fix: withdraw limits

[Schlagonia]

Description

simulate the full withdraw flow to make sure maxRedeem and maxWithdraw fit the erc-4626 standard and vaults are compatible with each other.

Fixes # (issue)

Checklist

• I have run vyper and solidity linting
• I have run the tests on my machine
• I have followed commitlint guidelines
• I have rebased my changes to the latest version of the main branch

[jmonteer]

do we want to allow max_loss = 100%?

nobody should use it but probably better to allow 100% losses

[Schlagonia]

Its the default value used in "redeem" calls if one is not given.

It shouldnt be used. But dont think there is another option we should enforce as a default on every vault

[fp-crypto]

Why is 99.999999999% a valid value, but not 100%?

[Schlagonia]

100% is a valid value and is used by default for redeems. But if its 100% then we have no need to waste the gas to check the loss is within the range

[jmonteer]

Another option is to do this check (is loss >= max_loss?) every time we have a loss and return the max_assets at that point, returning the max amount of withdrawable assets before hitting a certain max_loss?

[Schlagonia]

added here abb73b6

[jmonteer]

I believe that returning max_assets including losses can lead to issues, as smart contracts would expect to receive the losses too.

also, it doesn't comply with erc4626

max received assets should be the output (i.e. do not include losses)

[Schlagonia]

So this was an issue i was unsure how to handle. But I believe we have to count it as "withdrawable" since it is unrealized in order to comply with the standard.

I wrote the reasoning in the comments. https://github.com/Schlagonia/yearn-vaults-v3/blob/limits/contracts/VaultV3.vy#L566-L572

Basically the conversion rates the vault uses don't yet know about that loss, so the amounts shouldn't adjust for it.

The maxRedeem would also be screwed up if we didnt account for the unrealized loss as withdrawable.

Its not an ideal way to do it but im pretty sure it has to be done this way to comply to the standard.

[jmonteer]

I believe you should be able to remove this block if you do:

max_withdraw: uint256 = min(needed, IStrategy(strategy).maxWithdraw(self))
unrealised_loss: uint256 = self._assess_share_of_unrealised_losses(strategy, max_withdraw)

[jmonteer]

it also solves the case where max_withdraw < strategy_limit, where withdrawer would take 100% of the losses (and I don't think it should be this way anyway)

[Schlagonia]

Since .maxWithdraw(self) will already have accounted for the losses we cannot pass that value into the _assess_share_of_unrealised_losses. Otherwise our unrealised_losses will be reduced twice.

EX:

strategy_debt = 100
current_value = 90
unrealised_loss = 10

So if a user is trying to withdraw the full 100 the unrealised_loss should be 10.

needed = 100
strategy.maxWithdraw(vault) = 90
_assess_share_of_unrealised_losses(strategy, 90) = .1 * 90 = 9

[fp-crypto]

simulate the full withdraw flow to max sure

simulate the full withdraw flow to make

[fp-crypto]

This is underestimates the max_assets available in cases where partially iterating through the withdraw queue would have had tolerable losses.

[Schlagonia]

abb73b6

Added to the other branch with the modules.

I Did not account for a scenario in which partial would revert but the full queue would not. Think that we shouldnt return a value that has amounts less than it that would revert. Could break things.

Perhaps that could be something to add to a preivewWithdraw/redeem

[Schlagonia]

changes merged with this PR 0387181