Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom

[Fix] Add maximum for intent price deviation #468

Merged
merged 6 commits into from
Oct 11, 2024
Merged

[Fix] Add maximum for intent price deviation #468

merged 6 commits into from
Oct 11, 2024

Conversation

kbrizzle
Copy link
Collaborator

@kbrizzle kbrizzle commented Oct 10, 2024
edited
Loading

Adds a new market parameter: maxPriceDeviation which caps the geometric distance that the quoted intent price can be from the underlying oracle price.

Suggested change from: sherlock-audit/2024-08-perennial-v2-update-3-judging#42.

@arjun-io arjun-io mentioned this pull request Oct 10, 2024
Open
arjun-io
arjun-io reviewed Oct 10, 2024
View reviewed changes
packages/perennial/contracts/types/Guarantee.sol
/// @param price The oracle price to compare
/// @return The price deviation of the guarantee from the oracle price
function priceDeviation(Guarantee memory self, Fixed6 price) internal pure returns (UFixed6) {
if (takerTotal(self).isZero()) return UFixed6Lib.ZERO;
Copy link
Collaborator

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

Should we use taker(self) here to correspond with the below div?

Copy link
Collaborator Author

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

takerTotal is more correct for measuring whether the guarantee is empty, since you can have an aggregated guarantee net to zero, but we need to use taker in the math below for the sign.

packages/perennial/contracts/types/Guarantee.sol Outdated
if (takerTotal(self).isZero()) return UFixed6Lib.ZERO;

Fixed6 guarenteePrice = self.notional.div(taker(self));
return guarenteePrice.sub(price).div(guarenteePrice.min(price)).abs();
Copy link
Collaborator

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

Is it safe to assume that price and guaranteePrice will not be 0 here?

Copy link
Collaborator Author

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

It should not be possible for price to be zero due to the latest oracle override.

The guaranteePrice could be zero, but this would correctly revert due to being infinitely out of range.

Any reverts here would only block a fresh update, it wouldn't brick the settlement flywheel.

Copy link
Contributor

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

Might be worth adding a comment stating that, to avoid audit reports on the same.

EdNoepel
EdNoepel reviewed Oct 11, 2024
View reviewed changes
Copy link
Contributor

@EdNoepel EdNoepel left a comment

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

Some comments inline.

packages/perennial/contracts/types/Guarantee.sol Outdated
if (takerTotal(self).isZero()) return UFixed6Lib.ZERO;

Fixed6 guarenteePrice = self.notional.div(taker(self));
return guarenteePrice.sub(price).div(guarenteePrice.min(price)).abs();
Copy link
Contributor

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

Might be worth adding a comment stating that, to avoid audit reports on the same.

packages/perennial/contracts/types/MarketParameter.sol Outdated
@@ -49,7 +52,8 @@ using MarketParameterStorageLib for MarketParameterStorage global;
/// uint24 riskFee; // <= 1677%
/// uint16 maxPendingGlobal; // <= 65k
/// uint16 maxPendingLocal; // <= 65k
/// uint48 __unallocated__; // <= 281m
/// uint24 maxPriceDeviation; // <= 16.77x
Copy link
Contributor

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

nit: // <= 1677% seems more consistent and appropriate here

packages/perennial/contracts/types/Guarantee.sol Outdated
function priceDeviation(Guarantee memory self, Fixed6 price) internal pure returns (UFixed6) {
if (takerTotal(self).isZero()) return UFixed6Lib.ZERO;

Fixed6 guarenteePrice = self.notional.div(taker(self));
Copy link
Contributor

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

nit: spelling guaranteePrice

@github-actions GitHub Actions
Copy link

[Periphery] Unit Test Coverage Report

Coverage after merging britz-add-price-override-bound into v2.3-fix-review will be
67.12%
Coverage Report
FileStmtsBranchesFuncsLinesUncovered Lines
packages/perennial-account/contracts
   Account.sol27.78%100%22.22%29.63%103, 108–109, 58, 64, 67–68, 71, 76–78, 81, 83–84, 89, 94–97
   AccountVerifier.sol100%100%100%100%
   Controller.sol81%100%100%75.95%103–105, 112–113, 204, 216, 227, 229–231, 235–237, 240, 250–252, 259
   Controller_Arbitrum.sol0%100%0%0%29, 41
   Controller_Incentivized.sol0%100%0%0%111, 128–129, 146, 154, 156–157, 164, 183, 186, 205, 208, 227, 230, 249, 252, 271, 274, 286–287, 290, 293, 302–303, 305, 307, 309, 56, 72–77, 94
packages/perennial-account/contracts/libs
   RebalanceLib.sol0%100%0%0%26, 29–30, 32–33, 36, 39, 43
packages/perennial-account/contracts/test
   RebalanceConfigTester.sol100%100%100%100%
packages/perennial-account/contracts/types
   Action.sol100%100%100%100%
   DeployAccount.sol100%100%100%100%
   MarketTransfer.sol100%100%100%100%
   RebalanceConfig.sol100%100%100%100%
   RebalanceConfigChange.sol100%100%100%100%
   RelayedAccessUpdateBatch.sol100%100%100%100%
   RelayedGroupCancellation.sol100%100%100%100%
   RelayedNonceCancellation.sol100%100%100%100%
   RelayedOperatorUpdate.sol100%100%100%100%
   RelayedSignerUpdate.sol100%100%100%100%
   Withdrawal.sol100%100%100%100%
packages/perennial-extensions/contracts
   Coordinator.sol100%100%100%100%
   MultiInvoker.sol90%100%92.86%89.34%172, 174, 194, 197, 265, 369, 384, 402, 404, 406, 408, 91–92
   MultiInvoker_Arbitrum.sol0%100%0%0%37, 45
   MultiInvoker_Optimism.sol0%100%0%0%37, 45
packages/perennial-extensions/contracts/types
   TriggerOrder.sol96.43%100%100%95.83%53
packages/perennial-oracle/contracts
   Oracle.sol100%100%100%100%
   OracleFactory.sol93.55%100%88.89%95.45%62
packages/perennial-oracle/contracts/chainlink
   ChainlinkFactory.sol100%100%100%100%
packages/perennial-oracle/contracts/keeper
   KeeperFactory.sol87.36%100%78.57%89.04%164–165, 167–168, 211, 238, 82–83
   KeeperOracle.sol71.05%100%70.59%71.19%107, 152, 161, 163–165, 167, 169–173, 176–177, 217, 70, 84
   KeeperOracle_Migration.sol0%100%0%0%24–25
packages/perennial-oracle/contracts/keeper/libs
   DedupLib.sol100%100%100%100%
packages/perennial-oracle/contracts/keeper/types
   KeeperOracleParameter.sol100%100%100%100%
   PriceResponse.sol100%100%100%100%
packages/perennial-oracle/contracts/metaquants
   MetaQuantsFactory.sol0%100%0%0%19, 30–31, 33–36, 38, 40, 42, 44–45, 54
packages/perennial-oracle/contracts/payoff
   Inverse.sol100%100%100%100%
   PowerHalf.sol100%100%100%100%
   PowerTwo.sol100%100%100%100%
packages/perennial-oracle/contracts/pyth
   PythFactory.sol100%100%100%100%
packages/perennial-oracle/contracts/types
   OracleParameter.sol100%100%100%100%
packages/perennial-order/contracts
   Manager.sol81.71%100%83.33%81.25%167–168, 170, 208, 212, 214, 216, 237–239, 254–255
   Manager_Arbitrum.sol100%100%100%100%
   OrderVerifier.sol100%100%100%100%
packages/perennial-order/contracts/test
   TriggerOrderTester.sol100%100%100%100%
packages/perennial-order/contracts/types
   Action.sol100%100%100%100%
   CancelOrderAction.sol100%100%100%100%
   InterfaceFee.sol100%100%100%100%
   PlaceOrderAction.sol100%100%100%100%
   TriggerOrder.sol100%100%100%100%
packages/perennial-vault/contracts
   Vault.sol0%100%0%0%104–105, 113–114, 123, 125, 132, 134, 140, 142–143, 146, 152–153, 155, 157–158, 165–167, 175–179, 186, 188, 190, 196, 198, 200–203, 206, 212–213, 219–220, 226–227, 229–230, 237–238, 240–242, 256–257, 259–262, 268–269, 271–273, 291–292, 295–305, 308, 311–313, 316–318, 320, 327, 337–338, 345, 348, 352–353, 359–360, 363, 366, 370, 383, 385, 393–398, 408, 414, 431, 445, 447–450, 452, 454–455, 458–460, 464–466, 469–471, 478–480, 487, 500–501, 504, 60, 62–65, 71, 78, 85, 92, 98
   VaultFactory.sol0%100%0%0%30–31, 36, 50, 54–56, 58, 65–66
packages/perennial-vault/contracts/libs
   StrategyLib.sol0%100%0%0%119–120, 122–123, 125–129, 135, 138–139, 153, 156, 160, 162, 165, 167, 179–183, 185–186, 188–189, 191, 197, 199, 202–205, 208, 93–98
packages/perennial-vault/contracts/types
   Account.sol100%100%100%100%
   Checkpoint.sol100%100%100%100%
   Registration.sol100%100%100%100%
   VaultParameter.sol100%100%100%100%
packages/perennial-verifier/contracts
   Verifier.sol100%100%100%100%
packages/perennial-verifier/contracts/types
   AccessUpdate.sol100%100%100%100%
   AccessUpdateBatch.sol100%100%100%100%
   Intent.sol100%100%100%100%
   OperatorUpdate.sol100%100%100%100%
   SignerUpdate.sol100%100%100%100%

@github-actions GitHub Actions
Copy link

[Core] Integration Test Coverage Report

Coverage after merging britz-add-price-override-bound into v2.3-fix-review will be
96.54%
Coverage Report
FileStmtsBranchesFuncsLinesUncovered Lines
packages/perennial/contracts
   Market.sol97.21%92%97.78%99.53%111, 111–112, 117, 131, 172, 224, 695, 867
   MarketFactory.sol93.48%87.50%94.74%97.56%109, 117, 143, 172, 85
packages/perennial/contracts/interfaces
   IMarket.sol100%100%100%100%
   IMarketFactory.sol100%100%100%100%
   IOracleProvider.sol100%100%100%100%
   IOracleProviderFactory.sol100%100%100%100%
packages/perennial/contracts/libs
   CheckpointLib.sol100%100%100%100%
   InvariantLib.sol60.66%47.50%100%85%102, 113, 119–120, 39–40, 42–43, 43, 43, 43, 52, 56, 56, 64, 69–70, 70, 76–77, 81, 87–88, 88
   MagicValueLib.sol63.16%50%100%62.50%61–64, 64, 64–65
   VersionLib.sol98.76%95.83%100%99.18%441–442
packages/perennial/contracts/types
   Checkpoint.sol74.07%50%100%100%55–61
   Global.sol79.69%53.57%100%100%140–152
   Guarantee.sol89.55%65%100%100%195–197, 220–223
   Local.sol82.14%50%100%100%91–95
   MarketParameter.sol76.67%50%100%87.50%100–102, 86–87, 89–90
   OracleReceipt.sol100%100%100%100%
   OracleVersion.sol100%100%100%100%
   Order.sol85.12%63.79%96.77%96.20%100, 104, 104, 110–111, 163, 183, 183, 241, 397–402, 473–475, 501–506
   Position.sol77.19%57.69%87.10%80.70%111, 148, 203, 216, 300, 334–336, 350–352, 355, 355, 355, 355, 355–356, 358–360, 419, 441
   ProtocolParameter.sol73.53%50%100%100%71–73, 79–84
   RiskParameter.sol69.33%47.62%100%96.67%133, 139, 141, 147, 149–150, 152–153, 155, 157, 159, 167, 167, 167–168, 178–185
   Version.sol70.27%50%100%100%103–124

EdNoepel
EdNoepel approved these changes Oct 11, 2024
View reviewed changes
Copy link
Contributor

@EdNoepel EdNoepel left a comment

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

👨‍🍳👌

@kbrizzle kbrizzle merged commit 0f824de into v2.3-fix-review Oct 11, 2024
16 checks passed
@kbrizzle kbrizzle deleted the britz-add-price-override-bound branch October 11, 2024 19:25
@github-actions GitHub Actions
Copy link

[Periphery] Integration Test Coverage Report

Coverage after merging britz-add-price-override-bound into v2.3-fix-review will be
93.65%
Coverage Report
FileStmtsBranchesFuncsLinesUncovered Lines
packages/perennial-account/contracts
   Account.sol100%100%100%100%
   AccountVerifier.sol91.67%100%91.67%91.67%38
   Controller.sol92%100%90.48%92.41%147, 155, 271, 274, 289, 306
   Controller_Arbitrum.sol100%100%100%100%
   Controller_Incentivized.sol100%100%100%100%
packages/perennial-account/contracts/libs
   RebalanceLib.sol100%100%100%100%
packages/perennial-account/contracts/test
   RebalanceConfigTester.sol0%100%0%0%10, 14
packages/perennial-account/contracts/types
   Action.sol100%100%100%100%
   DeployAccount.sol100%100%100%100%
   MarketTransfer.sol100%100%100%100%
   RebalanceConfig.sol20%100%33.33%14.29%34–35, 43–44, 46, 50
   RebalanceConfigChange.sol85.71%100%100%83.33%43
   RelayedAccessUpdateBatch.sol100%100%100%100%
   RelayedGroupCancellation.sol100%100%100%100%
   RelayedNonceCancellation.sol100%100%100%100%
   RelayedOperatorUpdate.sol100%100%100%100%
   RelayedSignerUpdate.sol100%100%100%100%
   Withdrawal.sol100%100%100%100%
packages/perennial-extensions/contracts
   Coordinator.sol0%100%0%0%18, 24–25, 31–32, 38–40, 47–48
   MultiInvoker.sol100%100%100%100%
   MultiInvoker_Arbitrum.sol0%100%0%0%37, 45
   MultiInvoker_Optimism.sol0%100%0%0%37, 45
packages/perennial-extensions/contracts/types
   TriggerOrder.sol96.43%100%100%95.83%53
packages/perennial-oracle/contracts
   Oracle.sol67.12%100%68.42%66.67%108–109, 118, 145, 168–169, 171, 173–174, 185, 187, 192–193, 57–58, 65, 91, 96
   OracleFactory.sol93.55%100%88.89%95.45%70
packages/perennial-oracle/contracts/chainlink
   ChainlinkFactory.sol100%100%100%100%
packages/perennial-oracle/contracts/keeper
   KeeperFactory.sol95.40%100%85.71%97.26%211, 76
   KeeperOracle.sol96.05%100%94.12%96.61%152, 84
   KeeperOracle_Migration.sol0%100%0%0%24–25
packages/perennial-oracle/contracts/keeper/libs
   DedupLib.sol100%100%100%100%
packages/perennial-oracle/contracts/keeper/types
   KeeperOracleParameter.sol93.75%100%100%92.31%57
   PriceResponse.sol100%100%100%100%
packages/perennial-oracle/contracts/metaquants
   MetaQuantsFactory.sol100%100%100%100%
packages/perennial-oracle/contracts/payoff
   Inverse.sol0%100%0%0%9
   PowerHalf.sol0%100%0%0%11
   PowerTwo.sol100%100%100%100%
packages/perennial-oracle/contracts/pyth
   PythFactory.sol100%100%100%100%
packages/perennial-oracle/contracts/types
   OracleParameter.sol100%100%100%100%
packages/perennial-order/contracts
   Manager.sol100%100%100%100%
   Manager_Arbitrum.sol100%100%100%100%
   OrderVerifier.sol100%100%100%100%
packages/perennial-order/contracts/test
   TriggerOrderTester.sol0%100%0%0%17, 21, 25, 29
packages/perennial-order/contracts/types
   Action.sol100%100%100%100%
   CancelOrderAction.sol100%100%100%100%
   InterfaceFee.sol100%100%100%100%
   PlaceOrderAction.sol100%100%100%100%
   TriggerOrder.sol95.56%100%100%94.29%120, 47
packages/perennial-vault/contracts
   Vault.sol100%100%100%100%
   VaultFactory.sol100%100%100%100%
packages/perennial-vault/contracts/libs
   StrategyLib.sol100%100%100%100%
packages/perennial-vault/contracts/types
   Account.sol100%100%100%100%
   Checkpoint.sol100%100%100%100%
   Registration.sol100%100%100%100%
   VaultParameter.sol100%100%100%100%

@github-actions GitHub Actions
Copy link

[Periphery] Combined Test Coverage Report

Coverage after merging britz-add-price-override-bound into v2.3-fix-review will be
99.04%
Coverage Report
FileStmtsBranchesFuncsLinesUncovered Lines
packages/perennial-account/contracts
   Account.sol100%100%100%100%
   AccountVerifier.sol100%100%100%100%
   Controller.sol100%100%100%100%
   Controller_Arbitrum.sol100%100%100%100%
   Controller_Incentivized.sol100%100%100%100%
packages/perennial-account/contracts/libs
   RebalanceLib.sol100%100%100%100%
packages/perennial-account/contracts/test
   RebalanceConfigTester.sol100%100%100%100%
packages/perennial-account/contracts/types
   Action.sol100%100%100%100%
   DeployAccount.sol100%100%100%100%
   MarketTransfer.sol100%100%100%100%
   RebalanceConfig.sol100%100%100%100%
   RebalanceConfigChange.sol100%100%100%100%
   RelayedAccessUpdateBatch.sol100%100%100%100%
   RelayedGroupCancellation.sol100%100%100%100%
   RelayedNonceCancellation.sol100%100%100%100%
   RelayedOperatorUpdate.sol100%100%100%100%
   RelayedSignerUpdate.sol100%100%100%100%
   Withdrawal.sol100%100%100%100%
packages/perennial-extensions/contracts
   Coordinator.sol100%100%100%100%
   MultiInvoker.sol100%100%100%100%
   MultiInvoker_Arbitrum.sol0%100%0%0%37, 45
   MultiInvoker_Optimism.sol0%100%0%0%37, 45
packages/perennial-extensions/contracts/types
   TriggerOrder.sol96.43%100%100%95.83%53
packages/perennial-oracle/contracts
   Oracle.sol100%100%100%100%
   OracleFactory.sol100%100%100%100%
packages/perennial-oracle/contracts/chainlink
   ChainlinkFactory.sol100%100%100%100%
packages/perennial-oracle/contracts/keeper
   KeeperFactory.sol97.70%100%92.86%98.63%211
   KeeperOracle.sol96.05%100%94.12%96.61%152, 84
   KeeperOracle_Migration.sol0%100%0%0%24–25
packages/perennial-oracle/contracts/keeper/libs
   DedupLib.sol100%100%100%100%
packages/perennial-oracle/contracts/keeper/types
   KeeperOracleParameter.sol100%100%100%100%
   PriceResponse.sol100%100%100%100%
packages/perennial-oracle/contracts/metaquants
   MetaQuantsFactory.sol100%100%100%100%
packages/perennial-oracle/contracts/payoff
   Inverse.sol100%100%100%100%
   PowerHalf.sol100%100%100%100%
   PowerTwo.sol100%100%100%100%
packages/perennial-oracle/contracts/pyth
   PythFactory.sol100%100%100%100%
packages/perennial-oracle/contracts/types
   OracleParameter.sol100%100%100%100%
packages/perennial-order/contracts
   Manager.sol100%100%100%100%
   Manager_Arbitrum.sol100%100%100%100%
   OrderVerifier.sol100%100%100%100%
packages/perennial-order/contracts/test
   TriggerOrderTester.sol100%100%100%100%
packages/perennial-order/contracts/types
   Action.sol100%100%100%100%
   CancelOrderAction.sol100%100%100%100%
   InterfaceFee.sol100%100%100%100%
   PlaceOrderAction.sol100%100%100%100%
   TriggerOrder.sol100%100%100%100%
packages/perennial-vault/contracts
   Vault.sol100%100%100%100%
   VaultFactory.sol100%100%100%100%
packages/perennial-vault/contracts/libs
   StrategyLib.sol100%100%100%100%
packages/perennial-vault/contracts/types
   Account.sol100%100%100%100%
   Checkpoint.sol100%100%100%100%
   Registration.sol100%100%100%100%
   VaultParameter.sol100%100%100%100%
packages/perennial-verifier/contracts
   Verifier.sol100%100%100%100%
packages/perennial-verifier/contracts/types
   AccessUpdate.sol100%100%100%100%
   AccessUpdateBatch.sol100%100%100%100%
   Intent.sol100%100%100%100%
   OperatorUpdate.sol100%100%100%100%
   SignerUpdate.sol100%100%100%100%

@github-actions GitHub Actions
Copy link

[Core] Unit Test Coverage Report

Coverage after merging britz-add-price-override-bound into v2.3-fix-review will be
98.80%
Coverage Report
FileStmtsBranchesFuncsLinesUncovered Lines
packages/perennial/contracts
   Market.sol98.88%98%97.78%99.53%111–112, 131
   MarketFactory.sol100%100%100%100%
packages/perennial/contracts/interfaces
   IMarket.sol100%100%100%100%
   IMarketFactory.sol100%100%100%100%
   IOracleProvider.sol100%100%100%100%
   IOracleProviderFactory.sol100%100%100%100%
packages/perennial/contracts/libs
   CheckpointLib.sol100%100%100%100%
   InvariantLib.sol100%100%100%100%
   MagicValueLib.sol100%100%100%100%
   VersionLib.sol100%100%100%100%
packages/perennial/contracts/types
   Checkpoint.sol100%100%100%100%
   Global.sol96.88%92.86%100%100%146, 148
   Guarantee.sol100%100%100%100%
   Local.sol100%100%100%100%
   MarketParameter.sol100%100%100%100%
   OracleReceipt.sol100%100%100%100%
   OracleVersion.sol100%100%100%100%
   Order.sol98.21%94.83%100%100%100, 104, 400
   Position.sol88.60%84.62%96.77%85.96%350–352, 355, 355, 355, 355, 355–356, 358–360
   ProtocolParameter.sol100%100%100%100%
   RiskParameter.sol96%92.86%100%100%178, 181, 185
   Version.sol100%100%100%100%

@github-actions GitHub Actions
Copy link

[Core] Combined Test Coverage Report

Coverage after merging britz-add-price-override-bound into v2.3-fix-review will be
98.80%
Coverage Report
FileStmtsBranchesFuncsLinesUncovered Lines
packages/perennial/contracts
   Market.sol99.22%100%97.62%99.53%112
   MarketFactory.sol100%100%100%100%
packages/perennial/contracts/libs
   CheckpointLib.sol100%100%100%100%
   InvariantLib.sol100%100%100%100%
   MagicValueLib.sol100%100%100%100%
   VersionLib.sol100%100%100%100%
packages/perennial/contracts/types
   Checkpoint.sol100%100%100%100%
   Global.sol100%100%100%100%
   Guarantee.sol100%100%100%100%
   Local.sol100%100%100%100%
   MarketParameter.sol100%100%100%100%
   Order.sol100%100%100%100%
   Position.sol89.02%100%96%85.96%350–352, 355–356, 358–360
   ProtocolParameter.sol100%100%100%100%
   RiskParameter.sol100%100%100%100%
   Version.sol100%100%100%100%

Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Reviewers

@arjun-io arjun-io arjun-io approved these changes

@EdNoepel EdNoepel EdNoepel approved these changes

Assignees
No one assigned
Labels
None yet
Projects
None yet
Milestone
No milestone
Development

Successfully merging this pull request may close these issues.
3 participants
@kbrizzle @arjun-io @EdNoepel