Skip to content

PerpV2LeverageModule ABDK audit fixes #190

New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom
Merged
merged 22 commits into from
Jan 25, 2022
Merged

PerpV2LeverageModule ABDK audit fixes #190

merged 22 commits into from
Jan 25, 2022

Conversation

@0xSachinK
Copy link
Contributor

@0xSachinK 0xSachinK commented Jan 24, 2022
edited
Loading

@0xSachinK 0xSachinK force-pushed the sachin/plm-abdk-audit-fixes branch from a99a543 to 2d82cf9 Compare January 24, 2022 08:04
@0xSachinK 0xSachinK force-pushed the sachin/plm-abdk-audit-fixes branch from 6c8d9c3 to 4ca9d2b Compare January 24, 2022 10:51
@0xSachinK 0xSachinK requested a review from cgewecke January 24, 2022 14:45
bweick
bweick reviewed Jan 24, 2022
View reviewed changes
cgewecke
cgewecke reviewed Jan 24, 2022
View reviewed changes
Copy link
Contributor

@cgewecke cgewecke left a comment

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

Questions about skipped items from the ABDK audit:

Item 18, L757
In two places we're using .mul(-1) to flip the sign. ABDK says it's more optimal to use a safe negation function.

At Perp, negation is handled using a set of methods that look like this:

function neg256(int256 a) internal pure returns (int256) {
        require(a > -2**255, "PerpMath: inversion overflow");
        return -a;
    }

    function neg256(uint256 a) internal pure returns (int256) {
        return -PerpSafeCast.toInt256(a);
    }

    function neg128(int128 a) internal pure returns (int128) {
        require(a > -2**127, "PerpMath: inversion overflow");
        return -a;
    }

    function neg128(uint128 a) internal pure returns (int128) {
        return -PerpSafeCast.toInt128(a);
    }

Question: We are using SafeMath for mul so there shouldn't be any overflow issues but what would the efficiency gain proposed in this recommendation look like in our case and what is our reason for skipping? (Fine w/ skipping fwiw - this flip is simple).

Item 11: try/catch blocks

ABDK says:

Consider ignoring only a certain class of errors or implementing some way to detect which modules do implement the “IDebtIssuanceModule” interface.

Their suggestion might not be viable but could we add a clearer comment about what's happening here, e.g why it's wrapped like this, etc?

set-protocol-v2/contracts/protocol/modules/PerpV2LeverageModule.sol

Lines 249 to 254 in 4892ef8

// Try if register exists on any of the modules including the debt issuance module
address[] memory modules = _setToken.getModules();
for(uint256 i = 0; i < modules.length; i++) {
try IDebtIssuanceModule(modules[i]).registerToIssuanceModule(_setToken) {} catch {}
}
}

bweick
bweick reviewed Jan 24, 2022
View reviewed changes
@0xSachinK
Copy link
Contributor Author

0xSachinK commented Jan 25, 2022
edited
Loading

Questions about skipped items from the ABDK audit:
Item 18, L757
Question: We are using SafeMath for mul so there shouldn't be any overflow issues but what would the efficiency gain proposed in this recommendation look like in our case and what is our reason for skipping? (Fine w/ skipping fwiw - this flip is simple).

Item 11: try/catch blocks
Their suggestion might not be viable but could we add a clearer comment about what's happening here, e.g why it's wrapped like this, etc?

set-protocol-v2/contracts/protocol/modules/PerpV2LeverageModule.sol

Lines 249 to 254 in 4892ef8

// Try if register exists on any of the modules including the debt issuance module
address[] memory modules = _setToken.getModules();
for(uint256 i = 0; i < modules.length; i++) {
try IDebtIssuanceModule(modules[i]).registerToIssuanceModule(_setToken) {} catch {}
}
}

@cgewecke neg() uses 499 gas and mul() uses 624 gas.
More gas used in mul(int256 a, int256 b) can be attributed to a bunch of checks for both a, b and c (variable used to store result).
Updated to using neg() in d8e362f.
Refactored neg() and added tests in 4d7f6e2

And added comments for the try-catch block in 0e704f03

@0xSachinK 0xSachinK merged commit 0e73d21 into master Jan 25, 2022
@0xSachinK 0xSachinK deleted the sachin/plm-abdk-audit-fixes branch January 25, 2022 19:29
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment

Reviewers

2 more reviewers

@cgewecke cgewecke cgewecke left review comments

@bweick bweick bweick approved these changes

Reviewers whose approvals may not affect merge requirements

Assignees

No one assigned

Labels

None yet

Projects

None yet

Milestone

No milestone

Development

Successfully merging this pull request may close these issues.

4 participants

@0xSachinK @cgewecke @bweick