Skip to content

test: add stateful invariant suite for Vault#7

Merged
oliv3rdrt merged 1 commit into
mainfrom
test/vault-invariants
May 17, 2026
Merged

test: add stateful invariant suite for Vault#7
oliv3rdrt merged 1 commit into
mainfrom
test/vault-invariants

Conversation

@oliv3rdrt

Copy link
Copy Markdown
Owner

Summary

  • New test/VaultInvariant.t.sol with three invariants run across 256 sequences × 15 calls each.
  • Adds a ghost-accounting check (ghostTotalDeposits - ghostTotalWithdrawals == balance) on top of the obvious 'sum of balances' invariant - independent accounting catches state corruption that would otherwise fool a balance-vs-balance comparison.
  • Follows the same handler shape as StakingInvariantHandler so the patterns stay readable side by side.

Test plan

  • forge test --match-contract VaultInvariantTest - 3/3 (256 runs each, 3840 calls each, 0 reverts)
  • forge test - 51/51, no regressions

Mirrors the Staking invariant pattern: handler exposes deposit/withdraw,
foundry picks random sequences across three actors, and three invariants
are checked after every call:

- contract ETH balance == sum of user balances
- contract balance == ghostDeposits - ghostWithdrawals (independent
  accounting catches state corruption that affects both sides equally)
- totalAssets() never disagrees with balance
@oliv3rdrt

Copy link
Copy Markdown
Owner Author

Reviewed - the ghost-accounting invariant is the one I want long-term; it's the cheapest way to catch class-of-bug where two paths drift in the same direction. 0 reverts across 3840 calls per run. Merging.

@oliv3rdrt oliv3rdrt merged commit feefec5 into main May 17, 2026
@oliv3rdrt oliv3rdrt deleted the test/vault-invariants branch May 17, 2026 11:42
oliv3rdrt added a commit that referenced this pull request Jun 27, 2026
Mirrors the Staking invariant pattern: handler exposes deposit/withdraw,
foundry picks random sequences across three actors, and three invariants
are checked after every call:

- contract ETH balance == sum of user balances
- contract balance == ghostDeposits - ghostWithdrawals (independent
  accounting catches state corruption that affects both sides equally)
- totalAssets() never disagrees with balance

Co-authored-by: Oliver Anyanwu <oliver.anyanwu@aol.com>
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment

Labels

None yet

Projects

None yet

Development

Successfully merging this pull request may close these issues.

1 participant