Basin Invitational

A composable EVM-native decentralized exchange protocol.

  • Start date23 Aug 2024
  • End date27 Aug 2024
  • Total awards$7,750 in USDC
  • Duration4 days

Basin audit details

  • Total Prize Pool: $7,750 in USDC
    • HM awards: $5,510 in USDC
    • QA awards: $240 in USDC
    • Judge awards: $1,500 in USDC
    • Scout awards: $500 in USDC
  • Read our guidelines for more details
  • Starts August 23, 2024 20:00 UTC
  • Ends August 27, 2024 20:00 UTC

This is a Private audit

This audit repo and its Discord channel are accessible to certified wardens only. Participation in private audits is bound by:

  1. Code4rena's Certified Contributor Terms and Conditions
  2. Code4rena's Certified Contributor Code of Professional Conduct

All discussions regarding private audits should be considered private and confidential unless otherwise indicated.

Automated Findings / Publicly Known Issues

The 4naly3er report can be found here.

All findings in the following audit reports:

Note for C4 wardens: Anything included in this Automated Findings / Publicly Known Issues section is considered a publicly known issue and is ineligible for awards.

Basin

basin(green)-512x512 (1) 512x512-MF

Code Version: 1.0.0
Whitepaper Version: 1.0.0

Multi Flow

The Multi Flow Pump implementation is also included in this repository at MultiFlowPump.sol.

Code Version: 1.0.0
Whitepaper Version: 1.0.0

About

Basin is a composable EVM-native decentralized exchange protocol.

Audits

Documentation

A {Well} is a constant function AMM that allows the provisioning of liquidity into a single pooled on-chain liquidity position.

Each Well is defined by its Tokens, Well function, and Pump.

  • The Tokens define the set of ERC-20 tokens that can be exchanged in the Well.
  • The Well function defines an invariant relationship between the Well's reserves and the supply of LP tokens. See {IWellFunction}.
  • Pumps are on-chain oracles that are updated upon each interaction with the Well. See {IPump}.

A Well's tokens, Well function, and Pump are stored as immutable variables during Well construction to prevent unnecessary SLOAD calls during operation.

Wells support swapping, adding liquidity, and removing liquidity in balanced or imbalanced proportions.

Wells maintain two components of state:

  • a balance of tokens received through Well operations ("reserves")
  • an ERC-20 LP token representing pro-rata ownership of the reserves

Well functions and Pumps can independently choose to be stateful or stateless.

Including a Pump is optional.

Each Well implements ERC-20, ERC-2612 and the {IWell} interface.

Motivation

Allowing composability of the pricing function and oracle at the Well level is a deliberate design decision with significant implications.

In particular, a standard AMM interface invoking composable components allows for developers to iterate upon the underlying pricing functions and oracles, which greatly impacts gas and capital efficiency.

However, this architecture shifts much of the attack surface area to the Well's components. Users of Wells should be aware that anyone can deploy a Well with malicious components, and that new Wells SHOULD NOT be trusted without careful review. This understanding is particularly important in the DeFi context in which Well data may be consumed via on-chain registries or off-chain indexing systems.

The Wells architecture aims to outline a simple interface for composable AMMs and leave the process of evaluating a given Well's trustworthiness as the responsibility of the user. To this end, future work may focus on development of on-chain Well registries and factories which create or highlight Wells composed of known components.

An example factory implementation is provided in {Aquifer} without any opinion regarding the trustworthiness of Well functions and the Pumps using it. Wells are not required to be deployed via this mechanism.

License

MIT

Links


Scope

See scope.txt

ℹ️ All of the contracts below were audited in Basin's July audit. Here is a commit highlighting the changes.

Files in scope

FileLogic ContractsInterfacesnSLOCPurposeLibraries used
/src/functions/Stable2.sol1****209src/interfaces/IBeanstalkWellFunction.sol<br>src/interfaces/ILookupTable.sol<br>src/functions/ProportionalLPToken2.sol<br>forge-std/interfaces/IERC20.sol
/src/functions/StableLUT/Stable2LUT1.sol1****2150src/interfaces/ILookupTable.sol
/src/WellUpgradeable.sol1****74src/Well.sol<br>ozu/proxy/utils/UUPSUpgradeable.sol<br>ozu/access/OwnableUpgradeable.sol<br>oz/token/ERC20/utils/SafeERC20.sol<br>src/interfaces/IAquifer.sol
Totals3****2433

Files out of scope

See out_of_scope.txt

File
./mocks/functions/MockEmptyFunction.sol
./mocks/functions/MockFunctionBad.sol
./mocks/pumps/MockFailPump.sol
./mocks/pumps/MockPump.sol
./mocks/tokens/MockToken.sol
./mocks/tokens/MockTokenFeeOnTransfer.sol
./mocks/tokens/MockTokenNoName.sol
./mocks/tokens/ReentrantMockToken.sol
./mocks/wells/MockInitFailWell.sol
./mocks/wells/MockReserveWell.sol
./mocks/wells/MockStaticWell.sol
./mocks/wells/MockWellUpgradeable.sol
./script/deploy/Aquifer.s.sol
./script/deploy/AquiferWell.s.sol
./script/deploy/MockPump.s.sol
./script/deploy/Well.s.sol
./script/deploy/helpers/Logger.sol
./script/helpers/WellDeployer.sol
./script/simulations/stableswap/StableswapCalcRatiosLiqSim.s.sol
./script/simulations/stableswap/StableswapCalcRatiosSwapSim.s.sol
./src/Aquifer.sol
./src/Well.sol
./src/functions/ConstantProduct.sol
./src/functions/ConstantProduct2.sol
./src/functions/ProportionalLPToken.sol
./src/functions/ProportionalLPToken2.sol
./src/interfaces/IAquifer.sol
./src/interfaces/IBeanstalkWellFunction.sol
./src/interfaces/ILookupTable.sol
./src/interfaces/IMultiFlowPumpWellFunction.sol
./src/interfaces/IWell.sol
./src/interfaces/IWellErrors.sol
./src/interfaces/IWellFunction.sol
./src/interfaces/pumps/ICumulativePump.sol
./src/interfaces/pumps/IInstantaneousPump.sol
./src/interfaces/pumps/IMultiFlowPumpErrors.sol
./src/interfaces/pumps/IPump.sol
./src/libraries/ABDKMathQuad.sol
./src/libraries/LibBytes.sol
./src/libraries/LibBytes16.sol
./src/libraries/LibClone.sol
./src/libraries/LibContractInfo.sol
./src/libraries/LibLastReserveBytes.sol
./src/libraries/LibMath.sol
./src/libraries/LibWellConstructor.sol
./src/libraries/LibWellUpgradeableConstructor.sol
./src/pumps/MultiFlowPump.sol
./src/utils/Clone.sol
./src/utils/ClonePlus.sol
./test/Aquifer.t.sol
./test/LiquidityHelper.sol
./test/Stable2/LookupTable.t.sol
./test/Stable2/Well.Stable2.AddLiquidity.t.sol
./test/Stable2/Well.Stable2.Bore.t.sol
./test/Stable2/Well.Stable2.RemoveLiquidity.t.sol
./test/Stable2/Well.Stable2.RemoveLiquidityImbalanced.t.sol
./test/Stable2/Well.Stable2.RemoveLiquidityOneToken.t.sol
./test/Stable2/Well.Stable2.Shift.t.sol
./test/Stable2/Well.Stable2.Skim.t.sol
./test/Stable2/Well.Stable2.SwapFrom.t.sol
./test/Stable2/Well.Stable2.SwapTo.t.sol
./test/SwapHelper.sol
./test/TestHelper.sol
./test/Well.AddLiquidity.t.sol
./test/Well.AddLiquidityFeeOnTransfer.Fee.t.sol
./test/Well.AddLiquidityFeeOnTransfer.NoFee.t.sol
./test/Well.Bore.t.sol
./test/Well.DuplicateTokens.t.sol
./test/Well.FeeOnTransfer.t.sol
./test/Well.ReadOnlyReentrancy.t.sol
./test/Well.RemoveLiquidity.t.sol
./test/Well.RemoveLiquidityImbalanced.t.sol
./test/Well.RemoveLiquidityOneToken.t.sol
./test/Well.Shift.t.sol
./test/Well.Skim.t.sol
./test/Well.SucceedOnPumpFailure.t.sol
./test/Well.SwapFrom.t.sol
./test/Well.SwapFromFeeOnTransfer.Fee.t.sol
./test/Well.SwapFromFeeOnTransfer.NoFee.t.sol
./test/Well.SwapTo.t.sol
./test/Well.Sync.t.sol
./test/Well.Tokens.t.sol
./test/Well.UpdatePump.t.sol
./test/WellUpgradeable.t.sol
./test/beanstalk/BeanstalkConstantProduct.calcReserveAtRatioLiquidity.t.sol
./test/beanstalk/BeanstalkConstantProduct.calcReserveAtRatioSwap.t.sol
./test/beanstalk/BeanstalkConstantProduct2.calcReserveAtRatioLiquidity.t.sol
./test/beanstalk/BeanstalkConstantProduct2.calcReserveAtRatioSwap.t.sol
./test/beanstalk/BeanstalkStable2.calcReserveAtRatioLiquidity.t.sol
./test/beanstalk/BeanstalkStable2.calcReserveAtRatioSwap.t.sol
./test/functions/ConstantProduct.t.sol
./test/functions/ConstantProduct2.t.sol
./test/functions/Stable2.t.sol
./test/functions/WellFunctionHelper.sol
./test/helpers/Users.sol
./test/integration/GasMetering.sol
./test/integration/IntegrationTestGasComparisons.sol
./test/integration/IntegrationTestHelper.sol
./test/integration/interfaces/ICurve.sol
./test/integration/interfaces/IPipeline.sol
./test/integration/interfaces/IUniswap.sol
./test/invariant/Handler.t.sol
./test/invariant/Invariants.t.sol
./test/libraries/LibBytes.t.sol
./test/libraries/LibBytes16.t.sol
./test/libraries/LibContractInfo.t.sol
./test/libraries/LibLastReserveBytes.t.sol
./test/libraries/LibMath.t.sol
./test/libraries/TestABDK.t.sol
./test/pumps/Pump.CapReserves.t.sol
./test/pumps/Pump.Fuzz.t.sol
./test/pumps/Pump.Helpers.t.sol
./test/pumps/Pump.Longevity.t.sol
./test/pumps/Pump.NotInitialized.t.sol
./test/pumps/Pump.TimeWeightedAverage.t.sol
./test/pumps/Pump.Update.t.sol
./test/pumps/PumpHelpers.sol
Totals: 117

Scoping Q & A

General questions

QuestionAnswer
ERC20 used by the protocolAny (all possible ERC20s)
Test coverageLines: 82.29% - Functions: 82.39%
ERC721 used by the protocolNone
ERC777 used by the protocolNone
ERC1155 used by the protocolNone
Chains the protocol will be deployed onEthereum

ERC20 token behaviors in scope

External integrations (e.g., Uniswap) behavior in scope:

QuestionAnswer
Enabling/disabling fees (e.g. Blur disables/enables fees)No
Pausability (e.g. Uniswap pool gets paused)No
Upgradeability (e.g. Uniswap gets upgraded)No

EIP compliance checklist

  • None

Additional context

Main invariants

  • None

Attack ideas (where to focus for bugs)

  • None

All trusted roles in the protocol

  • N/A

Describe any novel or unique curve logic or mathematical models implemented in the contracts:

  • With regard to the Stable 2 Well Function, a lookup table is used to assist the Newtonian estimation to decrease the computation needed to converge to an answer. See inline comments.

Running tests

Setup the repo and requirements:

git clone https://github.com/code-423n4/2024-08-basin.git cd 2024-07-basin git submodule update --init --recursive foundryup forge install

Setup Python environment and perform the tests (Make sure your MAINNET_RPC_URL is set in .env file):

python3 -m venv env source env/bin/activate python3 -m pip install -r requirements.txt forge test --ffi

To run code coverage:

forge coverage --ffi
File% Lines% Statements% Branches% Funcs
mocks/functions/MockEmptyFunction.sol66.67% (2/3)66.67% (2/3)100.00% (0/0)80.00% (4/5)
mocks/functions/MockFunctionBad.sol33.33% (1/3)25.00% (1/4)100.00% (0/0)60.00% (3/5)
mocks/pumps/MockFailPump.sol100.00% (1/1)100.00% (1/1)100.00% (0/0)100.00% (1/1)
mocks/pumps/MockPump.sol50.00% (1/2)50.00% (1/2)100.00% (0/0)50.00% (1/2)
mocks/tokens/MockToken.sol83.33% (5/6)83.33% (5/6)100.00% (0/0)80.00% (4/5)
mocks/tokens/MockTokenFeeOnTransfer.sol81.25% (13/16)86.36% (19/22)100.00% (0/0)66.67% (6/9)
mocks/tokens/ReentrantMockToken.sol100.00% (7/7)88.89% (8/9)66.67% (2/3)100.00% (3/3)
mocks/wells/MockInitFailWell.sol100.00% (2/2)100.00% (2/2)100.00% (0/0)100.00% (2/2)
mocks/wells/MockReserveWell.sol100.00% (7/7)100.00% (7/7)100.00% (0/0)100.00% (6/6)
mocks/wells/MockStaticWell.sol100.00% (31/31)100.00% (40/40)50.00% (2/4)100.00% (10/10)
mocks/wells/MockWellUpgradeable.sol100.00% (1/1)100.00% (1/1)100.00% (0/0)100.00% (1/1)
script/deploy/Aquifer.s.sol0.00% (0/3)0.00% (0/4)100.00% (0/0)0.00% (0/1)
script/deploy/AquiferWell.s.sol0.00% (0/17)0.00% (0/23)100.00% (0/0)0.00% (0/1)
script/deploy/MockPump.s.sol0.00% (0/5)0.00% (0/7)100.00% (0/0)0.00% (0/1)
script/deploy/Well.s.sol0.00% (0/17)0.00% (0/23)100.00% (0/0)0.00% (0/1)
script/deploy/helpers/Logger.sol0.00% (0/8)0.00% (0/8)100.00% (0/0)0.00% (0/1)
script/helpers/WellDeployer.sol100.00% (6/6)100.00% (6/6)100.00% (0/0)100.00% (2/2)
script/simulations/stableswap/StableswapCalcRatiosLiqSim.s.sol0.00% (0/43)0.00% (0/55)100.00% (0/0)0.00% (0/1)
script/simulations/stableswap/StableswapCalcRatiosSwapSim.s.sol0.00% (0/57)0.00% (0/75)100.00% (0/0)0.00% (0/1)
src/Aquifer.sol100.00% (27/27)100.00% (30/30)100.00% (14/14)100.00% (3/3)
src/Well.sol99.22% (254/256)98.90% (361/365)100.00% (26/26)97.96% (48/49)
src/WellUpgradeable.sol88.24% (30/34)90.20% (46/51)56.25% (9/16)80.00% (8/10)
src/functions/ConstantProduct.sol77.27% (17/22)70.59% (24/34)66.67% (2/3)75.00% (6/8)
src/functions/ConstantProduct2.sol100.00% (12/12)100.00% (16/16)100.00% (1/1)100.00% (7/7)
src/functions/ProportionalLPToken.sol0.00% (0/3)0.00% (0/5)100.00% (0/0)0.00% (0/1)
src/functions/ProportionalLPToken2.sol100.00% (3/3)100.00% (3/3)100.00% (0/0)100.00% (1/1)
src/functions/Stable2.sol93.08% (121/130)93.94% (186/198)80.00% (24/30)92.86% (13/14)
src/functions/StableLUT/Stable2LUT1.sol96.07% (391/407)96.07% (391/407)94.55% (382/404)100.00% (3/3)
src/libraries/ABDKMathQuad.sol73.59% (772/1049)75.13% (1142/1520)59.00% (331/561)46.88% (15/32)
src/libraries/LibBytes.sol100.00% (26/26)100.00% (33/33)100.00% (16/16)100.00% (2/2)
src/libraries/LibBytes16.sol100.00% (21/21)100.00% (28/28)100.00% (6/6)100.00% (2/2)
src/libraries/LibClone.sol88.66% (86/97)88.89% (88/99)0.00% (0/5)90.00% (9/10)
src/libraries/LibContractInfo.sol66.67% (8/12)61.54% (8/13)50.00% (2/4)66.67% (2/3)
src/libraries/LibLastReserveBytes.sol97.56% (40/41)98.15% (53/54)100.00% (7/7)75.00% (3/4)
src/libraries/LibMath.sol98.53% (67/68)98.70% (76/77)80.00% (8/10)100.00% (4/4)
src/libraries/LibWellConstructor.sol92.86% (13/14)94.74% (18/19)100.00% (0/0)75.00% (3/4)
src/libraries/LibWellUpgradeableConstructor.sol92.86% (13/14)94.74% (18/19)100.00% (0/0)75.00% (3/4)
src/pumps/MultiFlowPump.sol96.43% (189/196)96.34% (263/273)88.89% (24/27)100.00% (21/21)
src/utils/Clone.sol41.67% (5/12)38.89% (7/18)100.00% (0/0)50.00% (3/6)
src/utils/ClonePlus.sol100.00% (7/7)100.00% (11/11)100.00% (0/0)100.00% (2/2)
test/LiquidityHelper.sol63.16% (24/38)67.80% (40/59)100.00% (0/0)57.14% (4/7)
test/SwapHelper.sol92.31% (24/26)94.12% (32/34)100.00% (0/0)66.67% (2/3)
test/TestHelper.sol89.29% (150/168)90.22% (203/225)80.00% (8/10)86.96% (40/46)
test/helpers/Users.sol81.82% (9/11)81.25% (13/16)100.00% (0/0)66.67% (2/3)
test/integration/IntegrationTestHelper.sol90.32% (28/31)92.68% (38/41)50.00% (1/2)100.00% (6/6)
test/invariant/Handler.t.sol90.73% (235/259)90.80% (316/348)93.75% (15/16)95.45% (21/22)
Total82.29% (2649/3219)82.37% (3537/4294)75.54% (880/1165)82.39% (276/335)

Miscellaneous

Employees of Beanstalk Farms contributors and employees' family members are ineligible to participate in this audit.