arithmetic series curve PoC

[mihailo-maksa]

Overview

This PR introduces a new bonding curve implementation, the ArithmeticSeriesCurve, which provides a simple, incremental price increase for each subsequent share minted, and the similar mechanism for each share redeemed. The design aims to be intuitive, “just work,” and serve as a robust starting point for testing different economic models—ranging from more to less aggressive price increments.

---

Key Features

• Simplicity & Robustness:

  • Implements an arithmetic progression for share pricing using quadratic equations and arithmetic series sums (and their reverse forms).
  • Avoids reliance on external libraries or overly complex formulas, minimizing rounding errors and ensuring that the logic is straightforward and well-documented.

• User-Friendly & Transparent:

  • The pricing mechanism is intuitive for users, making it easier to understand how prices change with each additional share minted.
  • Comprehensive inline documentation explains the math behind the curve.
  • This implementation is also fairly gas efficient, as it doesn't use any loops, arrays or iterations in general.

• Enhanced Security Against Frontrunning:

  • Because every deposit dynamically shifts the price based on the current vault state (using a non-linear arithmetic series), frontrunners can’t easily predict the exact outcome of a transaction, greatly reducing arbitrage opportunities compared to a fixed, proportional conversion rate.

• Comprehensive Testing:

  • Includes both unit and fuzz testing that covers a wide range of scenarios: different numbers of shares minted or redeemed, and various curve parameters (from conservative to aggressive).
  • Helper functions are provided to ensure that deposits mint a whole number of shares, thereby avoiding fractional outputs.

---

Limitations & Future Work

• Whole-Number Only:

  • The current implementation only supports whole number share minting (by design) and works reliably for up to hundreds of thousands of shares minted at once, as demonstrated in the tests.

• Fee Handling:

  • All tests currently run with protocolFee, entryFee, and exitFee set to zero. When fees are applied, the returned share amounts become fractional in many cases as these fees are proportionate (percentage-based).

In conclusion, future iterations will explore strategies to integrate fee mechanisms in an efficient manner and without causing any fractional share issues, if the overall concept of the ArithmeticSeriesCurve is accepted and is determined that it's worth investing additional effort in doing so.

[github-actions]

Summary of Test Results if Merged To Main:

• Full logs & artifacts are available in the Actions tab
• This comment will update automatically with new CI runs

✅ All 109 tests passed! (0 skipped, Total: 109)

Test Results for Merge

Test Suite	Status	Coverage	Time
test/unit/EthMultiVault/AdminMultiVault.t.sol	✅	100% (16/16)	0.003s
test/unit/EthMultiVault/Approvals.t.sol	✅	100% (2/2)	0.001s
test/BaseTest.sol	✅	100% (2/2)	0.004s
test/unit/EthMultiVault/EmergencyReedemAtom.t.sol	✅	100% (4/4)	0.006s
test/unit/EthMultiVault/BatchCreateAtom.t.sol	✅	100% (2/2)	0.002s
test/unit/EthMultiVault/CreateAtom.t.sol	✅	100% (6/6)	0.006s
test/unit/EthMultiVault/CreateTriple.t.sol	✅	100% (6/6)	0.013s
test/unit/EthMultiVault/BatchCreateTriple.t.sol	✅	100% (4/4)	0.017s
test/unit/EthMultiVault/DepositAtom.t.sol	✅	100% (4/4)	0.006s
test/unit/EthMultiVault/DepositAtomCurve.t.sol	✅	100% (4/4)	0.005s
test/unit/EthMultiVault/DepositTriple.t.sol	✅	100% (4/4)	0.005s
test/unit/EthMultiVault/DepositTripleCurve.t.sol	✅	100% (4/4)	0.007s
test/unit/EthMultiVault/EmergencyRedeemTriple.t.sol	✅	100% (5/5)	0.009s
test/unit/EthMultiVault/RedeemAtom.t.sol	✅	100% (4/4)	0.004s
test/unit/EthMultiVault/RedeemAtomCurve.t.sol	✅	100% (4/4)	0.005s
test/unit/EthMultiVault/RedeemTriple.t.sol	✅	100% (5/5)	0.008s
test/unit/EthMultiVault/RedeemTripleCurve.t.sol	✅	100% (5/5)	0.009s
test/unit/EthMultiVault/UseCases.t.sol	✅	100% (6/6)	0.040s
test/unit/EthMultiVault/Helpers.t.sol	✅	100% (4/4)	0.004s
test/unit/EthMultiVault/Profit.t.sol	✅	100% (11/11)	0.027s
test/ArithmeticSeriesCurveTest.t.sol	✅	100% (2/2)	0.863s

🔒 Security Analysis

⚠️ Found 1 High and 5 Medium severity issues

High Severity Issues

arbitrary-send-eth

Impact: AtomWallet._call(address,uint256,bytes) (src/AtomWallet.sol#214-221) sends eth to arbitrary user Dangerous calls: - (success,result) = target.call{value: value}(data) (src/AtomWallet.sol#215)

Affected Files:

• src/AtomWallet.sol

View Detailed Findings

• src/AtomWallet.sol:214 in _call

Medium Severity Issues

View Medium Severity Issues

##### divide-before-multiply **Impact**: ArithmeticSeriesCurve.convertToShares(uint256,uint256,uint256) (src/ArithmeticSeriesCurve.sol#126-166) performs a multiplication on the result of a division: - S = totalShares / DECIMAL_PRECISION (src/ArithmeticSeriesCurve.sol#135) - b = 2 * BASE_PRICE - priceIncrement + 2 * S * priceIncrement (src/ArithmeticSeriesCurve.sol#141)

Affected Files:

• src/ArithmeticSeriesCurve.sol

• src/ArithmeticSeriesCurve.sol:126 in convertToShares

• src/ArithmeticSeriesCurve.sol:218 in calculateAssetsForDeposit

• src/ArithmeticSeriesCurve.sol:169 in convertToAssets

• src/ArithmeticSeriesCurve.sol:126 in convertToShares

incorrect-equality

Impact: EthMultiVault._validateTimelock(bytes32) (src/EthMultiVault.sol#2222-2234) uses a dangerous strict equality: - timelock.readyTime == 0 (src/EthMultiVault.sol#2225)

Affected Files:

• src/EthMultiVault.sol

• src/EthMultiVault.sol:2222 in _validateTimelock

Recommended Actions

1. Review and fix all high severity issues before deployment
2. Implement thorough testing for affected components
3. Consider additional security measures:
   • Access controls
   • Input validation
   • Invariant checks

⛽ Gas Analysis

📊 First gas snapshot created

[auroter]

Some math analysis:

Mathematical Formulations

ArithmeticSeriesCurve

• Price function: P(s) = basePrice + (s * priceIncrement)
• Base price: Starts at a fixed non-zero value (0.0001 ETH)
• Cost to mint shares: Uses arithmetic series summation

ProgressiveCurve

• Price function: P(s) = m * s (where m is the slope)
• Base price: Implicitly zero (no y-intercept)
• Cost to mint shares: Uses calculus (area under the curve)

Key Differences

1. Starting Price:

   • ArithmeticSeriesCurve has a non-zero starting price (BASE_PRICE)
   • ProgressiveCurve essentially starts at zero (though in practice the first share still has some cost)

2. Cost Calculation Approach:

   • ArithmeticSeriesCurve uses discrete summation: n * (firstTerm + lastTerm) / 2
   • ProgressiveCurve uses continuous integration: (s₂² - s₁²) * (m/2)

3. When expanded for minting n shares at current supply s:

   • ArithmeticSeriesCurve: n * (2*basePrice + (2s+n-1)*priceIncrement) / 2
   • ProgressiveCurve: (2sn + n²) * (m/2)

4. Implementation:

   • ArithmeticSeriesCurve uses standard integer math
   • ProgressiveCurve uses PRB Math library for fixed-point arithmetic (UD60x18)

Are They Equivalent?

They are conceptually similar but not mathematically identical:

If we set basePrice = 0 and priceIncrement = m in the ArithmeticSeriesCurve, the formulas would be:

• ArithmeticSeriesCurve: n(2s+n-1)*m/2 = (2sn + n² - n)*m/2
• ProgressiveCurve: (2sn + n²) * (m/2)

The difference is the -n*m/2 term in the ArithmeticSeriesCurve formula. This creates a small but meaningful difference in pricing dynamics, especially for small values of n and s.

Practical Implications

1. Initial Investment: ArithmeticSeriesCurve requires a minimum investment of at least BASE_PRICE, while ProgressiveCurve theoretically allows tiny initial investments.

2. Growth Dynamics: Both curves grow linearly, but ArithmeticSeriesCurve grows from a non-zero starting point.

3. Mathematical Model: ProgressiveCurve uses a continuous mathematical model (integration), while ArithmeticSeriesCurve uses a discrete model (summation).

The curves are similar in concept but will produce slightly different pricing outcomes due to these fundamental mathematical differences.

[github-actions]

Summary of Test Results if Merged To Main:

• Full logs & artifacts are available in the Actions tab
• This comment will update automatically with new CI runs

✅ All 109 tests passed! (0 skipped, Total: 109)

Test Results for Merge

Test Suite	Status	Coverage	Time
test/unit/EthMultiVault/EmergencyReedemAtom.t.sol	✅	100% (4/4)	0.003s
test/unit/EthMultiVault/CreateAtom.t.sol	✅	100% (6/6)	0.003s
test/unit/EthMultiVault/AdminMultiVault.t.sol	✅	100% (16/16)	0.005s
test/unit/EthMultiVault/Approvals.t.sol	✅	100% (2/2)	0.001s
test/unit/EthMultiVault/RedeemAtom.t.sol	✅	100% (4/4)	0.006s
test/unit/EthMultiVault/CreateTriple.t.sol	✅	100% (6/6)	0.007s
test/unit/EthMultiVault/DepositAtom.t.sol	✅	100% (4/4)	0.003s
test/unit/EthMultiVault/RedeemAtomCurve.t.sol	✅	100% (4/4)	0.008s
test/unit/EthMultiVault/DepositAtomCurve.t.sol	✅	100% (4/4)	0.003s
test/unit/EthMultiVault/DepositTriple.t.sol	✅	100% (4/4)	0.005s
test/unit/EthMultiVault/DepositTripleCurve.t.sol	✅	100% (4/4)	0.008s
test/unit/EthMultiVault/RedeemTriple.t.sol	✅	100% (5/5)	0.017s
test/unit/EthMultiVault/EmergencyRedeemTriple.t.sol	✅	100% (5/5)	0.013s
test/unit/EthMultiVault/RedeemTripleCurve.t.sol	✅	100% (5/5)	0.018s
test/unit/EthMultiVault/Helpers.t.sol	✅	100% (4/4)	0.004s
test/unit/EthMultiVault/Profit.t.sol	✅	100% (11/11)	0.026s
test/BaseTest.sol	✅	100% (2/2)	0.005s
test/unit/EthMultiVault/BatchCreateAtom.t.sol	✅	100% (2/2)	0.002s
test/unit/EthMultiVault/UseCases.t.sol	✅	100% (6/6)	0.068s
test/unit/EthMultiVault/BatchCreateTriple.t.sol	✅	100% (4/4)	0.008s
test/ArithmeticSeriesCurveTest.t.sol	✅	100% (2/2)	0.951s

🔒 Security Analysis

⚠️ Found 1 High and 5 Medium severity issues

High Severity Issues

arbitrary-send-eth

Impact: AtomWallet._call(address,uint256,bytes) (src/AtomWallet.sol#214-221) sends eth to arbitrary user Dangerous calls: - (success,result) = target.call{value: value}(data) (src/AtomWallet.sol#215)

Affected Files:

• src/AtomWallet.sol

View Detailed Findings

• src/AtomWallet.sol:214 in _call

Medium Severity Issues

View Medium Severity Issues

##### divide-before-multiply **Impact**: ArithmeticSeriesCurve.convertToAssets(uint256,uint256,uint256) (src/ArithmeticSeriesCurve.sol#208-244) performs a multiplication on the result of a division: - sharesToRedeem = shares / DECIMAL_PRECISION (src/ArithmeticSeriesCurve.sol#224) - assets = (sharesToRedeem * (highestTerm + lowestTerm)) / 2 (src/ArithmeticSeriesCurve.sol#241)

Affected Files:

• src/ArithmeticSeriesCurve.sol

• src/ArithmeticSeriesCurve.sol:208 in convertToAssets

• src/ArithmeticSeriesCurve.sol:156 in convertToShares

• src/ArithmeticSeriesCurve.sol:275 in calculateAssetsForDeposit

• src/ArithmeticSeriesCurve.sol:156 in convertToShares

incorrect-equality

Impact: EthMultiVault._validateTimelock(bytes32) (src/EthMultiVault.sol#2222-2234) uses a dangerous strict equality: - timelock.readyTime == 0 (src/EthMultiVault.sol#2225)

Affected Files:

• src/EthMultiVault.sol

• src/EthMultiVault.sol:2222 in _validateTimelock

Recommended Actions

1. Review and fix all high severity issues before deployment
2. Implement thorough testing for affected components
3. Consider additional security measures:
   • Access controls
   • Input validation
   • Invariant checks

⛽ Gas Analysis

📊 First gas snapshot created

[auroter]

@mihailo-maksa I added some additional Natspec comments to help the auto-generated documentation, and updated the documentation script and deployment script to include all the curves.

What do you think about completing the remaining preview function previewWithdraw?

[github-actions]

Summary of Test Results if Merged To Main:

• Full logs & artifacts are available in the Actions tab
• This comment will update automatically with new CI runs

✅ All 109 tests passed! (0 skipped, Total: 109)

Test Results for Merge

Test Suite	Status	Coverage	Time
test/unit/EthMultiVault/EmergencyReedemAtom.t.sol	✅	100% (4/4)	0.003s
test/unit/EthMultiVault/CreateAtom.t.sol	✅	100% (6/6)	0.003s
test/unit/EthMultiVault/AdminMultiVault.t.sol	✅	100% (16/16)	0.004s
test/unit/EthMultiVault/Approvals.t.sol	✅	100% (2/2)	0.001s
test/unit/EthMultiVault/RedeemAtom.t.sol	✅	100% (4/4)	0.006s
test/unit/EthMultiVault/CreateTriple.t.sol	✅	100% (6/6)	0.006s
test/unit/EthMultiVault/DepositAtom.t.sol	✅	100% (4/4)	0.003s
test/unit/EthMultiVault/RedeemAtomCurve.t.sol	✅	100% (4/4)	0.006s
test/unit/EthMultiVault/DepositAtomCurve.t.sol	✅	100% (4/4)	0.004s
test/unit/EthMultiVault/DepositTriple.t.sol	✅	100% (4/4)	0.006s
test/unit/EthMultiVault/RedeemTriple.t.sol	✅	100% (5/5)	0.017s
test/unit/EthMultiVault/DepositTripleCurve.t.sol	✅	100% (4/4)	0.007s
test/unit/EthMultiVault/EmergencyRedeemTriple.t.sol	✅	100% (5/5)	0.008s
test/unit/EthMultiVault/RedeemTripleCurve.t.sol	✅	100% (5/5)	0.018s
test/BaseTest.sol	✅	100% (2/2)	0.007s
test/unit/EthMultiVault/BatchCreateAtom.t.sol	✅	100% (2/2)	0.005s
test/unit/EthMultiVault/UseCases.t.sol	✅	100% (6/6)	0.040s
test/unit/EthMultiVault/BatchCreateTriple.t.sol	✅	100% (4/4)	0.017s
test/unit/EthMultiVault/Helpers.t.sol	✅	100% (4/4)	0.005s
test/unit/EthMultiVault/Profit.t.sol	✅	100% (11/11)	0.029s
test/ArithmeticSeriesCurveTest.t.sol	✅	100% (2/2)	0.904s

🔒 Security Analysis

⚠️ Found 1 High and 5 Medium severity issues

High Severity Issues

arbitrary-send-eth

Impact: AtomWallet._call(address,uint256,bytes) (src/AtomWallet.sol#214-221) sends eth to arbitrary user Dangerous calls: - (success,result) = target.call{value: value}(data) (src/AtomWallet.sol#215)

Affected Files:

• src/AtomWallet.sol

View Detailed Findings

• src/AtomWallet.sol:214 in _call

Medium Severity Issues

View Medium Severity Issues

##### divide-before-multiply **Impact**: ArithmeticSeriesCurve.convertToAssets(uint256,uint256,uint256) (src/ArithmeticSeriesCurve.sol#208-244) performs a multiplication on the result of a division: - sharesToRedeem = shares / DECIMAL_PRECISION (src/ArithmeticSeriesCurve.sol#224) - assets = (sharesToRedeem * (highestTerm + lowestTerm)) / 2 (src/ArithmeticSeriesCurve.sol#241)

Affected Files:

• src/ArithmeticSeriesCurve.sol

• src/ArithmeticSeriesCurve.sol:208 in convertToAssets

• src/ArithmeticSeriesCurve.sol:156 in convertToShares

• src/ArithmeticSeriesCurve.sol:275 in calculateAssetsForDeposit

• src/ArithmeticSeriesCurve.sol:156 in convertToShares

incorrect-equality

Impact: EthMultiVault._validateTimelock(bytes32) (src/EthMultiVault.sol#2222-2234) uses a dangerous strict equality: - timelock.readyTime == 0 (src/EthMultiVault.sol#2225)

Affected Files:

• src/EthMultiVault.sol

• src/EthMultiVault.sol:2222 in _validateTimelock

Recommended Actions

1. Review and fix all high severity issues before deployment
2. Implement thorough testing for affected components
3. Consider additional security measures:
   • Access controls
   • Input validation
   • Invariant checks

⛽ Gas Analysis

📊 First gas snapshot created

[github-actions]

Summary of Test Results if Merged To Main:

• Full logs & artifacts are available in the Actions tab
• This comment will update automatically with new CI runs

⚠️ Could not parse test results

🔒 Security Analysis

⚠️ Found 1 High and 5 Medium severity issues

High Severity Issues

arbitrary-send-eth

Impact: AtomWallet._call(address,uint256,bytes) (src/AtomWallet.sol#214-221) sends eth to arbitrary user Dangerous calls: - (success,result) = target.call{value: value}(data) (src/AtomWallet.sol#215)

Affected Files:

• src/AtomWallet.sol

View Detailed Findings

• src/AtomWallet.sol:214 in _call

Medium Severity Issues

View Medium Severity Issues

##### divide-before-multiply **Impact**: ArithmeticSeriesCurve.convertToAssets(uint256,uint256,uint256) (src/ArithmeticSeriesCurve.sol#208-244) performs a multiplication on the result of a division: - sharesToRedeem = shares / DECIMAL_PRECISION (src/ArithmeticSeriesCurve.sol#224) - assets = (sharesToRedeem * (highestTerm + lowestTerm)) / 2 (src/ArithmeticSeriesCurve.sol#241)

Affected Files:

• src/ArithmeticSeriesCurve.sol

• src/ArithmeticSeriesCurve.sol:208 in convertToAssets

• src/ArithmeticSeriesCurve.sol:156 in convertToShares

• src/ArithmeticSeriesCurve.sol:275 in calculateAssetsForDeposit

• src/ArithmeticSeriesCurve.sol:156 in convertToShares

incorrect-equality

Impact: EthMultiVault._validateTimelock(bytes32) (src/EthMultiVault.sol#2190-2202) uses a dangerous strict equality: - timelock.readyTime == 0 (src/EthMultiVault.sol#2193)

Affected Files:

• src/EthMultiVault.sol

• src/EthMultiVault.sol:2190 in _validateTimelock

Recommended Actions

1. Review and fix all high severity issues before deployment
2. Implement thorough testing for affected components
3. Consider additional security measures:
   • Access controls
   • Input validation
   • Invariant checks

⛽ Gas Analysis

⚠️ No gas snapshot generated

[mcclurejt]

We probably want to use natspec instead of inline commenting for these

[mihailo-maksa]

Agreed

[mcclurejt]

We probably want to use natspec instead of inline commenting for these

[mcclurejt]

would be really nice to have a shared "default" setUp function to cut down on LOC

[mihailo-maksa]

Yeah, we could definitely work on that

[mcclurejt]

Why add cases in addition to the ones parameterized by the fuzz test?

Not saying it's wrong, just curious

[mihailo-maksa]

That was mostly because I went about testing step by step, e.g. first make sure we can mint 1 share, then some known small number of shares (e.g. 5 more shares) and finally some bigger, more random number of shares. Same logic applies with testing redemptions as well.

Although you're correct that these might not be needed anymore and removing some of these cases could simplify the test suite

[mcclurejt]

Looks really good! Some minor natspec nits and questions

[github-actions]

Summary of Test Results if Merged To Main:

• Full logs & artifacts are available in the Actions tab
• This comment will update automatically with new CI runs

⚠️ Could not parse test results

🔒 Security Analysis

⚠️ Found 1 High and 5 Medium severity issues

High Severity Issues

arbitrary-send-eth

Impact: AtomWallet._call(address,uint256,bytes) (src/AtomWallet.sol#214-221) sends eth to arbitrary user Dangerous calls: - (success,result) = target.call{value: value}(data) (src/AtomWallet.sol#215)

Affected Files:

• src/AtomWallet.sol

View Detailed Findings

• src/AtomWallet.sol:214 in _call

Medium Severity Issues

View Medium Severity Issues

##### divide-before-multiply **Impact**: ArithmeticSeriesCurve.convertToAssets(uint256,uint256,uint256) (src/ArithmeticSeriesCurve.sol#208-244) performs a multiplication on the result of a division: - sharesToRedeem = shares / DECIMAL_PRECISION (src/ArithmeticSeriesCurve.sol#224) - assets = (sharesToRedeem * (highestTerm + lowestTerm)) / 2 (src/ArithmeticSeriesCurve.sol#241)

Affected Files:

• src/ArithmeticSeriesCurve.sol

• src/ArithmeticSeriesCurve.sol:208 in convertToAssets

• src/ArithmeticSeriesCurve.sol:156 in convertToShares

• src/ArithmeticSeriesCurve.sol:275 in calculateAssetsForDeposit

• src/ArithmeticSeriesCurve.sol:156 in convertToShares

incorrect-equality

Impact: EthMultiVault._validateTimelock(bytes32) (src/EthMultiVault.sol#2190-2202) uses a dangerous strict equality: - timelock.readyTime == 0 (src/EthMultiVault.sol#2193)

Affected Files:

• src/EthMultiVault.sol

• src/EthMultiVault.sol:2190 in _validateTimelock

Recommended Actions

1. Review and fix all high severity issues before deployment
2. Implement thorough testing for affected components
3. Consider additional security measures:
   • Access controls
   • Input validation
   • Invariant checks

⛽ Gas Analysis

⚠️ No gas snapshot generated

[github-actions]

Summary of Test Results if Merged To Main:

• Full logs & artifacts are available in the Actions tab
• This comment will update automatically with new CI runs

⚠️ Could not parse test results

🔒 Security Analysis

⚠️ Found 1 High and 5 Medium severity issues

High Severity Issues

arbitrary-send-eth

Impact: AtomWallet._call(address,uint256,bytes) (src/AtomWallet.sol#214-221) sends eth to arbitrary user Dangerous calls: - (success,result) = target.call{value: value}(data) (src/AtomWallet.sol#215)

Affected Files:

• src/AtomWallet.sol

View Detailed Findings

• src/AtomWallet.sol:214 in _call

Medium Severity Issues

View Medium Severity Issues

##### divide-before-multiply **Impact**: ArithmeticSeriesCurve.convertToAssets(uint256,uint256,uint256) (src/ArithmeticSeriesCurve.sol#208-244) performs a multiplication on the result of a division: - sharesToRedeem = shares / DECIMAL_PRECISION (src/ArithmeticSeriesCurve.sol#224) - assets = (sharesToRedeem * (highestTerm + lowestTerm)) / 2 (src/ArithmeticSeriesCurve.sol#241)

Affected Files:

• src/ArithmeticSeriesCurve.sol

• src/ArithmeticSeriesCurve.sol:208 in convertToAssets

• src/ArithmeticSeriesCurve.sol:156 in convertToShares

• src/ArithmeticSeriesCurve.sol:275 in calculateAssetsForDeposit

• src/ArithmeticSeriesCurve.sol:156 in convertToShares

incorrect-equality

Impact: EthMultiVault._validateTimelock(bytes32) (src/EthMultiVault.sol#2190-2202) uses a dangerous strict equality: - timelock.readyTime == 0 (src/EthMultiVault.sol#2193)

Affected Files:

• src/EthMultiVault.sol

• src/EthMultiVault.sol:2190 in _validateTimelock

Recommended Actions

1. Review and fix all high severity issues before deployment
2. Implement thorough testing for affected components
3. Consider additional security measures:
   • Access controls
   • Input validation
   • Invariant checks

⛽ Gas Analysis

⚠️ No gas snapshot generated