Liquidity Relayer Deposit Post-Mortem

Impact

The initial test liquidity deposit proposal failed due to a bug in the Swapr Liquidity Relayer. No funds were lost. Due to the bug, the Swapr Liquidity Relayer is not able to make deposits of certain combinations where one of the combination is ETH. As DXdao’s treasury primarily holds ETH, this is a limiting bug.

Issue

Integration testing of the relayer was carried out over the past week. Interestingly, the failure of an ETH/DAI deposit seen on main net was not reproducible on Rinkeby or XDAI chain. This is because it has to do with the ordering of token addresses and addresses are different across the chains. On Friday, 2/27/21, it was identified that the issue was due to a missing line in the orderLiquidityProvision function. The missing line is:

tokenA = tokenA == address(0) ? WETH : tokenA;

The absence of this line means that when the oracle check is performed, the order of the minReserves may be reversed, which can result in the oracle check, and therefore the liquidity deposit execution, being blocked.

Lessons Learned

The main lesson is that integration testing on testnets is important and we had failed to do adequate integration testing in this case. As we saw this past week, there are even some differences between test net and main net. Going forward we can do more integration testing, be mindful that token addresses are different across chains and take this into account in integration testing, and also continue to limit the amounts in the initial uses of new contracts on main net.

Next Steps

The bug will be addressed, tested and reviewed by an auditor. And a new relayer will be deployed. Since the multicall scheme which allows DXdao to interact with its relayers has a whitelist, the deployment of a new relayer will also require the deployment of a new multicall scheme. New multicall schemes take about 17 days to be installed in the absence of an absolute majority vote. To accelerate the process, the following is recommended:

  1. Fix bug and add ability to change owner to the Swapr Liquidity Relayer
  2. Fund the dev multisig with treasury funds intended to be deposited into Swapr
  3. Deploy new Relayer with owner initially set to Dev Multisig
  4. Exercise the relayer using the Dev Multisig, doing both deposits and withdrawals of different combinations of tokens
  5. Once the new multicall scheme is installed, transfer ownership of the Swapr Liquidity Relayer to DXdao. Note that the relayer holds the LP tokens from the deposits it makes and any funds deposited by the multisig will then be returned to DXdao with this transfer of ownership.
4 Likes