overall integrity checks performed on the system's stake management.

packages/contracts/contracts/TestContracts/invariants/BeforeAfter.sol (6)

• 37-38: The addition of cdpStakeBefore and cdpStakeAfter variables is consistent with the PR's objective to track stake amounts before and after certain operations. Ensure these variables are properly updated in all relevant contract functions to maintain the integrity of the tracking system.
• 76-81: The introduction of totalStakesBefore, totalStakesAfter, totalStakesSnapshotBefore, totalStakesSnapshotAfter, totalCollateralSnapshotBefore, and totalCollateralSnapshotAfter variables is crucial for tracking the total stakes and collateral snapshots before and after operations. It's important to validate that these variables are updated accurately in the contract's logic to ensure the integrity of the system's state.
• 101-101: The assignment of vars.cdpStakeBefore within the _before function is appropriate for capturing the stake amount of a CDP before certain operations. This aligns with the PR's objectives. However, ensure that this function is called at the correct points in the contract's workflow to accurately reflect the state before operations.
• 150-152: The assignment of totalStakesBefore, totalStakesSnapshotBefore, and totalCollateralSnapshotBefore within the _before function is essential for capturing the system's state before operations. Verify that these variables are used correctly in subsequent logic to ensure the system's integrity and that the _before function is invoked appropriately.
• 162-162: The assignment of vars.cdpStakeAfter within the _after function correctly captures the stake amount of a CDP after operations. This is in line with the PR's goals. Confirm that this function is called at the appropriate times to accurately reflect the state after operations.
• 218-220: The assignment of totalStakesAfter, totalStakesSnapshotAfter, and totalCollateralSnapshotAfter within the _after function is crucial for capturing the system's state after operations. It's important to ensure that these variables are utilized correctly in the contract's logic and that the _after function is invoked at the right moments.

packages/contracts/contracts/TestContracts/invariants/Properties.sol (5)

• 120-124: Consider adding comments to explain the purpose and expected behavior of invariant_CDPM_07. This will improve code maintainability and readability for future contributors.
• 127-131: Consider adding comments to explain the purpose and expected behavior of invariant_CDPM_08. This will improve code maintainability and readability for future contributors.
• 140-147: Consider adding comments to explain the purpose and expected behavior of invariant_CDPM_10. This will improve code maintainability and readability for future contributors.
• 150-157: Consider adding comments to explain the purpose and expected behavior of invariant_CDPM_11. This will improve code maintainability and readability for future contributors.
• 160-172: Consider adding comments to explain the purpose and expected behavior of invariant_CDPM_12. This will improve code maintainability and readability for future contributors.

[coderabbitai]

Ensure to add a check to prevent division by zero in invariant_CDPM_09 when dividing by vars.totalCollateralSnapshotAfter. This is crucial for avoiding runtime errors.

+ require(vars.totalCollateralSnapshotAfter > 0, "Division by zero error");

---

Committable suggestion

‼️ IMPORTANT
Carefully review the code before committing. Ensure that it accurately replaces the highlighted code, contains no missing lines, and has no issues with indentation.

Suggested change

	function invariant_CDPM_09(Vars memory vars) internal view returns (bool) {
	return
	vars.cdpStakeAfter ==
	(vars.cdpCollAfter * vars.totalStakesSnapshotAfter) / vars.totalCollateralSnapshotAfter;
	function invariant_CDPM_09(Vars memory vars) internal view returns (bool) {
	require(vars.totalCollateralSnapshotAfter > 0, "Division by zero error");
	return
	vars.cdpStakeAfter ==
	(vars.cdpCollAfter * vars.totalStakesSnapshotAfter) / vars.totalCollateralSnapshotAfter;

[coderabbitai]

Review Status

Actionable comments generated: 0

Configuration used: CodeRabbit UI

Commits

Files that changed from the base of the PR and between 4361708 and c45acde.

Files selected for processing (2)

• packages/contracts/contracts/TestContracts/invariants/Properties.sol (1 hunks)
• packages/contracts/contracts/TestContracts/invariants/TargetFunctions.sol (18 hunks)

Files skipped from review as they are similar to previous changes (2)

• packages/contracts/contracts/TestContracts/invariants/Properties.sol
• packages/contracts/contracts/TestContracts/invariants/TargetFunctions.sol

[coderabbitai]

Review Status

Actionable comments generated: 5

Configuration used: CodeRabbit UI

Commits

Files that changed from the base of the PR and between c45acde and 06ca316.

Files selected for processing (2)

• packages/contracts/contracts/TestContracts/invariants/TargetFunctions.sol (19 hunks)
• packages/contracts/foundry_test/EchidnaToFoundry.t.sol (2 hunks)

Files skipped from review as they are similar to previous changes (1)

• packages/contracts/contracts/TestContracts/invariants/TargetFunctions.sol

[coderabbitai]

📝 NOTE
This review was outside the diff hunks and was mapped to the diff hunk with the greatest overlap. Original lines [508-531]

The commented-out block of code starting from line 508 to 531 seems to be related to a test scenario involving liquidation and checking conditions under Minimum Collateral Ratio (MCR) and Critical Collateral Ratio (CCR). However, it's entirely commented out, which might indicate either an incomplete test scenario or a temporarily disabled test case for debugging purposes.

• Security/Correctness: Ensure that the logic intended to be tested by this commented-out code is either covered elsewhere in the test suite or documented as a known gap.
• Maintainability: Large commented-out code blocks can clutter the codebase and make maintenance harder. If this code is not intended to be used, consider removing it. If it's meant for future use, add a detailed comment explaining the context and conditions under which it should be re-enabled.

Consider either implementing the test scenario fully, removing the commented-out code, or documenting its purpose and conditions for future enablement.

---

📝 NOTE
This review was outside the diff hunks, and no overlapping diff hunk was found. Original lines [643-643]

Detected an AWS Access Key ID hardcoded in the comments. Hardcoding sensitive credentials in the codebase, even within comments, poses a significant security risk.

• Security/PII Leakage: Exposing AWS Access Key IDs can lead to unauthorized access to AWS services, potentially resulting in data breaches, service disruptions, or financial implications.
• Best Practice: Always keep sensitive credentials out of the codebase. Use environment variables or secure secret management services to handle such information.

Remove the AWS Access Key ID from the comments and ensure that no sensitive credentials are hardcoded in the codebase. Implement a secure method for managing and accessing these credentials.

---

📝 NOTE
This review was outside the diff hunks, and no overlapping diff hunk was found. Original lines [674-674]

Detected an AWS Access Key ID hardcoded in the comments. Including sensitive credentials in the codebase, even within comments, is a security risk.

• Security/PII Leakage: Exposing AWS Access Key IDs can lead to unauthorized access to AWS services, potentially resulting in data breaches, service disruptions, or financial implications.
• Best Practice: Always keep sensitive credentials out of the codebase. Use environment variables or secure secret management services to handle such information.

Remove the AWS Access Key ID from the comments and ensure that no sensitive credentials are hardcoded in the codebase. Implement a secure method for managing and accessing these credentials.

---

📝 NOTE
This review was outside the diff hunks, and no overlapping diff hunk was found. Original lines [704-704]

Detected an AWS Access Key ID hardcoded in the comments. Including sensitive credentials in the codebase, even within comments, is a security risk.

• Security/PII Leakage: Exposing AWS Access Key IDs can lead to unauthorized access to AWS services, potentially resulting in data breaches, service disruptions, or financial implications.
• Best Practice: Always keep sensitive credentials out of the codebase. Use environment variables or secure secret management services to handle such information.

Remove the AWS Access Key ID from the comments and ensure that no sensitive credentials are hardcoded in the codebase. Implement a secure method for managing and accessing these credentials.

---

📝 NOTE
This review was outside the diff hunks, and no overlapping diff hunk was found. Original lines [922-922]

Detected an AWS Access Key ID hardcoded in the comments. Including sensitive credentials in the codebase, even within comments, is a security risk.

• Security/PII Leakage: Exposing AWS Access Key IDs can lead to unauthorized access to AWS services, potentially resulting in data breaches, service disruptions, or financial implications.
• Best Practice: Always keep sensitive credentials out of the codebase. Use environment variables or secure secret management services to handle such information.

Remove the AWS Access Key ID from the comments and ensure that no sensitive credentials are hardcoded in the codebase. Implement a secure method for managing and accessing these credentials.

[coderabbitai]

Review Status

Actionable comments generated: 0

Configuration used: CodeRabbit UI

Commits

Files that changed from the base of the PR and between 06ca316 and 28ef54a.

Files selected for processing (1)

• packages/contracts/contracts/TestContracts/invariants/TargetFunctions.sol (19 hunks)

Files skipped from review as they are similar to previous changes (1)

• packages/contracts/contracts/TestContracts/invariants/TargetFunctions.sol

[getrecon-bot]

Job ID	caf59116-8525-49d0-98de-1de66cf017e6
Command	yarn && git submodule init && git submodule update && solc-select use 0.8.17 && cd packages/contracts/ && yarn echidna --test-mode assertion --test-limit 300000
Instance ID	i-0a50904cbda7d5bd3
Instance Type	c5.2xlarge
Status	Success
Elapsed	13 hours 4 minutes 13 seconds

[coderabbitai]

Review Status

Actionable comments generated: 0

Configuration used: CodeRabbit UI

Commits

Files that changed from the base of the PR and between 28ef54a and 394e181.

Files selected for processing (2)

• packages/contracts/contracts/TestContracts/invariants/Properties.sol (1 hunks)
• packages/contracts/contracts/TestContracts/invariants/echidna/EchidnaProperties.sol (1 hunks)

Files skipped from review as they are similar to previous changes (2)

• packages/contracts/contracts/TestContracts/invariants/Properties.sol
• packages/contracts/contracts/TestContracts/invariants/echidna/EchidnaProperties.sol

[coderabbitai]

Review Status

Actionable comments generated: 0

Configuration used: CodeRabbit UI

Commits

Files that changed from the base of the PR and between 394e181 and 1d9c933.

Files selected for processing (6)

• packages/contracts/contracts/CRLens.sol (1 hunks)
• packages/contracts/contracts/Interfaces/ICdpManagerData.sol (1 hunks)
• packages/contracts/contracts/TestContracts/invariants/BeforeAfter.sol (5 hunks)
• packages/contracts/contracts/TestContracts/invariants/Properties.sol (1 hunks)
• packages/contracts/contracts/TestContracts/invariants/TargetFunctions.sol (19 hunks)
• packages/contracts/contracts/TestContracts/invariants/echidna/EchidnaProperties.sol (1 hunks)

Files skipped from review as they are similar to previous changes (4)

• packages/contracts/contracts/TestContracts/invariants/BeforeAfter.sol
• packages/contracts/contracts/TestContracts/invariants/Properties.sol
• packages/contracts/contracts/TestContracts/invariants/TargetFunctions.sol
• packages/contracts/contracts/TestContracts/invariants/echidna/EchidnaProperties.sol

Additional comments: 3

packages/contracts/contracts/CRLens.sol (1)

• 78-86: The implementation of getRealStake correctly calculates the real stake based on collateral shares and snapshots. However, it would be beneficial to add comments explaining the logic, especially the calculation in the return statement, to improve code readability and maintainability.

packages/contracts/contracts/Interfaces/ICdpManagerData.sol (2)

• 269-269: The addition of totalCollateralSnapshot to the ICdpManagerData interface is correctly implemented. It's essential for tracking the total collateral over time.
• 271-271: The addition of totalStakesSnapshot to the ICdpManagerData interface is correctly implemented. It's crucial for tracking the total stakes over time.

[coderabbitai]

Review Status

Actionable comments generated: 0

Configuration used: CodeRabbit UI

Commits

Files that changed from the base of the PR and between 1d9c933 and 96b13f1.

Files selected for processing (1)

• packages/contracts/contracts/TestContracts/invariants/TargetFunctions.sol (18 hunks)

Files skipped from review as they are similar to previous changes (1)

• packages/contracts/contracts/TestContracts/invariants/TargetFunctions.sol

[coderabbitai]

Review Status

Actionable comments generated: 1

Configuration used: CodeRabbit UI

Commits

Files that changed from the base of the PR and between 96b13f1 and e58c1f3.

Files ignored due to path filters (1)

• packages/contracts/foundry.toml is excluded by: !**/*.toml

Files selected for processing (1)

• packages/contracts/remappings.txt (1 hunks)

Additional comments: 1

packages/contracts/remappings.txt (1)

• 4-4: The remapping for @openzeppelin remains unchanged, ensuring consistency in how external dependencies are managed. No action required here.

[coderabbitai]

Tip

Codebase Verification

The verification process has revealed that the packages/contracts/lib/properties directory exists but is empty. This suggests that the remapping for @crytic/properties to lib/properties/ may not be correctly set up or the expected files have not been added to the directory. It's important to ensure that the necessary files are present in the directory for the remapping to function as intended.

Analysis chain

The remapping for @crytic/properties to lib/properties/ looks organized. Ensure that the new path is correctly set up in the project structure and accessible during the build process.

---

Scripts Executed

The following scripts were executed for the analysis:

---

Script:

#!/bin/bash
# Verify if the directory exists and contains expected files
if [ -d "packages/contracts/lib/properties" ]; then
  echo "Directory exists. Listing contents:"
  ls packages/contracts/lib/properties
else
  echo "Directory does not exist. Please check the path."
fi

Length of output: 166

---

---

Script:

#!/bin/bash
# Explicitly verify the contents of the directory to ensure it's not empty
ls -A packages/contracts/lib/properties || echo "The directory is empty or does not exist."

Length of output: 41

[coderabbitai]

Review Status

Actionable comments generated: 0

Configuration used: CodeRabbit UI

Commits

Files that changed from the base of the PR and between e58c1f3 and d423cea.

Files ignored due to path filters (1)

• packages/contracts/foundry.toml is excluded by: !**/*.toml

Files selected for processing (1)

• packages/contracts/remappings.txt (1 hunks)

Files skipped from review as they are similar to previous changes (1)

• packages/contracts/remappings.txt