AMM V3: The Logic of Concentrated Liquidity
Uniswap V3 and its clones introduced "Concentrated Liquidity," which significantly increased the complexity of auditing liquidity pools.
The Math of Ticks
Liquidity is not distributed along a global curve but in discrete "Ticks."
- Price Calculation:
Price = 1.0001^{tick} - Audit Vector: Tick-crossing logic. When a large swap crosses multiple ticks, the accounting for fees and liquidity must be perfect. Even a 1-wei rounding error can lead to a "Drain-by-a-thousand-cuts" attack.
Precision Loss Vulnerabilities
Smart contracts use fixed-point math. When multiplying large numbers and then dividing, the order of operations matters.
- Rule: Multiply before you divide.
- Risk: If the scale is too small, precision loss can be exploited in high-volume protocols.
🛠 Tactical Activity: Precision Gap Analysis
Objective: audit a "Fixed-Point" library.
- Inspect the math of a simple yield aggregator.
- Scenario: A user deposits 1.000000000000000001 ETH.
- Task: Calculate if the contract's rounding "favors the protocol" or "favors the user."
- Conclusion: If it favors the user even by 1 wei, how can an attacker use 1,000,000 transactions to drain the treasury?