Keyboard shortcuts

Press or to navigate between chapters

Press S or / to search in the book

Press ? to show this help

Press Esc to hide this help

ERC4626AssetFlowAssertion

Git Source

Inherits: ERC4626BaseAssertion

Title: ERC4626AssetFlowAssertion

Author: Phylax Systems

Asserts that ERC-20 token movement and the vault’s internal asset accounting agree, and that fundamental share-token invariants hold. Invariants covered:

  • Token movement matches accounting: the change in totalAssets across the transaction equals the net ERC-20 flow into/out of the vault. This catches transfer-fee tokens, rebasing tokens, or accounting bugs where totalAssets drifts from reality.
  • Zero address never holds shares: balanceOf(address(0)) == 0 after every share-minting operation.

Uses V2 registerTxEndTrigger for tx-wide checks and registerFnCallTrigger + ph.context() for call-scoped checks.

Functions

_registerAssetFlowTriggers

Register the default trigger set for asset-flow invariants.

function _registerAssetFlowTriggers() internal view;

assertAssetFlowMatchesAccounting

Verifies the change in totalAssets across the tx matches the net ERC-20 flow.

function assertAssetFlowMatchesAccounting() external;

_netAssetFlow

Compute net ERC-20 flow into (+) or out of (-) the vault across the tx.

Override for vaults that deploy assets through adapters or external protocols. The override should include flows to/from all relevant addresses (vault + adapters).

function _netAssetFlow() internal view virtual returns (int256 netFlow);

assertZeroAddressHasNoShares

Verifies the zero address never holds vault shares.

Uses ph.context() to check at PostCall of the triggering call.

function assertZeroAddressHasNoShares() external;