fuzz rounding error

Author: godzillaba

.gitignore

@@ -1,3 +1,4 @@
+.devcontainer
 .gitignore
 .env
 node_modules
@@ -26,4 +27,4 @@ gambit_out/
 test-mutation/mutant_test_env/
 
 # bridged usdc deployment script
-registerUsdcGatewayTx.json
+registerUsdcGatewayTx.json

contracts/tokenbridge/test/FuzzSubVault.sol

@@ -20,6 +20,12 @@ contract FuzzSubVault is ERC20 {
     uint256 public maxDepositLimit = type(uint256).max;
     uint256 public maxRedeemLimit = type(uint256).max;
 
+    uint256 public depositErrorWad;
+    uint256 public withdrawErrorWad;
+    uint256 public redeemErrorWad;
+    uint256 public previewMintErrorWad;
+    uint256 public previewRedeemErrorWad;
+
     constructor(IERC20 asset_, string memory _name, string memory _symbol) ERC20(_name, _symbol) {
         _asset = asset_;
     }
@@ -34,14 +40,14 @@ contract FuzzSubVault is ERC20 {
 
     function deposit(uint256 assets, address receiver) external returns (uint256 shares) {
         require(assets <= maxDepositLimit, "FuzzSubVault: deposit exceeds max");
-        shares = _convertToShares(assets, Math.Rounding.Down);
+        shares = _penalizeDown(_convertToShares(assets, Math.Rounding.Down), depositErrorWad);
         _asset.safeTransferFrom(msg.sender, address(this), assets);
         _mint(receiver, shares);
     }
 
     function withdraw(uint256 assets, address receiver, address owner) external returns (uint256 shares) {
         require(assets <= maxWithdrawLimit, "FuzzSubVault: withdraw exceeds max");
-        shares = _convertToShares(assets, Math.Rounding.Up);
+        shares = _penalizeUp(_convertToShares(assets, Math.Rounding.Up), withdrawErrorWad);
         _burn(owner, shares);
         _asset.safeTransfer(receiver, assets);
     }
@@ -59,7 +65,7 @@ contract FuzzSubVault is ERC20 {
     }
 
     function redeem(uint256 shares, address receiver, address owner) external returns (uint256 assets) {
-        assets = _convertToAssets(shares, Math.Rounding.Down);
+        assets = _penalizeDown(_convertToAssets(shares, Math.Rounding.Down), redeemErrorWad);
         require(shares <= maxRedeemLimit, "FuzzSubVault: redeem exceeds max");
         _burn(owner, shares);
         _asset.safeTransfer(receiver, assets);
@@ -70,11 +76,11 @@ contract FuzzSubVault is ERC20 {
     }
 
     function previewMint(uint256 shares) public view returns (uint256) {
-        return _convertToAssets(shares, Math.Rounding.Up);
+        return _penalizeUp(_convertToAssets(shares, Math.Rounding.Up), previewMintErrorWad);
     }
 
     function previewRedeem(uint256 shares) public view returns (uint256) {
-        return _convertToAssets(shares, Math.Rounding.Down);
+        return _penalizeDown(_convertToAssets(shares, Math.Rounding.Down), previewRedeemErrorWad);
     }
 
     // --- Test helpers ---
@@ -99,8 +105,38 @@ contract FuzzSubVault is ERC20 {
         maxRedeemLimit = limit;
     }
 
+    function setDepositErrorWad(uint256 wad) external {
+        depositErrorWad = wad;
+    }
+
+    function setWithdrawErrorWad(uint256 wad) external {
+        withdrawErrorWad = wad;
+    }
+
+    function setRedeemErrorWad(uint256 wad) external {
+        redeemErrorWad = wad;
+    }
+
+    function setPreviewMintErrorWad(uint256 wad) external {
+        previewMintErrorWad = wad;
+    }
+
+    function setPreviewRedeemErrorWad(uint256 wad) external {
+        previewRedeemErrorWad = wad;
+    }
+
     // --- Internal math ---
 
+    function _penalizeDown(uint256 value, uint256 errWad) private pure returns (uint256) {
+        if (errWad == 0) return value;
+        return value.mulDiv(1e18 - errWad, 1e18, Math.Rounding.Down);
+    }
+
+    function _penalizeUp(uint256 value, uint256 errWad) private pure returns (uint256) {
+        if (errWad == 0) return value;
+        return value.mulDiv(1e18 + errWad, 1e18, Math.Rounding.Up);
+    }
+
     function _convertToShares(uint256 assets, Math.Rounding rounding) private view returns (uint256) {
         uint256 supply = totalSupply();
         if (supply == 0) return assets;

test-foundry/libraries/vault/invariant/MasterVaultHandler.sol

@@ -40,8 +40,11 @@ contract MasterVaultHandler is Test {
     /// @notice Count of successful calls per action (for debugging fuzzer coverage)
     mapping(bytes4 => uint256) public ghost_callCount;
 
-    /// @notice Whether subvault rate has ever been manipulated (loss/skew)
-    bool public ghost_subVaultManipulated;
+    /// @notice Whether subvault has been positively manipulated (profit-like: extra assets, deflated shares)
+    bool public ghost_positiveManipulation;
+
+    /// @notice Whether subvault has been negatively manipulated (loss-like: removed assets, inflated shares, rounding errors)
+    bool public ghost_negativeManipulation;
 
     constructor(
         MasterVault _vault,
@@ -149,6 +152,7 @@ contract MasterVaultHandler is Test {
         token.mintAmount(amt);
         token.transfer(address(subVault), amt);
         ghost_profit += amt;
+        ghost_positiveManipulation = true;
         ghost_callCount[this.simulateSubVaultProfit.selector]++;
     }
 
@@ -161,15 +165,15 @@ contract MasterVaultHandler is Test {
         vm.prank(address(subVault));
         token.transfer(address(0xdead), amt);
         ghost_loss += amt;
-        ghost_subVaultManipulated = true;
+        ghost_negativeManipulation = true;
         ghost_callCount[this.simulateSubVaultLoss.selector]++;
     }
 
     /// @notice Mint shares without backing assets on FuzzSubVault (T increases, A < T)
     function inflateSubVaultShares(uint256 amt) external {
         amt = bound(amt, 1, 1e24);
         subVault.adminMint(address(vault), amt);
-        ghost_subVaultManipulated = true;
+        ghost_negativeManipulation = true;
         ghost_callCount[this.inflateSubVaultShares.selector]++;
     }
 
@@ -179,7 +183,7 @@ contract MasterVaultHandler is Test {
         if (vaultShares == 0) return;
         amt = bound(amt, 1, vaultShares);
         subVault.adminBurn(address(vault), amt);
-        ghost_subVaultManipulated = true;
+        ghost_positiveManipulation = true;
         ghost_callCount[this.deflateSubVaultShares.selector]++;
     }
 
@@ -203,4 +207,44 @@ contract MasterVaultHandler is Test {
         subVault.setMaxRedeemLimit(lim);
         ghost_callCount[this.capSubVaultMaxRedeem.selector]++;
     }
+
+    /// @notice Set deposit rounding error on the subvault (0–10% in wad)
+    function setDepositError(uint256 seed) external {
+        uint256 wad = bound(seed, 0, 1e17);
+        subVault.setDepositErrorWad(wad);
+        if (wad > 0) ghost_negativeManipulation = true;
+        ghost_callCount[this.setDepositError.selector]++;
+    }
+
+    /// @notice Set withdraw rounding error on the subvault (0–10% in wad)
+    function setWithdrawError(uint256 seed) external {
+        uint256 wad = bound(seed, 0, 1e17);
+        subVault.setWithdrawErrorWad(wad);
+        if (wad > 0) ghost_negativeManipulation = true;
+        ghost_callCount[this.setWithdrawError.selector]++;
+    }
+
+    /// @notice Set redeem rounding error on the subvault (0–10% in wad)
+    function setRedeemError(uint256 seed) external {
+        uint256 wad = bound(seed, 0, 1e17);
+        subVault.setRedeemErrorWad(wad);
+        if (wad > 0) ghost_negativeManipulation = true;
+        ghost_callCount[this.setRedeemError.selector]++;
+    }
+
+    /// @notice Set previewMint rounding error on the subvault (0–10% in wad)
+    function setPreviewMintError(uint256 seed) external {
+        uint256 wad = bound(seed, 0, 1e17);
+        subVault.setPreviewMintErrorWad(wad);
+        if (wad > 0) ghost_negativeManipulation = true;
+        ghost_callCount[this.setPreviewMintError.selector]++;
+    }
+
+    /// @notice Set previewRedeem rounding error on the subvault (0–10% in wad)
+    function setPreviewRedeemError(uint256 seed) external {
+        uint256 wad = bound(seed, 0, 1e17);
+        subVault.setPreviewRedeemErrorWad(wad);
+        if (wad > 0) ghost_negativeManipulation = true;
+        ghost_callCount[this.setPreviewRedeemError.selector]++;
+    }
 }

test-foundry/libraries/vault/invariant/MasterVaultInvariant.t.sol

@@ -82,7 +82,7 @@ contract MasterVaultInvariant is Test {
     }
 
     function invariant_canAlwaysSwitchSubVaults() public {
-        _rebalanceToZero();
+        if (_rebalanceToZero()) return;
 
         FuzzSubVault newSubVault = new FuzzSubVault(IERC20(address(token)), "FuzzSub2", "fSUB2");
         vault.setSubVaultWhitelist(address(newSubVault), true);
@@ -140,11 +140,11 @@ contract MasterVaultInvariant is Test {
     /// @dev    Under normal operation, the vault should never become insolvent.
     ///         Fee distribution rounds down, so totalAssets may be up to 2 wei below totalPrincipal.
     ///         Catches: value leakage through rounding, incorrect share pricing.
-    function invariant_solvencyWhenNoManipulation() public {
-        if (!handler.ghost_subVaultManipulated()) {
+    function invariant_solvencyWhenNoNegativeManipulation() public {
+        if (!handler.ghost_negativeManipulation()) {
             uint256 totalPrincipal = vault.totalSupply() / DEAD_SHARES;
             uint256 totalAssets = vault.totalAssets();
-            assertGe(totalAssets + 2, totalPrincipal, "insolvent without manipulation");
+            assertGe(totalAssets + 2, totalPrincipal, "insolvent without negative manipulation");
         }
     }
 
@@ -158,21 +158,21 @@ contract MasterVaultInvariant is Test {
         );
     }
 
-    function _rebalanceToZero() internal {
+    function _rebalanceToZero() internal returns (bool skip) {
         if (vault.targetAllocationWad() != 0) {
             vault.setTargetAllocationWad(0);
         }
 
         uint256 shareBalance = vault.subVault().balanceOf(address(vault));
-        if (shareBalance == 0) return;
+        if (shareBalance == 0) return true;
 
         uint256 maxRedeem = vault.subVault().maxRedeem(address(vault));
-        if (maxRedeem == 0) return;
+        if (maxRedeem == 0) return true;
 
         uint256 iterationsRequired = (shareBalance) / maxRedeem + 1;
 
         // set some reasonable upper bound on iterations to prevent infinite loop
-        if (iterationsRequired > 10) return;
+        if (iterationsRequired > 10) return true;
 
         for (uint256 i = 0; i < iterationsRequired && vault.subVault().balanceOf(address(vault)) != 0; i++) {
             vm.warp(block.timestamp + 2);