File tree Expand file tree Collapse file tree 2 files changed +44
-0
lines changed Expand file tree Collapse file tree 2 files changed +44
-0
lines changed Original file line number Diff line number Diff line change @@ -329,6 +329,28 @@ abstract contract ERC4626Prop is Test {
329329 return vault_convertToAssets (IERC20 (_vault_).balanceOf (account)) + IERC20 (_underlying_).balanceOf (account);
330330 }
331331
332+ //
333+ // security properties
334+ //
335+
336+ // withdraw loss socialization
337+ // "One user's withdrawal MUST NOT decrease another user's share value (convertToAssets)"
338+ function prop_withdraw_loss_socialization (address caller , uint assets , address other ) public {
339+ uint oldOtherConvertToAssets = vault_convertToAssets (IERC4626 (_vault_).balanceOf (other));
340+ vm.prank (caller); vault_withdraw (assets, caller, caller);
341+ uint newOtherConvertToAssets = vault_convertToAssets (IERC4626 (_vault_).balanceOf (other));
342+ assertApproxGeAbs (newOtherConvertToAssets, oldOtherConvertToAssets, _delta_);
343+ }
344+
345+ // redeem loss socialization
346+ // "One user's redemption MUST NOT affect another user's share value (convertToAssets)"
347+ function prop_redeem_loss_socialization (address caller , uint shares , address other ) public {
348+ uint oldOtherConvertToAssets = vault_convertToAssets (IERC4626 (_vault_).balanceOf (other));
349+ vm.prank (caller); vault_redeem (shares, caller, caller);
350+ uint newOtherConvertToAssets = vault_convertToAssets (IERC4626 (_vault_).balanceOf (other));
351+ assertApproxGeAbs (newOtherConvertToAssets, oldOtherConvertToAssets, _delta_);
352+ }
353+
332354 //
333355 // utils
334356 //
Original file line number Diff line number Diff line change @@ -316,6 +316,28 @@ abstract contract ERC4626Test is ERC4626Prop {
316316 prop_RT_withdraw_deposit (caller, assets);
317317 }
318318
319+ //
320+ // security tests
321+ //
322+
323+ function test_withdraw_loss_socialization (Init memory init , uint assets ) public virtual {
324+ setUpVault (init);
325+ address caller = init.user[0 ];
326+ address other = init.user[1 ];
327+ vm.assume (caller != other);
328+ assets = bound (assets, 0 , _max_withdraw (caller));
329+ prop_withdraw_loss_socialization (caller, assets, other);
330+ }
331+
332+ function test_redeem_loss_socialization (Init memory init , uint shares ) public virtual {
333+ setUpVault (init);
334+ address caller = init.user[0 ];
335+ address other = init.user[1 ];
336+ vm.assume (caller != other);
337+ shares = bound (shares, 0 , _max_redeem (caller));
338+ prop_redeem_loss_socialization (caller, shares, other);
339+ }
340+
319341 //
320342 // utils
321343 //
You can’t perform that action at this time.
0 commit comments