use unchecked math in f() function to improve on-chain quoting efficiency

hoytech · hoytech · commit d33b6d8d4b8a · 2025-03-02T09:42:07.000-05:00
diff --git a/docs/f.md b/docs/f.md
@@ -46,3 +46,15 @@ None of the computations for the arguments to `mulDiv` can overflow:
 If amounts/prices are large, and we travel too far down the curve, then `mulDiv` (or the subsequent `y0` addition) could overflow because its output value cannot be represented as a `uint256`. However, these output values would never be valid anyway, because they exceed `type(uint112).max`.
 
 To see this, consider the case where `mulDiv` fails due to overflow. This means that its result would've been greater than `2**256 - 1`. Dividing this value by the largest allowed value for `py` (`1e36`) gives approximately `2**136`, which is greater than the maximum allowed amount value of `2**112 - 1`. Both the rounding up operation and the final addition of `y0` can only further *increase* this value. This means that all cases where `mulDiv` or the subsequent additions overflow would involve `f()` returning values that are impossible for a swapper to satisfy, so they would revert anyways.
+
+### Unchecked Math
+
+As-per the previous section, none of the computations of the arguments to `mulDiv` can overflow. To prevent overflows in the remaining operations, the `mulDiv` output is further restricted to `2**248 - 1`:
+
+    unchecked {
+        uint256 v = Math.mulDiv(px * (x0 - x), c * x + (1e18 - c) * x0, x * 1e18, Math.Rounding.Ceil);
+        require(v <= type(uint248).max, Overflow());
+        return y0 + (v + (py - 1)) / py;
+    }
+
+Note that this does not change the analysis of the previous section: Values between `2**248 - 1` and `2**256 - 1` will also never reduce down to the required `2**112 - 1`, so this does not cause any additional failure cases.
diff --git a/src/EulerSwap.sol b/src/EulerSwap.sol
@@ -47,7 +47,7 @@ contract EulerSwap is IEulerSwap, EVCUtil {
 
     error Locked();
     error Overflow();
-    error BadFee();
+    error BadParam();
     error DifferentEVC();
     error AssetsOutOfOrderOrEqual();
     error CurveViolation();
@@ -64,7 +64,11 @@ contract EulerSwap is IEulerSwap, EVCUtil {
     constructor(Params memory params, CurveParams memory curveParams) EVCUtil(IEVault(params.vault0).EVC()) {
         // EulerSwap params
 
-        require(params.fee < 1e18, BadFee());
+        require(params.fee < 1e18, BadParam());
+        require(params.debtLimit0 <= type(uint112).max && params.debtLimit1 <= type(uint112).max, BadParam());
+        require(curveParams.priceX > 0 && curveParams.priceY > 0, BadParam());
+        require(curveParams.priceX <= 1e36 && curveParams.priceY <= 1e36, BadParam());
+        require(curveParams.concentrationX <= 1e18 && curveParams.concentrationY <= 1e18, BadParam());
         require(IEVault(params.vault0).EVC() == IEVault(params.vault1).EVC(), DifferentEVC());
 
         address asset0Addr = IEVault(params.vault0).asset();
@@ -240,7 +244,11 @@ contract EulerSwap is IEulerSwap, EVCUtil {
 
     /// @dev EulerSwap curve definition
     /// Pre-conditions: x <= x0, 1 <= {px,py} <= 1e36, {x0,y0} <= type(uint112).max, c <= 1e18
-    function f(uint256 x, uint256 px, uint256 py, uint256 x0, uint256 y0, uint256 c) public pure returns (uint256) {
-        return y0 + (Math.mulDiv(px * (x0 - x), c * x + (1e18 - c) * x0, x * 1e18, Math.Rounding.Ceil) + (py - 1)) / py;
+    function f(uint256 x, uint256 px, uint256 py, uint256 x0, uint256 y0, uint256 c) internal pure returns (uint256) {
+        unchecked {
+            uint256 v = Math.mulDiv(px * (x0 - x), c * x + (1e18 - c) * x0, x * 1e18, Math.Rounding.Ceil);
+            require(v <= type(uint248).max, Overflow());
+            return y0 + (v + (py - 1)) / py;
+        }
     }
 }
diff --git a/test/EulerSwapFactoryTest.t.sol b/test/EulerSwapFactoryTest.t.sol
@@ -79,7 +79,7 @@ contract EulerSwapFactoryTest is EulerSwapTestBase {
 
     function testDeployWithBadFee() public {
         vm.prank(creator);
-        vm.expectRevert(EulerSwap.BadFee.selector);
+        vm.expectRevert(EulerSwap.BadParam.selector);
         eulerSwapFactory.deployPool(
             IEulerSwapFactory.DeployParams(
                 address(eTST), address(eTST2), holder, 1e18, 1e18, 1e18, 0.4e18, 0.85e18, 50e18, 50e18
diff --git a/test/EulerSwapTest.t.sol b/test/EulerSwapTest.t.sol
@@ -176,14 +176,17 @@ contract EulerSwapTest is EulerSwapTestBase {
         }
     }
 
+    /*
+    // Make `f()` function public to run this test
     function test_fFuncOverflow(uint256 xt, uint256 px, uint256 py, uint256 x0, uint256 y0, uint256 c) public view {
         x0 = bound(x0, 1, type(uint112).max);
         y0 = bound(y0, 0, type(uint112).max);
-        xt = bound(xt, 1 + x0 / 1e6, x0); // from 1 millionth of the reserves left up
+        xt = bound(xt, 1 + x0 / 1e3, x0); // thousand-fold price movement
         px = bound(px, 1, 1e36);
         py = bound(py, 1, 1e36);
         c = bound(c, 1, 1e18);
 
         eulerSwap.f(xt, px, py, x0, y0, c);
     }
+    */
 }

Original file line number	Diff line number	Diff line change
`@@ -176,14 +176,17 @@ contract EulerSwapTest is EulerSwapTestBase {`
`176`	`176`	`}`
`177`	`177`	`}`
`178`	`178`
	`179`	`+ /*`
	`180`	+ // Make `f()` function public to run this test
`179`	`181`	`function test_fFuncOverflow(uint256 xt, uint256 px, uint256 py, uint256 x0, uint256 y0, uint256 c) public view {`
`180`	`182`	`x0 = bound(x0, 1, type(uint112).max);`
`181`	`183`	`y0 = bound(y0, 0, type(uint112).max);`
`182`		`- xt = bound(xt, 1 + x0 / 1e6, x0); // from 1 millionth of the reserves left up`
	`184`	`+ xt = bound(xt, 1 + x0 / 1e3, x0); // thousand-fold price movement`
`183`	`185`	`px = bound(px, 1, 1e36);`
`184`	`186`	`py = bound(py, 1, 1e36);`
`185`	`187`	`c = bound(c, 1, 1e18);`
`186`	`188`
`187`	`189`	`eulerSwap.f(xt, px, py, x0, y0, c);`
`188`	`190`	`}`
	`191`	`+ */`
`189`	`192`	`}`