Uniswap · zhongeric · Sep 29, 2025 · Sep 29, 2025 · Sep 29, 2025 · semgrep-code-uniswap
diff --git a/.github/workflows/olympix.yaml b/.github/workflows/olympix.yaml
@@ -0,0 +1,18 @@
+name: Integrated Security Workflow
+on: 
+  pull_request:
+    branches: [main, master, staging, dev, feat/**, fix/**]
+  push
+jobs:
+  security:
+    runs-on: ubuntu-latest
+    steps:
+      - uses: actions/checkout@v3
+      - name: Run Olympix Integrated Security
+        uses: olympix/integrated-security@main
+        env:
+          OLYMPIX_API_TOKEN: ${{ secrets.OLYMPIX_API_TOKEN }}
+      - name: Upload result to GitHub Code Scanning
+        uses: github/codeql-action/upload-sarif@v3
+        with:
+          sarif_file: olympix.sarif
@@ -29,14 +29,14 @@
     - [FixedPoint96](src/libraries/FixedPoint96.sol/library.FixedPoint96.md)
     - [ValueX7](src/libraries/MPSLib.sol/type.ValueX7.md)
     - [MPSLib](src/libraries/MPSLib.sol/library.MPSLib.md)
+    - [sub](src/libraries/MPSLib.sol/function.sub.md)
+    - [add](src/libraries/MPSLib.sol/function.add.md)
+    - [gte](src/libraries/MPSLib.sol/function.gte.md)
     - [eq](src/libraries/MPSLib.sol/function.eq.md)
-    - [divUint256](src/libraries/MPSLib.sol/function.divUint256.md)
     - [mulUint256](src/libraries/MPSLib.sol/function.mulUint256.md)
-    - [gte](src/libraries/MPSLib.sol/function.gte.md)
+    - [divUint256](src/libraries/MPSLib.sol/function.divUint256.md)
     - [gt](src/libraries/MPSLib.sol/function.gt.md)
-    - [add](src/libraries/MPSLib.sol/function.add.md)
     - [fullMulDiv](src/libraries/MPSLib.sol/function.fullMulDiv.md)
-    - [sub](src/libraries/MPSLib.sol/function.sub.md)
     - [ValidationHookLib](src/libraries/ValidationHookLib.sol/library.ValidationHookLib.md)
   - [Auction](src/Auction.sol/contract.Auction.md)
   - [AuctionFactory](src/AuctionFactory.sol/contract.AuctionFactory.md)

@@ -1,5 +1,5 @@
 # Auction
-[Git Source](https://github.com/Uniswap/twap-auction/blob/f80ba18b60de4b770005741879dfdddb0bfb58e3/src/Auction.sol)
+[Git Source](https://github.com/Uniswap/twap-auction/blob/97b9f50fc290e1d145d29832b96438e6ecfe03de/src/Auction.sol)
 
 **Inherits:**
 [BidStorage](/src/BidStorage.sol/abstract.BidStorage.md), [CheckpointStorage](/src/CheckpointStorage.sol/abstract.CheckpointStorage.md), [AuctionStepStorage](/src/AuctionStepStorage.sol/abstract.AuctionStepStorage.md), [TickStorage](/src/TickStorage.sol/abstract.TickStorage.md), [PermitSingleForwarder](/src/PermitSingleForwarder.sol/abstract.PermitSingleForwarder.md), [TokenCurrencyStorage](/src/TokenCurrencyStorage.sol/abstract.TokenCurrencyStorage.md), [IAuction](/src/interfaces/IAuction.sol/interface.IAuction.md)
@@ -395,3 +395,26 @@ The address of the validation hook for the auction
 function validationHook() external view override(IAuction) returns (IValidationHook);
 ```
 
+### getBidRequiredCurrencyAmount
+
+Getters
+
+
+```solidity
+function getBidRequiredCurrencyAmount(bool exactIn, uint256 amount, uint256 maxPrice) external pure returns (uint256);
+```
+**Parameters**
+
+|Name|Type|Description|
+|----|----|-----------|
+|`exactIn`|`bool`|Whether the bid is exact in|
+|`amount`|`uint256`|The amount of the bid|
+|`maxPrice`|`uint256`|The max price of the bid|
+
+**Returns**
+
+|Name|Type|Description|
+|----|----|-----------|
+|`<none>`|`uint256`|The required currency amount for a bid|
+
+
@@ -1,5 +1,5 @@
 # BidStorage
-[Git Source](https://github.com/Uniswap/twap-auction/blob/f80ba18b60de4b770005741879dfdddb0bfb58e3/src/BidStorage.sol)
+[Git Source](https://github.com/Uniswap/twap-auction/blob/97b9f50fc290e1d145d29832b96438e6ecfe03de/src/BidStorage.sol)
 
 
 ## State Variables
@@ -102,3 +102,24 @@ function _deleteBid(uint256 bidId) internal;
 |`bidId`|`uint256`|The id of the bid to delete|
 
 
+### getBid
+
+Get a bid from storage
+
+
+```solidity
+function getBid(uint256 bidId) external view returns (Bid memory);
+```
+**Parameters**
+
+|Name|Type|Description|
+|----|----|-----------|
+|`bidId`|`uint256`|The id of the bid to get|
+
+**Returns**
+
+|Name|Type|Description|
+|----|----|-----------|
+|`<none>`|`Bid`|bid The bid|
+
+
@@ -1,5 +1,5 @@
 # CheckpointStorage
-[Git Source](https://github.com/Uniswap/twap-auction/blob/f80ba18b60de4b770005741879dfdddb0bfb58e3/src/CheckpointStorage.sol)
+[Git Source](https://github.com/Uniswap/twap-auction/blob/97b9f50fc290e1d145d29832b96438e6ecfe03de/src/CheckpointStorage.sol)
 
 **Inherits:**
 [ICheckpointStorage](/src/interfaces/ICheckpointStorage.sol/interface.ICheckpointStorage.md)
@@ -38,6 +38,8 @@ uint64 public lastCheckpointedBlock;
 
 Get the latest checkpoint at the last checkpointed block
 
+*This may be out of date and not reflect the latest state of the auction. As a best practice, always call `checkpoint()` beforehand.*
+
 
 ```solidity
 function latestCheckpoint() public view returns (Checkpoint memory);
@@ -47,6 +49,8 @@ function latestCheckpoint() public view returns (Checkpoint memory);
 
 Get the clearing price at the last checkpointed block
 
+*This may be out of date and not reflect the latest state of the auction. As a best practice, always call `checkpoint()` beforehand.*
+
 
 ```solidity
 function clearingPrice() public view returns (uint256);
@@ -56,13 +60,36 @@ function clearingPrice() public view returns (uint256);
 
 Get the currency raised at the last checkpointed block
 
-*This may be less than the balance of this contract as tokens are sold at different prices*
+*This may be out of date and not reflect the latest state of the auction. As a best practice, always call `checkpoint()` beforehand.*
 
 
 ```solidity
 function currencyRaised() public view returns (uint256);
 ```
 
+### getCheckpoint
+
+Get a checkpoint at a block number
+
+*The returned checkpoint may not exist if the block was never checkpointed*
+
+
+```solidity
+function getCheckpoint(uint64 blockNumber) external view returns (Checkpoint memory);
+```
+**Parameters**
+
+|Name|Type|Description|
+|----|----|-----------|
+|`blockNumber`|`uint64`|The block number of the checkpoint to get|
+
+**Returns**
+
+|Name|Type|Description|
+|----|----|-----------|
+|`<none>`|`Checkpoint`|checkpoint The checkpoint at the block number|
+
+
 ### _getCheckpoint
 
 Get a checkpoint from storage

@@ -1,5 +1,5 @@
 # TickStorage
-[Git Source](https://github.com/Uniswap/twap-auction/blob/f80ba18b60de4b770005741879dfdddb0bfb58e3/src/TickStorage.sol)
+[Git Source](https://github.com/Uniswap/twap-auction/blob/97b9f50fc290e1d145d29832b96438e6ecfe03de/src/TickStorage.sol)
 
 **Inherits:**
 [ITickStorage](/src/interfaces/ITickStorage.sol/interface.ITickStorage.md)
@@ -61,15 +61,15 @@ uint256 public constant MAX_TICK_PRICE = type(uint256).max;
 constructor(uint256 _tickSpacing, uint256 _floorPrice);
 ```
 
-### getTick
+### _getTick
 
 Get a tick at a price
 
 *The returned tick is not guaranteed to be initialized*
 
 
 ```solidity
-function getTick(uint256 price) public view returns (Tick memory);
+function _getTick(uint256 price) public view returns (Tick memory);
 ```
 **Parameters**
 
@@ -148,3 +148,20 @@ Get the tick spacing enforced for bid prices
 function tickSpacing() external view override(ITickStorage) returns (uint256);
 ```
 
+### getTick
+
+Get a tick at a price
+
+*The returned tick is not guaranteed to be initialized*
+
+
+```solidity
+function getTick(uint256 price) external view returns (Tick memory);
+```
+**Parameters**
+
+|Name|Type|Description|
+|----|----|-----------|
+|`price`|`uint256`|The price of the tick|
+
+
@@ -1,5 +1,5 @@
 # IAuction
-[Git Source](https://github.com/Uniswap/twap-auction/blob/f80ba18b60de4b770005741879dfdddb0bfb58e3/src/interfaces/IAuction.sol)
+[Git Source](https://github.com/Uniswap/twap-auction/blob/97b9f50fc290e1d145d29832b96438e6ecfe03de/src/interfaces/IAuction.sol)
 
 **Inherits:**
 [IDistributionContract](/src/interfaces/external/IDistributionContract.sol/interface.IDistributionContract.md), [ICheckpointStorage](/src/interfaces/ICheckpointStorage.sol/interface.ICheckpointStorage.md), [ITickStorage](/src/interfaces/ITickStorage.sol/interface.ITickStorage.md), [IAuctionStepStorage](/src/interfaces/IAuctionStepStorage.sol/interface.IAuctionStepStorage.md), [ITokenCurrencyStorage](/src/interfaces/ITokenCurrencyStorage.sol/interface.ITokenCurrencyStorage.md)
@@ -159,6 +159,31 @@ Sweep any leftover tokens to the tokens recipient
 function sweepUnsoldTokens() external;
 ```
 
+### getBidRequiredCurrencyAmount
+
+Getters
+
+Get the required currency amount for a bid
+
+
+```solidity
+function getBidRequiredCurrencyAmount(bool exactIn, uint256 amount, uint256 maxPrice) external view returns (uint256);
+```
+**Parameters**
+
+|Name|Type|Description|
+|----|----|-----------|
+|`exactIn`|`bool`|Whether the bid is exact in|
+|`amount`|`uint256`|The amount of the bid|
+|`maxPrice`|`uint256`|The max price of the bid|
+
+**Returns**
+
+|Name|Type|Description|
+|----|----|-----------|
+|`<none>`|`uint256`|The required currency amount for a bid|
+
+
 ## Events
 ### TokensReceived
 Emitted when the tokens are received

@@ -1,12 +1,14 @@
 # ICheckpointStorage
-[Git Source](https://github.com/Uniswap/twap-auction/blob/f80ba18b60de4b770005741879dfdddb0bfb58e3/src/interfaces/ICheckpointStorage.sol)
+[Git Source](https://github.com/Uniswap/twap-auction/blob/97b9f50fc290e1d145d29832b96438e6ecfe03de/src/interfaces/ICheckpointStorage.sol)
 
 
 ## Functions
 ### latestCheckpoint
 
 Get the latest checkpoint at the last checkpointed block
 
+*This may be out of date and not reflect the latest state of the auction. As a best practice, always call `checkpoint()` beforehand.*
+
 
 ```solidity
 function latestCheckpoint() external view returns (Checkpoint memory);
@@ -16,6 +18,8 @@ function latestCheckpoint() external view returns (Checkpoint memory);
 
 Get the clearing price at the last checkpointed block
 
+*This may be out of date and not reflect the latest state of the auction. As a best practice, always call `checkpoint()` beforehand.*
+
 
 ```solidity
 function clearingPrice() external view returns (uint256);
@@ -25,7 +29,9 @@ function clearingPrice() external view returns (uint256);
 
 Get the currency raised at the last checkpointed block
 
-*This may be less than the balance of this contract as tokens are sold at different prices*
+*This may be out of date and not reflect the latest state of the auction. As a best practice, always call `checkpoint()` beforehand.*
+
+*This also may be less than the balance of this contract as tokens are sold at different prices.*
 
 
 ```solidity
@@ -36,8 +42,33 @@ function currencyRaised() external view returns (uint256);
 
 Get the number of the last checkpointed block
 
+*This may be out of date and not reflect the latest state of the auction. As a best practice, always call `checkpoint()` beforehand.*
+
 
 ```solidity
 function lastCheckpointedBlock() external view returns (uint64);
 ```
 
+### getCheckpoint
+
+Get a checkpoint at a block number
+
+*The returned checkpoint may not exist if the block was never checkpointed*
+
+
+```solidity
+function getCheckpoint(uint64 blockNumber) external view returns (Checkpoint memory);
+```
+**Parameters**
+
+|Name|Type|Description|
+|----|----|-----------|
+|`blockNumber`|`uint64`|The block number of the checkpoint to get|
+
+**Returns**
+
+|Name|Type|Description|
+|----|----|-----------|
+|`<none>`|`Checkpoint`|checkpoint The checkpoint at the block number|
+
+
@@ -1,5 +1,5 @@
 # ITickStorage
-[Git Source](https://github.com/Uniswap/twap-auction/blob/67125c85f3326c7fe287a8da9446ecc07698d947/src/interfaces/ITickStorage.sol)
+[Git Source](https://github.com/Uniswap/twap-auction/blob/97b9f50fc290e1d145d29832b96438e6ecfe03de/src/interfaces/ITickStorage.sol)
 
 Interface for the TickStorage contract
 
@@ -34,6 +34,23 @@ Get the tick spacing enforced for bid prices
 function tickSpacing() external view returns (uint256);
 ```
 
+### getTick
+
+Get a tick at a price
+
+*The returned tick is not guaranteed to be initialized*
+
+
+```solidity
+function getTick(uint256 price) external view returns (Tick memory);
+```
+**Parameters**
+
+|Name|Type|Description|
+|----|----|-----------|
+|`price`|`uint256`|The price of the tick|
+
+
 ## Events
 ### TickInitialized
 Emitted when a tick is initialized

@@ -14,12 +14,12 @@
 - [FixedPoint96](FixedPoint96.sol/library.FixedPoint96.md)
 - [ValueX7](MPSLib.sol/type.ValueX7.md)
 - [MPSLib](MPSLib.sol/library.MPSLib.md)
+- [sub](MPSLib.sol/function.sub.md)
+- [add](MPSLib.sol/function.add.md)
+- [gte](MPSLib.sol/function.gte.md)
 - [eq](MPSLib.sol/function.eq.md)
-- [divUint256](MPSLib.sol/function.divUint256.md)
 - [mulUint256](MPSLib.sol/function.mulUint256.md)
-- [gte](MPSLib.sol/function.gte.md)
+- [divUint256](MPSLib.sol/function.divUint256.md)
 - [gt](MPSLib.sol/function.gt.md)
-- [add](MPSLib.sol/function.add.md)
 - [fullMulDiv](MPSLib.sol/function.fullMulDiv.md)
-- [sub](MPSLib.sol/function.sub.md)
 - [ValidationHookLib](ValidationHookLib.sol/library.ValidationHookLib.md)
@@ -1,13 +1,13 @@
 {
-  "checkpoint_advanceToCurrentStep": "157988",
-  "checkpoint_noBids": "141549",
-  "checkpoint_zeroSupply": "145295",
-  "claimTokens": "83315",
+  "checkpoint_advanceToCurrentStep": "158000",
+  "checkpoint_noBids": "141561",
+  "checkpoint_zeroSupply": "145303",
+  "claimTokens": "83293",
   "exitBid": "90090",
-  "exitPartiallyFilledBid": "290600",
-  "submitBid": "161288",
-  "submitBid_recordStep_updateCheckpoint": "314320",
-  "submitBid_recordStep_updateCheckpoint_initializeTick": "314320",
-  "submitBid_updateCheckpoint": "299530",
-  "submitBid_withValidationHook": "318561"
+  "exitPartiallyFilledBid": "290602",
+  "submitBid": "161323",
+  "submitBid_recordStep_updateCheckpoint": "314367",
+  "submitBid_recordStep_updateCheckpoint_initializeTick": "314367",
+  "submitBid_updateCheckpoint": "299577",
+  "submitBid_withValidationHook": "318608"
 }