Omniscia Mantissa Finance Audit

PoolHelper Code Style Findings

PoolHelper Code Style Findings

PHR-01C: Deprecated Representation of Maximum

TypeSeverityLocation
Code StylePoolHelper.sol:L90

Description:

The referenced statement represents the maximum value of a uint256 value as 2 ** 256 - 1, a calculation theoretically impossible to execute without overflowing in Solidity.

Example:

contracts/PoolHelper.sol
90if (result >> (uint(256) - uint(shift)) > 0) return (2 ** 256 - 1);

Recommendation:

We advise the code to utilize the type syntax and specifically type(uint256).max, greatly increasing the code's legibility as well as standardization.

Alleviation (418ee413ad8e26f7eea383764c19953ff31b2bf3):

The Mantissa Finance evaluated this exhibit and given that it has no security implications opted not to apply it to avoid updating the on-chain contracts and / or introducing significant complexity to existing deployments. As such, we consider this exhibit acknowledged.

PHR-02C: Documentation Discrepancy

TypeSeverityLocation
Code StylePoolHelper.sol:L107

Description:

The in-line documentation of PoolHelper::getSlippage describes the same formula as the Mantissa documentation albeit with different signs.

Example:

contracts/PoolHelper.sol
105/// @notice Calculates the slippage value Si for a token i
106/// @dev if lr <= k, slippage = a*e^(-n*lr)
107/// @dev if 2k > lr > k, slippage = a*(e^(n(lr - 2k)) - 2(e^(-n*k) - e^(-n*lr)))
108/// @param lr liquidity ratio of the token
109/// @param slippageA slippage parameter A
110/// @param slippageN slippage parameter N
111/// @param slippageK slippage parameter K
112/// @return Slippage value in 18 decimals
113function getSlippage(uint256 lr, uint256 slippageA, uint256 slippageN, uint256 slippageK) external pure override returns (uint256) {
114    if (lr <= slippageK) {
115        return slippageA * negativeExponential(slippageN * lr) / 10;
116    } else if (lr < 2 * slippageK) {
117        return
118            (slippageA *
119                (negativeExponential(slippageN * (2 * slippageK - lr)) -
120                    2 *
121                    (negativeExponential(slippageN * slippageK) - negativeExponential(slippageN * lr)))) / 10;
122    } else {    // extra case only to handle unsigned int when 2k < lr. Mathematically same

Recommendation:

Given that the in-line documentation does not match the documentation of the Mantissa project nor does it match the actual implementation of the code (which performs further sign adjustments via the PoolHelper::negativeExponential implementation), we advise the in-line documentation to be identical to either the code implementation or the formal documentation implementation, either of which we consider an adequate alleviation of this exhibit.

Alleviation (418ee413ad8e26f7eea383764c19953ff31b2bf3):

The Mantissa Finance evaluated this exhibit and given that it has no security implications opted not to apply it to avoid updating the on-chain contracts and / or introducing significant complexity to existing deployments. As such, we consider this exhibit acknowledged.

PHR-03C: Repetitive Value Literal

TypeSeverityLocation
Code StylePoolHelper.sol:L115, L121, L127

Description:

The linked value literal is repeated across the codebase multiple times.

Example:

contracts/PoolHelper.sol
115return slippageA * negativeExponential(slippageN * lr) / 10;

Recommendation:

We advise it to be set to a constant variable instead optimizing the legibility of the codebase.

Alleviation (418ee413ad8e26f7eea383764c19953ff31b2bf3):

The Mantissa Finance evaluated this exhibit and given that it has no security implications opted not to apply it to avoid updating the on-chain contracts and / or introducing significant complexity to existing deployments. As such, we consider this exhibit acknowledged.

Prev

Pool.sol (PLO-C)

Next

PoolVolatile.sol (PVE-C)

On this page