Summary

The LibLastReserveBytes library truncates the last 3 bytes of bytes16 reserve values to fit within a single storage slot, potentially causing a loss of precision.

Vulnerability Details

The storeLastReserves function converts uint256 reserve values to bytes16 and then stores only the first 104 bits of each value. This is evident in the following code snippet:

The shl(104, shr(152, mload(add(reserves, 32)))) operation shifts the reserve value right by 152 bits (to truncate the last 3 bytes) and then left by 104 bits to align it in the storage slot. This operation is designed for gas efficiency but at the cost of losing the least significant bytes of the reserve value.

Impact

The impact of this precision loss could be significant in financial calculations, potentially leading to incorrect valuations or imbalances in the contract's economic mechanisms.

Tools Used

manual

Recommendations

To mitigate this issue, consider storing the full bytes16 reserve values without truncation. If gas efficiency is a concern, implement a more efficient storage pattern that allows for the full precision of reserve values without exceeding storage constraints.