feat: start borrower proof

morpho-org · Nov 22, 2024 · 701d11d · 701d11d
1 parent 6168626
commit 701d11d
Showing 1 changed file with 18 additions and 8 deletions.
diff --git a/certora/specs/LiquidateBuffer.spec b/certora/specs/LiquidateBuffer.spec
@@ -3,10 +3,12 @@
 using Util as Util;
 
 methods {
-    function liquidateView(MorphoLiquidateHarness.MarketParams, uint256, uint256, uint256) external returns (uint256, uint256, uint256, uint256) envfree;
-
     function extSloads(bytes32[]) external returns (bytes32[]) => NONDET DELETE;
 
+    function virtualTotalBorrowAssets(MorphoLiquidateHarness.Id) external returns uint256 envfree;
+    function virtualTotalBorrowShares(MorphoLiquidateHarness.Id) external returns uint256 envfree;
+    function liquidateView(MorphoLiquidateHarness.MarketParams, uint256, uint256, uint256) external returns (uint256, uint256, uint256, uint256) envfree;
+
     function Util.wad() external returns (uint256) envfree;
     function Util.libId(MorphoLiquidateHarness.MarketParams) external returns (MorphoLiquidateHarness.Id) envfree;
     function Util.oraclePriceScale() external returns (uint256) envfree;
@@ -26,25 +28,33 @@ function summaryMulDivDown(uint256 x, uint256 y, uint256 d) returns uint256 {
 }
 
 rule liquidateImprovePosition(MorphoLiquidateHarness.MarketParams marketParams, uint256 seizedAssetsInput, uint256 repaidSharesInput) {
-    uint256 collateralPrice;
+    MorphoLiquidateHarness.Id id = Util.libId(marketParams);
 
-    // uint256 borrowerShares;
-    // uint256 borrowerCollateral;
+    // TODO: use a fixed price oracle instead of passing it to liquidateView.
+    uint256 collateralPrice;
 
-    // require borrowerShares < totalShares
-    // require borrowerAssets < totalAssets
+    // TODO: take those directly from the borrower, and manage accrue interest.
+    uint256 borrowerShares;
+    uint256 borrowerCollateral;
 
-    // require LTV < 1 / LIF;
+    require borrowerShares <= market_(id).totalBorrowShares;
+    uint256 borrowerAssets = summaryMulDivUp(borrowerShares, virtualTotalBorrowAssets(id), virtualTotalBorrowShares(id));
+    require borrowerAssets > 0;
 
     require seizedAssetsInput > 0 && repaidSharesInput == 0;
 
     uint256 seizedAssets;
     uint256 repaidShares;
     uint256 repaidAssets;
+    require repaidAssets > 0;
     uint256 lif;
     (seizedAssets, repaidShares, repaidAssets, lif) = liquidateView(marketParams, seizedAssetsInput, repaidSharesInput, collateralPrice);
 
+    require summaryMulDivUp(borrowerCollateral, collateralPrice, Util.oraclePriceScale()) >= summaryMulDivUp(lif, borrowerAssets, Util.wad());
+    assert summaryMulDivDown(summaryMulDivUp(borrowerCollateral, collateralPrice, Util.oraclePriceScale()), Util.wad(), borrowerAssets) >= lif;
+
     assert summaryMulDivDown(lif, repaidAssets, Util.wad()) >= summaryMulDivUp(seizedAssets, collateralPrice, Util.oraclePriceScale());
+    assert lif >= summaryMulDivDown(summaryMulDivUp(seizedAssets, collateralPrice, Util.oraclePriceScale()), Util.wad(), repaidAssets);
 
     // assert repaidShares * borrowerCollateral > seizedAssets * borrowerShares;
 }