Disagreement · f1aedd24-anthropic-1

approxOut precision loss via Number() on 18-decimal wei amounts produces wrong amountOutMinimum (potential silent loss or revert)

solo Opus

repo 53606958·PR #6·reviewed 1 week ago

Opus finding

approxOut precision loss via Number() on 18-decimal wei amounts produces wrong amountOutMinimum (potential silent loss or revert)

highbughigh

scripts/reposition.ts:313-322
scripts/reposition.ts:246-248

swapAmountIn is in wei (1e18 scaling). Number(swapAmountIn) loses precision for any amount above ~9e15 (Number.MAX_SAFE_INTEGER = 2^53 ≈ 9.007e15), i.e. above ~0.009 ETH or ~0.009 DIEM. The conversion goes through float and back to BigInt, which (a) silently drops precision and (b) compounds with rounding of diemPerWeth. amountOutMin is then derived from this approximate value with only 3% slippage — meaning the slippage buffer may be smaller than the float quantization error. For larger LPs this either reverts the swap (overly aggressive min) or under-protects against MEV/price impact (if approxOut overshoots).

Recommendation

Compute approxOut in BigInt: derive a fixed-point price from sqrtPriceX96 (e.g., price1Per0Q96 = sqrtPriceX96^2 / 2^96) and do (amountIn * price) >> 96 in BigInt. Apply pool fee and slippage in BigInt only.

Other reviewer

The other reviewer flagged nothing in this file/line range.

Why this didn't post

This finding didn't meet AntFleet's unanimous agreement threshold. Both frontier models review every PR independently; only findings they both flag with the same severity and category are posted to the PR. This one fell through.

read the methodology →

From the same review

These findings passed the unanimous gate on the same PR review. The disagreement above was filtered out; the findings below were posted.

← back to all disagreements view public receipts see unanimous findings + anatomies →

Tweet ↗