From 0a2b7455328c9ccaedaf5aca5bb2c2a7b18f1ff2 Mon Sep 17 00:00:00 2001 From: Daniel Park Date: Sun, 12 Nov 2023 18:23:35 -0800 Subject: [PATCH] protect against bigint dec conversion attempt (#599) * protect against bigint dec conversion attempt * changeset * Update sdk.ts --- .changeset/red-dodos-obey.md | 6 ++++++ packages/frontend-sdk/src/sdk.ts | 6 ++---- .../scripts/uniswapRouterTest.ts | 11 +++++++---- .../src/UniswapV3Plugin/helpers.ts | 14 +++++++++++--- .../src/UniswapV3Plugin/index.ts | 6 ++---- 5 files changed, 28 insertions(+), 15 deletions(-) create mode 100644 .changeset/red-dodos-obey.md diff --git a/.changeset/red-dodos-obey.md b/.changeset/red-dodos-obey.md new file mode 100644 index 000000000..6cbd5872a --- /dev/null +++ b/.changeset/red-dodos-obey.md @@ -0,0 +1,6 @@ +--- +"@nocturne-xyz/op-request-plugins": patch +"@nocturne-xyz/frontend-sdk": patch +--- + +Fix bps bug, protect against bad maxSlippageBps inputs diff --git a/packages/frontend-sdk/src/sdk.ts b/packages/frontend-sdk/src/sdk.ts index f6f089a3b..6ccc58f2f 100644 --- a/packages/frontend-sdk/src/sdk.ts +++ b/packages/frontend-sdk/src/sdk.ts @@ -581,7 +581,7 @@ export class NocturneSdk implements NocturneSdkApi { maxSlippageBps = 50, protocol = "UNISWAP_V3", }: AnonSwapRequestParams): Promise { - let response: AnonErc20SwapQuoteResponse; + maxSlippageBps = Math.floor(Math.max(maxSlippageBps, 1)); // protect against bad BigInt decimal conversion attempt switch (protocol) { case "UNISWAP_V3": const quote = await getSwapQuote({ @@ -593,7 +593,7 @@ export class NocturneSdk implements NocturneSdkApi { tokenOutAddress: tokenOut, maxSlippageBps, }); - response = quote + return quote ? { success: true, quote, @@ -602,11 +602,9 @@ export class NocturneSdk implements NocturneSdkApi { success: false, message: `No route found for swap. Token in: ${tokenIn}, Token out: ${tokenOut}. Amount in: ${amountIn}`, }; - break; default: throw new Error(`Unsupported protocol: ${protocol}`); } - return response; } /** diff --git a/packages/op-request-plugins/scripts/uniswapRouterTest.ts b/packages/op-request-plugins/scripts/uniswapRouterTest.ts index 0f0b8b0fd..9668194f2 100644 --- a/packages/op-request-plugins/scripts/uniswapRouterTest.ts +++ b/packages/op-request-plugins/scripts/uniswapRouterTest.ts @@ -1,8 +1,11 @@ import { AlphaRouter } from "@uniswap/smart-order-router"; -import { ethers } from "ethers"; -import { currencyAmountToBigInt, getSwapRoute } from "../src/UniswapV3Plugin"; -import { Percent } from "@uniswap/sdk-core"; import dotenv from "dotenv"; +import { ethers } from "ethers"; +import { + bpsToPercent, + currencyAmountToBigInt, + getSwapRoute, +} from "../src/UniswapV3Plugin"; const MAINNET_WETH_ADDRESS = "0xC02aaA39b223FE8D0A0e5C4F27eAD9083C756Cc2"; const MAINNET_SUSD_ADDRESS = "0x57Ab1ec28D129707052df4dF418D58a2D46d5f51"; @@ -33,7 +36,7 @@ async function run() { console.log("OUTPUT AMOUNT", route.trade.outputAmount.toExact()); console.log( "MIN OUT", - route.trade.minimumAmountOut(new Percent(50, 10_000)).toExact() + route.trade.minimumAmountOut(bpsToPercent(50)).toExact() ); console.log("QUOTE 1 weth for SUSD:" + route.quote.toExact()); console.log("to:", route.methodParameters?.to); diff --git a/packages/op-request-plugins/src/UniswapV3Plugin/helpers.ts b/packages/op-request-plugins/src/UniswapV3Plugin/helpers.ts index 5f17b5e95..be4409e7d 100644 --- a/packages/op-request-plugins/src/UniswapV3Plugin/helpers.ts +++ b/packages/op-request-plugins/src/UniswapV3Plugin/helpers.ts @@ -76,7 +76,7 @@ export async function getSwapRoute({ const swapOpts: SwapOptionsSwapRouter02 = { type: SwapType.SWAP_ROUTER_02, recipient: fromAddress, - slippageTolerance: new Percent(maxSlippageBps, 10_000), + slippageTolerance: new Percent(maxSlippageBps, 100), deadline: Date.now() + 3_600, }; const route = await swapRouter.route( @@ -127,9 +127,9 @@ export function formatSwapQuote( return { exactQuoteWei: currencyAmountToBigInt(route.quote), minimumAmountOutWei: currencyAmountToBigInt( - route.trade.minimumAmountOut(new Percent(maxSlippageBps, 10_000)) + route.trade.minimumAmountOut(bpsToPercent(maxSlippageBps)) ), - priceImpactBps: Number(route.trade.priceImpact.toSignificant(4)) * 10_000, + priceImpactBps: percentToBps(route.trade.priceImpact), }; } @@ -138,3 +138,11 @@ export function currencyAmountToBigInt( ): bigint { return BigInt(currencyAmount.numerator.toString()); } + +export function percentToBps(percent: Percent, toSignificant = 4): number { + return Number(percent.toSignificant(4)) * 100; +} + +export function bpsToPercent(bps: number): Percent { + return new Percent(bps, 100); +} diff --git a/packages/op-request-plugins/src/UniswapV3Plugin/index.ts b/packages/op-request-plugins/src/UniswapV3Plugin/index.ts index b7437fe13..344bcd54c 100644 --- a/packages/op-request-plugins/src/UniswapV3Plugin/index.ts +++ b/packages/op-request-plugins/src/UniswapV3Plugin/index.ts @@ -9,11 +9,11 @@ import { } from "@nocturne-xyz/client"; import { UniswapV3Adapter__factory } from "@nocturne-xyz/contracts"; import { Action, Address, AssetTrait } from "@nocturne-xyz/core"; -import { Percent } from "@uniswap/sdk-core"; import * as JSON from "bigint-json-serialization"; import { ethers } from "ethers"; import ERC20_ABI from "../abis/ERC20.json"; import { + bpsToPercent, currencyAmountToBigInt, formatSwapQuote, getSwapRoute, @@ -98,9 +98,7 @@ export function UniswapV3Plugin( const route = swapRoute.route[0]; const pools = route.route.pools; const minimumAmountWithSlippage = currencyAmountToBigInt( - swapRoute.trade.minimumAmountOut( - new Percent(maxSlippageBps, 10_000) - ) + swapRoute.trade.minimumAmountOut(bpsToPercent(maxSlippageBps)) ); const recipient = opts?.recipient ?? this.config.handlerAddress;