-
Notifications
You must be signed in to change notification settings - Fork 3
New issue
Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.
By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.
Already on GitHub? Sign in to your account
distributeExcessIdle
fixes
#925
Conversation
Hyperdrive Gas Benchmark
This comment was automatically generated by workflow using github-action-benchmark. |
9561bf9
to
dea4b5d
Compare
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
left a couple comments regarding rounding for the _updateLiquidity
checks
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
LGTM
50a7dde
to
08ff9c6
Compare
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
approved, but i think i found one nit on a named return type in natspec
f81a40c
to
3e42bb6
Compare
… into jalextowle/audit-03-2024/spearbit-34
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
reapproved for codesize
Resolved Issues
Spearbit Issue #34
Description
This PR adds two checks to the
calculateDistributeExcessIdleShareProceeds
function. First, a check was added that verifies that the ending LP share price is within 1 basis point (1e14
) of the starting LP share price. If the check fails, idle won't be distributed. Secondly, a check was added that each step of Newton's method is monotonically improving the calculations error. If a step begins to diverge, we break out of the loop to avoid pathological cases caused by rounding issues.Enforcing additional checks in
_distributeExcessIdleSafe
can hurt the system's liveness, so in addition to enforcing the checks, a_maxIterations
parameter was added to_distributeExcessIdleSafe
that configures the amount of iterations thatcalculateDistributeExcessIdleShareProceeds
will use in Newton's method. This argument was also added tocheckpoint
so that checkpointers can specify the iterations used by_distributeExcessIdleSafe
.checkpoint
was updated to always distribute excess idle, which will allow LPs or other stakeholders to distribute excess idle with more iterations in the event that idle becomes stuck.Review Checklists
Please check each item before approving the pull request. While going
through the checklist, it is recommended to leave comments on items that are
referenced in the checklist to make sure that they are reviewed. If there are
multiple reviewers, copy the checklists into sections titled
## [Reviewer Name]
.If the PR doesn't touch Solidity and/or Rust, the corresponding checklist can
be removed.
@jrhea
Solidity
approve
calls useforceApprove
?transfer
calls usesafeTransfer
?transferFrom
calls usemsg.sender
as thefrom
address?token spend?
call
,delegatecall
,staticcall
,transfer
,send
)success
boolean checked to handle failed calls?delegatecall
, are there strict access controls on theaddresses that can be called? It shouldn't be possible to
delegatecall
arbitrary addresses, so the list of possible targets should either be
immutable or tightly controlled by an admin.
nonReentrant
?not a concern or how it's mitigated?
memory variables?
issues?
payable
functions restricted to avoid stuck ether?catch underflows?
Safe
functions are altered, are potential underflows andoverflows caught so that a failure flag can be thrown?
covering the full input space?
Rust
covering the full input space?
ensure that Rust matches Solidity?
@mcclurejt
Solidity
approve
calls useforceApprove
?transfer
calls usesafeTransfer
?transferFrom
calls usemsg.sender
as thefrom
address?token spend?
call
,delegatecall
,staticcall
,transfer
,send
)success
boolean checked to handle failed calls?delegatecall
, are there strict access controls on theaddresses that can be called? It shouldn't be possible to
delegatecall
arbitrary addresses, so the list of possible targets should either be
immutable or tightly controlled by an admin.
nonReentrant
?not a concern or how it's mitigated?
memory variables?
issues?
payable
functions restricted to avoid stuck ether?catch underflows?
Safe
functions are altered, are potential underflows andoverflows caught so that a failure flag can be thrown?
covering the full input space?
Rust
covering the full input space?
ensure that Rust matches Solidity?