QuantAMM

Description

The _clampWeights function in QuantAMMMathGuard.sol contains a critical accounting error in its weight tracking logic. The function fails to properly maintain the remaining weight sum when clamping weights to maximum bounds:

https://github.com/Cyfrin/2024-12-quantamm/blob/a775db4273eb36e7b4536c5b60207c9f17541b92/pkg/pool-quantamm/contracts/rules/base/QuantammMathGuard.sol#L36

The issue here is that while the function properly subtracts minimum-clamped weights from sumRemainerWeight, it fails to subtract maximum-clamped weights. This creates an accounting discrepancy where sumRemainerWeight becomes artificially inflated, leading to incorrect proportionalRemainder calculations in the subsequent normalization step.

Impact

This accounting error fundamentally breaks the core invariant of weighted pools - that weights must sum to exactly 1 (ONE). The error in sumRemainerWeight directly affects the calculation of proportionalRemainder:

When sumRemainerWeight is artificially high due to not accounting for maximum-clamped weights, the resulting proportionalRemainder will be larger than intended. This inflation creates a systemic error in the pool's weight calculations that propagates through multiple layers of the protocol. The incorrect scaling factor leads to weights being adjusted to values that violate the fundamental invariant that all weights must sum to exactly 1 (ONE). This mathematical inconsistency distorts the pool's pricing calculations since prices are derived directly from weight ratios in weighted pools.

The impact affects the protocol's internal accounting system. As weights deviate from their intended values, the relationship between reserves and weights becomes misaligned, creating discrepancies in the pool's core trading function. These pricing inefficiencies open up arbitrage vectors where traders can exploit the mathematical inconsistency between the pool's actual state and its intended state.

What makes this issue particularly severe is its persistent and compounding nature. Every rebalancing operation that involves maximum weight clamping introduces additional error into the system. Since the protocol lacks any mechanism to detect or correct these accumulating discrepancies, the mathematical integrity of the pool's state can deteriorate over time, potentially leading to increasingly severe pricing distortions with each subsequent rebalancing.

Recommended Mitigation Steps

The fix properly decrements sumRemainerWeight for maximum-clamped weights while maintaining the existing logic flow. This ensures accurate weight accounting and preserves the pool's weight sum invariant.