Skip to content

fix(lib): revert with InvalidVaultAddress if vault Float exceeds uint160#240

Closed
thedavidmeister wants to merge 1 commit into
mainfrom
issue-82-vault-address-range-check
Closed

fix(lib): revert with InvalidVaultAddress if vault Float exceeds uint160#240
thedavidmeister wants to merge 1 commit into
mainfrom
issue-82-vault-address-range-check

Conversation

@thedavidmeister

@thedavidmeister thedavidmeister commented Jul 1, 2026

Copy link
Copy Markdown
Contributor

Summary

  • Adds LibERC4626.InvalidVaultAddress(uint256 vaultRaw) custom error in LibERC4626.sol
  • Extracts the toFixedDecimalLossless result in _decode() to a local, checks <= type(uint160).max before casting, and reverts with InvalidVaultAddress if the Float encodes a value too large to be an address
  • Adds testConvertToAssetsRevertsForOversizedVaultAddress and testConvertToSharesRevertsForOversizedVaultAddress in LibERC4626.t.sol using packLossless(1, 49) (= 10^49 > type(uint160).max ≈ 1.46e48)
  • Regenerates ERC4626Words.pointers.sol to update the stale BYTECODE_HASH (the new error changes bytecode)

Closes #82

Test plan

  • forge test --match-test OversizedVault — both new tests pass
  • Full forge test — all 125 tests pass, 0 fail

🤖 Generated with Claude Code

Summary by CodeRabbit

  • Bug Fixes
    • Improved validation for vault addresses so invalid oversized values now fail safely instead of being truncated.
    • Added a clear error when an encoded vault address is out of range.
    • Expanded test coverage to confirm asset/share conversions revert correctly for invalid vault addresses.

Closes #82

Co-Authored-By: Claude Sonnet 4.6 <noreply@anthropic.com>
@thedavidmeister thedavidmeister self-assigned this Jul 1, 2026
@coderabbitai

coderabbitai Bot commented Jul 1, 2026

Copy link
Copy Markdown

Review Change Stack

No actionable comments were generated in the recent review. 🎉

ℹ️ Recent review info
⚙️ Run configuration

Configuration used: Organization UI

Review profile: ASSERTIVE

Plan: Pro

Run ID: 8e2088d3-5231-4f56-88aa-229405d1906e

📥 Commits

Reviewing files that changed from the base of the PR and between 7415942 and a301fcf.

⛔ Files ignored due to path filters (1)
  • src/generated/ERC4626Words.pointers.sol is excluded by !**/generated/**
📒 Files selected for processing (2)
  • src/lib/erc4626/LibERC4626.sol
  • test/src/lib/erc4626/LibERC4626.t.sol

Walkthrough

LibERC4626 adds an InvalidVaultAddress error and validates decoded vault addresses in _decode against type(uint160).max, reverting on overflow instead of silently truncating. Two new tests confirm convertToAssets and convertToShares revert when the encoded vault Float exceeds the valid range.

Changes

Vault Address Validation

Layer / File(s) Summary
Bounds-checked vault decoding
src/lib/erc4626/LibERC4626.sol
Adds InvalidVaultAddress(uint256 vaultRaw) error and validates vaultRaw against type(uint160).max in _decode before casting to an address, reverting on out-of-range values.
Revert tests for oversized addresses
test/src/lib/erc4626/LibERC4626.t.sol
Adds testConvertToAssetsRevertsForOversizedVaultAddress and testConvertToSharesRevertsForOversizedVaultAddress, each encoding a Float exponent of 49 and asserting InvalidVaultAddress reverts.

Estimated code review effort

🎯 2 (Simple) | ⏱️ ~10 minutes

Possibly related issues

🚥 Pre-merge checks | ✅ 5
✅ Passed checks (5 passed)
Check name Status Explanation
Description Check ✅ Passed Check skipped - CodeRabbit’s high-level summary is enabled.
Title check ✅ Passed The title clearly describes the added range check and revert for oversized vault Float values.
Linked Issues check ✅ Passed The range check and revert are implemented for the vault decode path, with tests covering oversized inputs in both conversion helpers.
Out of Scope Changes check ✅ Passed No unrelated code changes are evident; the tests and bytecode refresh are consistent with the vault-address fix.
Docstring Coverage ✅ Passed No functions found in the changed files to evaluate docstring coverage. Skipping docstring coverage check.
✨ Finishing Touches
🧪 Generate unit tests (beta)
  • Create PR with unit tests
  • Commit unit tests in branch issue-82-vault-address-range-check

Thanks for using CodeRabbit! It's free for OSS, and your support helps us grow. If you like it, consider giving us a shout-out.

❤️ Share

Comment @coderabbitai help to get the list of available commands.

@thedavidmeister

Copy link
Copy Markdown
Contributor Author

Closing as orphaned: this implemented a Float-range-check fix for #82, but #244 removed the Float encoding entirely (raw stack bits + typed NotAnAddress round-trip guard), superseding this approach. Issue #82 is closed as mooted.

Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment

Labels

None yet

Projects

None yet

Development

Successfully merging this pull request may close these issues.

Vault address decoded as a Float at exponent 0 with no validation that the encoded value is a valid uint160 address

1 participant