Omniscia SaucerSwap Audit

Tick Manual Review Findings

Tick Manual Review Findings

TKC-01M: Incorrect Code Adaptation

Description:

The referenced code invoked a special LiquidityMath::addDelta function in the original implementation of the codebase.

The new iteration is not identical to the original; namely, it does not ensure that the subtracted value is non-zero (i.e. uint128(-liquidityDelta)) and can also lead to underflows if liquidityDelta is equal to type(int128).min.

Impact:

A liquidityGrossAfter that is equal to liquidityGrossBefore can cause significant misbehaviours in the exchange system's accounting if taken advantage of.

Example:

contracts/libraries/Tick.sol
129uint128 liquidityGrossAfter = liquidityDelta < 0
130 ? liquidityGrossBefore - uint128(-liquidityDelta)
131 : liquidityGrossBefore + uint128(liquidityDelta);

Recommendation:

We advise the code to imitate the original implementation, performing the liquidityDelta negation in an unchecked code block and evaluating that the subtraction will yield a value less than the liquidityGrossBefore value.

Alleviation (3248d1d2fdfa6e1e270ff27db8eefb13dcb55c40):

The SaucerSwap team informed us that they specifically forked a specialized branch of the Uniswap V3 core repository and we validated that there were no changes performed in relation to the original.

As such, this exhibit is considered nullified.