Fix last of Certora Informational Issues (#472)

ControlCplusControlV · web-flow · commit 014108ab931a · 2023-07-20T13:58:03.000-06:00
* Hyperdrive._applyCheckpoint(): use a local storage variable cache for _checkpoints[_checkpointTime] * HyperdriveDataProvider.query(): use a local storage variable cache for _buffer[currentIndex] * HyperdriveLong._applyOpenLong(): use a local storage variable cache for _checkpoints[_checkpointTime] * HyperdriveShort._applyCloseShort(): use a local storage variable cache for _checkpoints[_checkpointTime] * HyperdriveTWAP.recordPrice(): use a local storage variable cache for _buffer[head] * ERC20Forwarder.permit(): Post-increment the nonce earlier * HyperdriveLP.redeemWithdrawalShares(): _withdrawPool.readyToWithdraw and _withdrawPool.proceeds should be cached * HyperdriveLong._applyOpenLong(): _marketState.longsOutstanding should be cached * HyperdriveLong._calculateOpenLong(): _marketState.shareReserves and _marketState.bondReserves should be cached * HyperdriveShort._applyOpenShort(): _marketState.shareReserves should be cached * ?: * fixed tests * yarn is annoying * lint * yarn again * cspell * codesize issues * codesize issues #2 * Update foundry.toml * Update foundry.toml * Update foundry.toml * rename
diff --git a/contracts/src/Hyperdrive.sol b/contracts/src/Hyperdrive.sol
@@ -90,15 +90,15 @@ abstract contract Hyperdrive is
         uint256 _sharePrice
     ) internal override returns (uint256 openSharePrice) {
         // Return early if the checkpoint has already been updated.
-        if (
-            _checkpoints[_checkpointTime].sharePrice != 0 ||
-            _checkpointTime > block.timestamp
-        ) {
+        IHyperdrive.Checkpoint storage checkpoint_ = _checkpoints[
+            _checkpointTime
+        ];
+        if (checkpoint_.sharePrice != 0 || _checkpointTime > block.timestamp) {
             return _checkpoints[_checkpointTime].sharePrice;
         }
 
         // Create the share price checkpoint.
-        _checkpoints[_checkpointTime].sharePrice = _sharePrice.toUint128();
+        checkpoint_.sharePrice = _sharePrice.toUint128();
 
         // Pay out the long withdrawal pool for longs that have matured.
         uint256 maturedLongsAmount = _totalSupply[
@@ -130,6 +130,6 @@ abstract contract Hyperdrive is
             );
         }
 
-        return _checkpoints[_checkpointTime].sharePrice;
+        return checkpoint_.sharePrice;
     }
 }
diff --git a/contracts/src/HyperdriveDataProvider.sol b/contracts/src/HyperdriveDataProvider.sol
@@ -143,8 +143,9 @@ abstract contract HyperdriveDataProvider is
         while (currentIndex != head) {
             // If the timestamp of the current index has older data than the target
             // this is the newest data which is older than the target so we break
-            if (uint256(_buffer[currentIndex].timestamp) <= targetTime) {
-                oldData = _buffer[currentIndex];
+            OracleData storage currentDataCache = _buffer[currentIndex];
+            if (uint256(currentDataCache.timestamp) <= targetTime) {
+                oldData = currentDataCache;
                 break;
             }
             currentIndex = currentIndex == 0
diff --git a/contracts/src/HyperdriveLP.sol b/contracts/src/HyperdriveLP.sol
@@ -321,22 +321,26 @@ abstract contract HyperdriveLP is HyperdriveTWAP {
         // to avoid unnecessary reverts. We exit early if the user has no shares
         // available to redeem.
         sharesRedeemed = _shares;
-        if (sharesRedeemed > _withdrawPool.readyToWithdraw) {
-            sharesRedeemed = _withdrawPool.readyToWithdraw;
+        uint128 readyToWithdraw_ = _withdrawPool.readyToWithdraw;
+        if (sharesRedeemed > readyToWithdraw_) {
+            sharesRedeemed = readyToWithdraw_;
         }
         if (sharesRedeemed == 0) return (0, 0);
 
         // We burn the shares from the user
         _burn(AssetId._WITHDRAWAL_SHARE_ASSET_ID, msg.sender, sharesRedeemed);
 
         // The LP gets the pro-rata amount of the collected proceeds.
+        uint128 proceeds_ = _withdrawPool.proceeds;
         uint256 shareProceeds = sharesRedeemed.mulDivDown(
-            uint128(_withdrawPool.proceeds),
-            uint128(_withdrawPool.readyToWithdraw)
+            uint128(proceeds_),
+            uint128(readyToWithdraw_)
         );
 
         // Apply the update to the withdrawal pool.
-        _withdrawPool.readyToWithdraw -= sharesRedeemed.toUint128();
+        _withdrawPool.readyToWithdraw =
+            readyToWithdraw_ -
+            sharesRedeemed.toUint128();
         _withdrawPool.proceeds -= shareProceeds.toUint128();
 
         // Withdraw for the user
diff --git a/contracts/src/HyperdriveLong.sol b/contracts/src/HyperdriveLong.sol
@@ -212,12 +212,13 @@ abstract contract HyperdriveLong is HyperdriveLP {
         uint256 _checkpointTime,
         uint256 _maturityTime
     ) internal {
+        uint128 longsOutstanding_ = _marketState.longsOutstanding;
         // Update the average maturity time of long positions.
         _marketState.longAverageMaturityTime = uint256(
             _marketState.longAverageMaturityTime
         )
             .updateWeightedAverage(
-                uint256(_marketState.longsOutstanding),
+                uint256(longsOutstanding_),
                 _maturityTime * 1e18, // scale up to fixed point scale
                 _bondProceeds,
                 true
@@ -226,9 +227,10 @@ abstract contract HyperdriveLong is HyperdriveLP {
 
         // Update the long share price of the checkpoint and the global long
         // open share price.
-        _checkpoints[_checkpointTime].longSharePrice = uint256(
-            _checkpoints[_checkpointTime].longSharePrice
-        )
+        IHyperdrive.Checkpoint storage checkpoint = _checkpoints[
+            _checkpointTime
+        ];
+        checkpoint.longSharePrice = uint256(checkpoint.longSharePrice)
             .updateWeightedAverage(
                 uint256(
                     _totalSupply[
@@ -247,7 +249,7 @@ abstract contract HyperdriveLong is HyperdriveLP {
             _marketState.longOpenSharePrice
         )
             .updateWeightedAverage(
-                uint256(_marketState.longsOutstanding),
+                uint256(longsOutstanding_),
                 _sharePrice,
                 _bondProceeds,
                 true
@@ -258,14 +260,15 @@ abstract contract HyperdriveLong is HyperdriveLP {
         // longs outstanding.
         _marketState.shareReserves += _shareReservesDelta.toUint128();
         _marketState.bondReserves -= _bondReservesDelta.toUint128();
-        _marketState.longsOutstanding += _bondProceeds.toUint128();
+        longsOutstanding_ += _bondProceeds.toUint128();
+        _marketState.longsOutstanding = longsOutstanding_;
 
         // Since the base buffer may have increased relative to the base
         // reserves and the bond reserves decreased, we must ensure that the
         // base reserves are greater than the longsOutstanding.
         if (
             _sharePrice.mulDown(_marketState.shareReserves) <
-            uint256(_marketState.longsOutstanding).divDown(_sharePrice) +
+            uint256(longsOutstanding_).divDown(_sharePrice) +
                 _minimumShareReserves
         ) {
             revert IHyperdrive.BaseBufferExceedsShareReserves();
@@ -288,12 +291,16 @@ abstract contract HyperdriveLong is HyperdriveLP {
         uint256 _maturityTime,
         uint256 _sharePrice
     ) internal {
+        uint128 longsOutstanding_ = _marketState.longsOutstanding;
+        uint128 longSharePrice_ = _checkpoints[
+            _maturityTime - _positionDuration
+        ].longSharePrice;
         // Update the long average maturity time.
         _marketState.longAverageMaturityTime = uint256(
             _marketState.longAverageMaturityTime
         )
             .updateWeightedAverage(
-                _marketState.longsOutstanding,
+                longsOutstanding_,
                 _maturityTime * 1e18, // scale up to fixed point scale
                 _bondAmount,
                 false
@@ -305,15 +312,17 @@ abstract contract HyperdriveLong is HyperdriveLP {
             _marketState.longOpenSharePrice
         )
             .updateWeightedAverage(
-                _marketState.longsOutstanding,
-                _checkpoints[_maturityTime - _positionDuration].longSharePrice,
+                longsOutstanding_,
+                longSharePrice_,
                 _bondAmount,
                 false
             )
             .toUint128();
 
         // Reduce the amount of outstanding longs.
-        _marketState.longsOutstanding -= _bondAmount.toUint128();
+        _marketState.longsOutstanding =
+            longsOutstanding_ -
+            _bondAmount.toUint128();
 
         // Apply the updates from the curve trade to the reserves.
         _marketState.shareReserves -= _shareReservesDelta.toUint128();
@@ -330,13 +339,10 @@ abstract contract HyperdriveLong is HyperdriveLP {
             AssetId._WITHDRAWAL_SHARE_ASSET_ID
         ] - _withdrawPool.readyToWithdraw;
         if (withdrawalSharesOutstanding > 0) {
-            uint256 openSharePrice = _checkpoints[
-                _maturityTime - _positionDuration
-            ].longSharePrice;
             uint256 withdrawalProceeds = HyperdriveMath.calculateShortProceeds(
                 _bondAmount,
                 _shareProceeds,
-                openSharePrice,
+                longSharePrice_,
                 _sharePrice,
                 _sharePrice
             );
diff --git a/contracts/src/HyperdriveShort.sol b/contracts/src/HyperdriveShort.sol
@@ -278,14 +278,16 @@ abstract contract HyperdriveShort is HyperdriveLP {
         // by the amount of bonds that were shorted. We don't need to add the
         // margin or pre-paid interest to the reserves because of the way that
         // the close short accounting works.
-        _marketState.shareReserves -= _shareReservesDelta.toUint128();
+        uint128 shareReserves_ = _marketState.shareReserves -
+            _shareReservesDelta.toUint128();
+        _marketState.shareReserves = shareReserves_;
         _marketState.bondReserves += _bondAmount.toUint128();
         _marketState.shortsOutstanding += _bondAmount.toUint128();
 
         // Since the share reserves are reduced, we need to verify that the base
         // reserves are greater than or equal to the amount of longs outstanding.
         if (
-            _sharePrice.mulDown(_marketState.shareReserves) <
+            _sharePrice.mulDown(shareReserves_) <
             uint256(_marketState.longsOutstanding).divDown(_sharePrice) +
                 _minimumShareReserves
         ) {
@@ -309,12 +311,13 @@ abstract contract HyperdriveShort is HyperdriveLP {
         uint256 _maturityTime,
         uint256 _sharePrice
     ) internal {
+        uint128 shortsOutstanding_ = _marketState.shortsOutstanding;
         // Update the short average maturity time.
         _marketState.shortAverageMaturityTime = uint256(
             _marketState.shortAverageMaturityTime
         )
             .updateWeightedAverage(
-                _marketState.shortsOutstanding,
+                shortsOutstanding_,
                 _maturityTime * 1e18, // scale up to fixed point scale
                 _bondAmount,
                 false
@@ -340,16 +343,24 @@ abstract contract HyperdriveShort is HyperdriveLP {
             // Remove a proportional amount of the checkpoints base volume from
             // the aggregates.
             uint256 checkpointTime = _maturityTime - _positionDuration;
-            uint128 proportionalBaseVolume = uint256(
-                _checkpoints[checkpointTime].shortBaseVolume
-            ).mulDown(_bondAmount.divDown(checkpointAmount)).toUint128();
+            uint128 checkpointShortBaseVolume = _checkpoints[checkpointTime]
+                .shortBaseVolume;
+            IHyperdrive.Checkpoint storage checkpoint = _checkpoints[
+                checkpointTime
+            ];
+            uint128 proportionalBaseVolume = uint256(checkpointShortBaseVolume)
+                .mulDown(_bondAmount.divDown(checkpointAmount))
+                .toUint128();
             _marketState.shortBaseVolume -= proportionalBaseVolume;
-            _checkpoints[checkpointTime]
-                .shortBaseVolume -= proportionalBaseVolume;
+            checkpoint.shortBaseVolume =
+                checkpointShortBaseVolume -
+                proportionalBaseVolume;
         }
 
         // Decrease the amount of shorts outstanding.
-        _marketState.shortsOutstanding -= _bondAmount.toUint128();
+        _marketState.shortsOutstanding =
+            shortsOutstanding_ -
+            _bondAmount.toUint128();
 
         // Apply the updates from the curve trade to the reserves.
         _marketState.shareReserves += _shareReservesDelta.toUint128();
diff --git a/contracts/src/HyperdriveTWAP.sol b/contracts/src/HyperdriveTWAP.sol
@@ -29,8 +29,9 @@ abstract contract HyperdriveTWAP is HyperdriveBase {
         }
 
         // Load the current data from storage
-        uint256 previousTime = uint256(_oracle.lastTimestamp);
-        uint256 previousSum = uint256(_buffer[head].data);
+        OracleData storage headData = _buffer[head];
+        uint256 previousTime = uint256(headData.timestamp);
+        uint256 previousSum = uint256(headData.data);
 
         // Calculate sum
         uint256 delta = block.timestamp - previousTime;
diff --git a/contracts/src/token/ERC20Forwarder.sol b/contracts/src/token/ERC20Forwarder.sol
@@ -198,6 +198,7 @@ contract ERC20Forwarder is IERC20 {
         // Require that the owner is not zero
         if (owner == address(0)) revert IHyperdrive.RestrictedZeroAddress();
 
+        uint256 nonce = nonces[owner];
         bytes32 structHash = keccak256(
             abi.encodePacked(
                 "\x19\x01",
@@ -208,7 +209,7 @@ contract ERC20Forwarder is IERC20 {
                         owner,
                         spender,
                         value,
-                        nonces[owner],
+                        nonce,
                         deadline
                     )
                 )
@@ -220,7 +221,7 @@ contract ERC20Forwarder is IERC20 {
         if (signer != owner) revert IHyperdrive.InvalidSignature();
 
         // Increment the signature nonce
-        nonces[owner]++;
+        nonces[owner] = nonce + 1;
         // Set the approval to the new value
         token.setApprovalBridge(tokenId, spender, value, owner);
         emit Approval(owner, spender, value);
diff --git a/foundry.toml b/foundry.toml
@@ -25,7 +25,7 @@ fs_permissions = [{ access = "write", path = "./artifacts/script_addresses.json"
 deny_warnings = true
 # optimizer settings
 optimizer = true
-optimizer_runs = 3500
+optimizer_runs = 1000
 # Enable via-ir
 via_ir = true
 # Enable gas-reporting for all contracts
