🏅 Audit Reponse

Macro & Omniscia Audit response

.env-example

@@ -1,6 +1,10 @@
 MAINNET_RPC_URL=https://eth-mainnet.g.alchemy.com/v2/KEY
 OPTIMISM_RPC_URL=https://opt-mainnet.g.alchemy.com/v2/KEY
+BASE_RPC_URL=https://base-mainnet.g.alchemy.com/v2/KEY
 GOERLI_RPC_URL=https://eth-goerli.g.alchemy.com/v2/KEY
 OPTIMISM_GOERLI_RPC_URL=https://opt-goerli.g.alchemy.com/v2/KEY
-PRIVATE_KEY=lololol
-ETHERSCAN_API_KEY=KEY
+BASE_GOERLI_RPC_URL=https://base-goerli.g.alchemy.com/v2/KEY
+PRIVATE_KEY=KEY
+ETHERSCAN_API_KEY=KEY
+OPTIMISM_ETHERSCAN_API_KEY=KEY
+BASESCAN_API_KEY=KEY

.gas-snapshot

@@ -1,61 +1,70 @@
-AccountDelegate:test_isAccountDelegate_account_doesnt_exist() (gas: 26445)
-AccountDelegate:test_isAccountDelegate_false() (gas: 391910)
-AccountDelegate:test_isAccountDelegate_true() (gas: 389835)
-AccountOwner:test_isAccountOwner_account_doesnt_exist() (gas: 25006)
-AccountOwner:test_isAccountOwner_false() (gas: 229819)
-AccountOwner:test_isAccountOwner_true() (gas: 229787)
-CanExecute:test_canExecute_false_nonce_used() (gas: 646215)
-CanExecute:test_canExecute_false_trusted_executor() (gas: 44028)
-CanExecute:test_canExecute_true() (gas: 43628)
-CommitOrder:test_commitOrder() (gas: 403236)
-CommitOrder:test_commitOrder_insufficient_collateral() (gas: 433172)
-CommitOrder:test_commitOrder_invalid_market() (gas: 37295)
-Conditions:test_isMarketOpen() (gas: 26824)
-Conditions:test_isPriceAbove() (gas: 16567)
-Conditions:test_isPriceBelow() (gas: 16502)
-Conditions:test_isTimestampAfter() (gas: 7558)
-Conditions:test_isTimestampBefore() (gas: 7626)
-CreateAccount:test_createAccount() (gas: 254859)
-CreateAccount:test_createAccount_owner() (gas: 259703)
-DepositCollateral:test_depositCollateral() (gas: 258350)
-DepositCollateral:test_depositCollateral_availableMargin() (gas: 265995)
-DepositCollateral:test_depositCollateral_collateralAmount() (gas: 259015)
-DepositCollateral:test_depositCollateral_insufficient_balance() (gas: 55956)
-DepositCollateral:test_depositCollateral_totalCollateralValue() (gas: 263302)
-Execute:test_execute_CannotExecuteOrder() (gas: 39240)
-Execute:test_execute_leverage_exceeded() (gas: 693395)
-Execute:test_execute_order_committed() (gas: 644233)
-Fee:test_fee_imposed() (gas: 650312)
-Fee:test_fee_imposed_above_upper_fee_cap() (gas: 626814)
-Fee:test_fee_imposed_at_upper_fee_cap() (gas: 626717)
-Fee:test_fee_imposed_below_lower_fee_cap() (gas: 625264)
-Fee:test_fee_imposed_below_upper_fee_cap() (gas: 627651)
-Fee:test_fee_imposed_fee_cannot_be_paid() (gas: 377906)
-Fee:test_fee_imposed_insufficient_collateral_for_order() (gas: 693378)
+AccountDelegate:test_isAccountDelegate_account_doesnt_exist() (gas: 26494)
+AccountDelegate:test_isAccountDelegate_false() (gas: 391959)
+AccountDelegate:test_isAccountDelegate_true() (gas: 389928)
+AccountOwner:test_isAccountOwner_account_doesnt_exist() (gas: 25032)
+AccountOwner:test_isAccountOwner_false() (gas: 229800)
+AccountOwner:test_isAccountOwner_true() (gas: 229790)
+CanExecute:test_canExecute_false_nonce_used() (gas: 623164)
+CanExecute:test_canExecute_false_trusted_executor() (gas: 44049)
+CanExecute:test_canExecute_true() (gas: 43648)
+CommitOrder:test_commitOrder() (gas: 378408)
+CommitOrder:test_commitOrder_insufficient_collateral() (gas: 433338)
+CommitOrder:test_commitOrder_invalid_market() (gas: 37418)
+Conditions:test_isMarketOpen() (gas: 26784)
+Conditions:test_isOrderFeeBelow() (gas: 168839)
+Conditions:test_isPositionSizeAbove() (gas: 18801)
+Conditions:test_isPositionSizeBelow() (gas: 18783)
+Conditions:test_isPriceAbove() (gas: 19194)
+Conditions:test_isPriceBelow() (gas: 18998)
+Conditions:test_isTimestampAfter() (gas: 7645)
+Conditions:test_isTimestampBefore() (gas: 7668)
+DeploymentTest:test_deploy() (gas: 2684850)
+DeploymentTest:test_deploy_oracle_zero_address() (gas: 39879)
+DeploymentTest:test_deploy_perps_market_proxy_zero_address() (gas: 39775)
+DeploymentTest:test_deploy_spot_market_proxy_zero_address() (gas: 39853)
+DeploymentTest:test_deploy_susd_proxy_zero_address() (gas: 39866)
+DepositCollateral:test_depositCollateral() (gas: 258349)
+DepositCollateral:test_depositCollateral_availableMargin() (gas: 265906)
+DepositCollateral:test_depositCollateral_collateralAmount() (gas: 258925)
+DepositCollateral:test_depositCollateral_insufficient_balance() (gas: 55890)
+DepositCollateral:test_depositCollateral_totalCollateralValue() (gas: 263279)
+Execute:test_execute_CannotExecuteOrder() (gas: 36391)
+Execute:test_execute_leverage_exceeded() (gas: 698043)
+Execute:test_execute_order_committed() (gas: 621144)
+Fee:test_fee_imposed() (gas: 627241)
+Fee:test_fee_imposed_above_upper_fee_cap() (gas: 608182)
+Fee:test_fee_imposed_at_upper_fee_cap() (gas: 608085)
+Fee:test_fee_imposed_below_lower_fee_cap() (gas: 606732)
+Fee:test_fee_imposed_below_upper_fee_cap() (gas: 609005)
+Fee:test_fee_imposed_fee_cannot_be_paid() (gas: 382488)
+Fee:test_fee_imposed_insufficient_collateral_for_order() (gas: 698044)
 MathLibTest:test_abs128() (gas: 448)
 MathLibTest:test_abs256() (gas: 480)
 MathLibTest:test_castU128() (gas: 350)
 MathLibTest:test_castU128_overflow() (gas: 3509)
-MathLibTest:test_fuzz_abs128(int128) (runs: 256, μ: 590, ~: 615)
-MathLibTest:test_fuzz_abs256(int256) (runs: 256, μ: 471, ~: 458)
+MathLibTest:test_fuzz_abs128(int128) (runs: 256, μ: 577, ~: 603)
+MathLibTest:test_fuzz_abs256(int256) (runs: 256, μ: 472, ~: 458)
 MathLibTest:test_isSameSign() (gas: 999)
-MulticallableTest:test_multicall_depositCollateral_commitOrder() (gas: 623235)
-ReduceOnly:test_reduce_only() (gas: 645939)
-ReduceOnly:test_reduce_only_same_sign() (gas: 68217)
-ReduceOnly:test_reduce_only_truncate_size_down() (gas: 646024)
-ReduceOnly:test_reduce_only_truncate_size_up() (gas: 626859)
-ReduceOnly:test_reduce_only_zero_size() (gas: 158411)
-UpdateAccountStats:test_updateAccountStats(uint128,uint128,uint128) (runs: 256, μ: 72521, ~: 72599)
-VerifyConditions:test_max_condition_size_exceeded() (gas: 14269)
-VerifyConditions:test_verify_conditions_not_verified() (gas: 26355)
-VerifyConditions:test_verify_conditions_verified() (gas: 42437)
-VerifySignature:test_verifySignature() (gas: 23996)
-VerifySignature:test_verifySignature_false_private_key() (gas: 26740)
-VerifySigner:test_verifySigner() (gas: 25690)
-VerifySigner:test_verifySigner_false() (gas: 29101)
-WithdrawCollateral:test_withdrawCollateral() (gas: 348329)
-WithdrawCollateral:test_withdrawCollateral_availableMargin() (gas: 349839)
-WithdrawCollateral:test_withdrawCollateral_collateralAmount() (gas: 348857)
-WithdrawCollateral:test_withdrawCollateral_insufficient_account_collateral_balance() (gas: 279627)
-WithdrawCollateral:test_withdrawCollateral_totalCollateralValue() (gas: 349346)
-WithdrawCollateral:test_withdrawCollateral_zero() (gas: 265949)
+MulticallableTest:test_multicall_depositCollateral_commitOrder() (gas: 600450)
+NonceBitmap:test_hasUnorderedNonceBeenUsed() (gas: 53903)
+NonceBitmap:test_invalidateUnorderedNonces() (gas: 72810)
+NonceBitmap:test_invalidateUnorderedNonces_Only_Owner_Delegate() (gas: 189948)
+ReduceOnly:test_reduce_only() (gas: 622778)
+ReduceOnly:test_reduce_only_same_sign() (gas: 68397)
+ReduceOnly:test_reduce_only_truncate_size_down() (gas: 622908)
+ReduceOnly:test_reduce_only_truncate_size_up() (gas: 603721)
+ReduceOnly:test_reduce_only_zero_size() (gas: 158613)
+VerifyConditions:test_max_condition_size_exceeded() (gas: 45046)
+VerifyConditions:test_verifyConditions_InvalidConditionSelector() (gas: 14079)
+VerifyConditions:test_verify_conditions_not_verified() (gas: 29659)
+VerifyConditions:test_verify_conditions_verified() (gas: 135662)
+VerifySignature:test_verifySignature() (gas: 23770)
+VerifySignature:test_verifySignature_false_private_key() (gas: 26592)
+VerifySigner:test_verifySigner() (gas: 25801)
+VerifySigner:test_verifySigner_false() (gas: 28509)
+WithdrawCollateral:test_withdrawCollateral() (gas: 348278)
+WithdrawCollateral:test_withdrawCollateral_availableMargin() (gas: 349788)
+WithdrawCollateral:test_withdrawCollateral_collateralAmount() (gas: 348788)
+WithdrawCollateral:test_withdrawCollateral_insufficient_account_collateral_balance() (gas: 279518)
+WithdrawCollateral:test_withdrawCollateral_totalCollateralValue() (gas: 349277)
+WithdrawCollateral:test_withdrawCollateral_zero() (gas: 265863)

.github/workflows/coverage.yml

@@ -30,6 +30,5 @@ jobs:
               with:
                   files: ./lcov.info
                   name: codecov-unit
-                  # will fail until repo is public
-                  # fail_ci_if_error: true
+                  fail_ci_if_error: true
                   verbose: true

README.md

@@ -2,7 +2,7 @@
 
 [![Github Actions][gha-badge]][gha]
 [![Foundry][foundry-badge]][foundry]
-[![License: MIT][license-badge]][license]
+[![License: GPL-3.0][license-badge]][license]
 
 [gha]: https://github.com/Kwenta/smart-margin-v3/actions
 [gha-badge]: https://github.com/Kwenta/smart-margin-v3/actions/workflows/test.yml/badge.svg
@@ -23,22 +23,20 @@ Please refer to the project [wiki](https://github.com/Kwenta/smart-margin-v3/wik
 src/
 ├── Engine.sol
 ├── interfaces
-│   ├── IEngine.sol
-│   ├── oracles
-│   │   └── IPyth.sol
-│   ├── synthetix
-│   │   ├── IPerpsMarketProxy.sol
-│   │   └── ISpotMarketProxy.sol
-│   └── tokens
-│       ├── IERC20.sol
-│       └── IERC721.sol
+│   ├── IEngine.sol
+│   ├── oracles
+│   │   └── IPyth.sol
+│   ├── synthetix
+│   │   ├── IPerpsMarketProxy.sol
+│   │   └── ISpotMarketProxy.sol
+│   └── tokens
+│       └── IERC20.sol
 ├── libraries
-│   ├── ConditionalOrderHashLib.sol
-│   ├── MathLib.sol
-│   └── SignatureCheckerLib.sol
+│   ├── ConditionalOrderHashLib.sol
+│   ├── MathLib.sol
+│   └── SignatureCheckerLib.sol
 └── utils
     ├── EIP712.sol
-    ├── ERC721Receivable.sol
     └── Multicallable.sol
 ```
 
@@ -76,8 +74,10 @@ npm run decode-custom-error -- <error hash 0x...>
 
 > See `deployments/` folder
 
-1. Optimism deployments found in `deployments/Optimism/`
-2. Optimism Goerli deployments found in `deployments/OptimismGoerli/`
+1. Optimism deployments found in `deployments/Optimism.json`
+2. Optimism Goerli deployments found in `deployments/OptimismGoerli.json`
+3. Base deployments found in `deployments/Base.json`
+4. Base Goerli deployments found in `deployments/BaseGoerli.json`
 
 ## Audits
 

codecov.yaml

@@ -0,0 +1,3 @@
+ignore:
+    - "test"
+    - "script"

deployments/BaseGoerli.json

@@ -0,0 +1,3 @@
+{
+    "Engine": "0xb3E58002aAf9d21a39a19DB784f10c30c9e5bE76"
+}

deployments/OptimismGoerli.json

@@ -1,3 +1,3 @@
 {
-    "Engine": "0x80358bDD93f0d0cb61c0CBD27E8d725DeCB2C9B1"
+    "Engine": "0xB52640E47b3fe5bdcB113430328BF5ea96261160"
 }

foundry.toml

@@ -1,8 +1,10 @@
 [profile.default]
 src = 'src'
+test = 'test/'
 out = 'out'
 libs = ['lib']
-olc_version = "0.8.18"
+solc_version = "0.8.18"
+optimizer = true
 optimizer_runs = 1_000_000
 
 [fmt]
@@ -12,11 +14,15 @@ number_underscore = "thousands"
 [rpc_endpoints]
 mainnet = "${MAINNET_RPC_URL}" 
 optimism = "${OPTIMISM_RPC_URL}"
+base = "${BASE_RPC_URL}"
 goerli = "${GOERLI_RPC_URL}"
 optimismGoerli = "${OPTIMISM_GOERLI_RPC_URL}"
+baseGoerli = "${BASE_GOERLI_RPC_URL}"
 
 [etherscan]
 mainnet = { key = "${ETHERSCAN_API_KEY}" }
 optimism = { key = "${OPTIMISM_ETHERSCAN_API_KEY}" }
+base = { key = "${BASESCAN_API_KEY}" }
 goerli = { key = "${ETHERSCAN_API_KEY}" }
-optimismGoerli = { key = "${OPTIMISM_ETHERSCAN_API_KEY}" }
+optimismGoerli = { key = "${OPTIMISM_ETHERSCAN_API_KEY}" }
+baseGoerli = { key = "${BASESCAN_API_KEY}" }