Daejun Park

@Amxx the second option alone (keeping track of the assets) may not be effective to prevent various ways of inflating the price. Especially, adversaries could still donate to the place...

I like YieldBox's approach. As @Amxx said, it is essentially a virtual initial deposit that is locked forever (as long as the offset is immutable). So it can effectively mitigate...

> Would it be an option to preserve the prior share price after the vault is emptied, instead of resetting to 1:1? I think that could be also an option...

I agree, it's a great solution! Thanks @Okavango! Now I can see that the assetsOffset = 1 and supplyOffset = 1e8 setup works as an internal fixedpoint representation for shares....

Great discussion! Re: fuzzing, yes, I have been thinking of working on that, and will let you know if I find a good way to fuzz such scenarios. Re: the...

Wait, I think I missed another important effect of virtual offsets for this inflation attack. If we have the virtual offsets (even with just assetsOffset = supplyOffset = 1), the...

The same bug was reported for Firefox SpiderMonkey: https://bugzilla.mozilla.org/show_bug.cgi?id=779682

The same bug was reported for v8 and Webkit: https://code.google.com/p/v8/issues/detail?id=2243 https://bugs.webkit.org/show_bug.cgi?id=138858

There are multiple options. 1. You can simply increase the [max_test_rejects](https://book.getfoundry.sh/reference/config/testing#max_test_rejects) value, like `FOUNDRY_FUZZ_MAX_TEST_REJECTS=1000000 forge test`. But this may increase the testing time. 2. If only the maxDeposit test fails,...

@Tunji17 would you mind providing reproduction examples for that?