Educational2024-01-19

Uniswap V4 Mainnet Preview - Part 1: Uniswap V4 Overview

Tags

MetaTrust
AI Security
Web3 Security
Uniswap
Blockchain

4 Minutes Read

Daniel Tan

Daniel Tan

Security Operation / Audit

Summary

MetaTrust Labs has launched a series of articles on Uniswap V4 to explain Uniswap V4 features, contract implementation, potential security risks, and other topics for readers.

Summary

The Ethereum Cancun (Dencun) upgrade was launched on the test network Goerli on January 17th, which indicates that the mainnet of the Cancun upgrade will be launched soon. After that, Uniswap V4 will also be launched on the mainnet, because the core function of Uniswap V4 FLASH ACCOUNTING depends on the Transient storage opcodes in EIP-1153, and EIP-1153 will not be involved in EVM until Dencun upgrade is done. The core algorithm of Uniswap V4 is the same as V3's AMM, with some enhanced features based on V3: Hooks, Singleton, Flash accounting, and Native ETH. MetaTrust Labs has launched a series of articles on Uniswap V4 to explain Uniswap V4 features, contract implementation, potential security risks, and other topics for readers.

Different Uniswap Versions

01.png 02.png

Uniswap V4

Compared to the previous version, Uniswap V4, changes have been made in the following areas:

  • Hooks
  • Singleton
  • FLASH ACCOUNTING
  • Native ETH

HOOKS

In Uniswap v4, users will be allowed to integrate more customized features into the centralized liquidity pool by way of hooks. This greatly enriches the business scenarios, e.g., Limit Orders, Dynamic Rates, TWAMM, Yield Interest Generation, and more. 03.png Hooks is a customized contract. It is linked to a pool when initializing the pool. Uniswap V4 provides 8 hook functions, which need to be flagged and implemented accordingly in the hook contract, including:

  • beforeInitialize/afterInitialize
  • beforeModifyPosition/afterModifyPosition
  • beforeSwap/afterSwap
  • beforeDonate/afterDonate

Take the execution of beforeSwap and afterSwap as an example. The flowchart is as follows, in steps S0 and S2, check the beforeSwap/afterSwap flags. When they are true, it means that there are Hooks, and then call the beforeSwap/afterSwap function on the corresponding Hooks contract. 04.png

As Hook contracts have customized functionality, they naturally face certain security risks while enjoying the flexibility of Hooks. For examples:

  • If the Hooks are upgradable;
  • If the Hooks exist centralization risks;
  • If there is an authority issue;
  • If there is a DoS issue on the Hooks, etc. We will also introduce the security risks of Hooks contracts in the next article.

Singleton

Uniswap v4 abandons the way of creating transaction pools through the factory pattern in the previous version, and adopts and implements a single contract containing all the pools, i.e., the Singleton. A common scenario of Uniswap is a multi-hop swap, e.g., when exchanging $USDC for $Doge, it may be necessary to go through the intermediary tokens $WETH. Assumes that when exchanging $USDC for $Doge, it may need to go through $WETH as an intermediate token to make the swap, which is swapped on the two pools of [$USDC,$WETH] and [$WETH,$DOGE] in turn, along with tokens transfer.

With the singleton model, not only the cost of pool creation is reduced, but also the cost of multi-hop transactions is reduced, this is because all the pools are in a single contract, and the creation of the pools and the execution of the transactions are just updates to the state variables within a single contract. 05.png

FLASH ACCOUNTING

In previous versions of Uniswap, exchanges and adding liquidity to pools ended with token transfers, especially in multi-hop transactions that required transferring tokens across multiple pools, which resulted in high Gas fees. Instead, in Uniswap v4, each operation updates an internal net balance called delta, and external transfers are made only at the end of the lock. This reduces the gas fee in case of multi-hop transactions.

Flash accounting uses the Transient storage opcodes (TLOAD and TSTORE) from EIP-1153, which will be implemented in the Dencun upgrade, and UniswapV4 will go live on the mainnet with the Dencun upgrade as it approaches (Q1 2024).

Native ETH

The support of the Native ETH was stopped in Uniswap v2, and v3, but it will be supported in Uniswap v4, which reduces the gas consumption of native ETH wrap/unwrap operations, and also native ETH consumes less gas to transfer compared to ERC20 tokens, which consume 21k gas to transfer, while the ERC20 tokens consume about 40k gas. Business License

The main core source code of Uniswap V4 (except some Libraries) is released under the license Business Source License 1.1, which restricts the use of the Uniswap V4 source code in commercial or production environments for a period of four years, and permanently converts it to the GPL license at the end of that period.

Reference

https://eips.ethereum.org/EIPS/eip-1153

https://github.com/Uniswap/v4-core

https://blog.uniswap.org/uniswap-v4-community-contributions

https://github.com/Uniswap/v4-core/blob/main/docs/whitepaper-v4.pdf

https://blog.uniswap.org/uniswap-v3

https://blog.uniswap.org/uniswap-v4#what-is-uniswap-v4

https://github.com/Uniswap/v4-core/blob/main/LICENSE

About Us

At MetaTrust, our primary focus is on creating a secure infrastructure that caters to the needs of developers in the WEB 3.0 space. We offer an array of AI-Driven automation tools and security services to assist Web3 developers and project stakeholders in achieving a secure development environment.

Website || Twitter || Linkedin || Discord

Share this article

Previous
Friendly Summary of "SolSEE: A Source-Level Symbolic Execution Engine for Solidity"
Next
Those Solutions on Scalability in BTC Ecosystem (1): Inscriptions, Where to Go?