From 70a004d6332899c10846d98f1168356176599c9d Mon Sep 17 00:00:00 2001
From: nemusona <nemusonaneko@protonmail.com>
Date: Tue, 11 Oct 2022 08:50:08 -0500
Subject: [PATCH 1/4] optimizooor

---
 contracts/LendingPool.sol | 34 +++++++++++++++++++++++-----------
 1 file changed, 23 insertions(+), 11 deletions(-)

diff --git a/contracts/LendingPool.sol b/contracts/LendingPool.sol
index 6fb013c..938f605 100644
--- a/contracts/LendingPool.sol
+++ b/contracts/LendingPool.sol
@@ -35,9 +35,9 @@ contract LendingPool is OwnableUpgradeable, ERC721Upgradeable, Clone {
     uint public totalBorrowed; // = 0;
     string private constant baseURI = "https://nft.llamalend.com/nft/";
     uint maxDailyBorrows; // IMPORTANT: an attacker can borrow up to 150% of this limit if they prepare beforehand
-    uint216 currentDailyBorrows;
+    uint216 currentDailyBorrows; // would have to borrow more eth than will ever exist daily to break
     uint40 lastUpdateDailyBorrows;
-    mapping(address => bool) public liquidators;
+    mapping(address => uint) public liquidators;
 
     event Borrowed(uint currentDailyBorrows, uint newBorrowedAmount);
     event ReducedDailyBorrows(uint currentDailyBorrows, uint amountReduced);
@@ -72,7 +72,10 @@ contract LendingPool is OwnableUpgradeable, ERC721Upgradeable, Clone {
         if(toReduce > currentDailyBorrows){
             currentDailyBorrows = toAdd;
         } else {
-            currentDailyBorrows = uint216(currentDailyBorrows - toReduce) + toAdd;
+            unchecked {
+                // Resulting daily borrow has to be over 10^47 ETH
+                currentDailyBorrows = uint216(currentDailyBorrows - toReduce) + toAdd;
+            }
         }
         require(currentDailyBorrows < maxDailyBorrows, "max daily borrow");
         lastUpdateDailyBorrows = uint40(block.timestamp);
@@ -125,7 +128,10 @@ contract LendingPool is OwnableUpgradeable, ERC721Upgradeable, Clone {
         require(borrowedNow == totalToBorrow, "ltv changed");
         uint interest = calculateInterest(borrowedNow);
         require(interest <= maxInterest);
-        totalBorrowed += borrowedNow;
+        unchecked {
+            // There isn't enough eth to overflow and probably will never be :bat: :loud_sound:
+            totalBorrowed += borrowedNow;
+        }
         uint i = 0;
         while(i<length){
             _borrow(nftId[i], price, interest);
@@ -158,15 +164,19 @@ contract LendingPool is OwnableUpgradeable, ERC721Upgradeable, Clone {
         if(sinceLoanStart > maxLoanLength){
             interest += ((sinceLoanStart - maxLoanLength)*borrowed)/(1 days);
         }
-        totalBorrowed -= borrowed;
+        unchecked {
+            totalBorrowed -= borrowed;
+        }
         _burnWithoutBalanceChanges(loanId, msg.sender);
 
         if(sinceLoanStart < (1 days)){
             uint until24h;
+            uint toReduce;
             unchecked {
                 until24h = (1 days) - sinceLoanStart;
+                // Impossible to overflow since borrowed would overflow before this would
+                toReduce = (borrowed*until24h)/(1 days);
             }
-            uint toReduce = (borrowed*until24h)/(1 days);
             if(toReduce < currentDailyBorrows){
                 unchecked {
                     // toReduce < currentDailyBorrows always so it's fine to restrict to uint216 because currentDailyBorrows is uint216 already
@@ -188,8 +198,8 @@ contract LendingPool is OwnableUpgradeable, ERC721Upgradeable, Clone {
         uint totalToRepay = 0;
         uint i = 0;
         while(i<length){
-            totalToRepay += _repay(loansToRepay[i]);
             unchecked {
+                totalToRepay += _repay(loansToRepay[i]);
                 i++;
             }
         }
@@ -199,11 +209,13 @@ contract LendingPool is OwnableUpgradeable, ERC721Upgradeable, Clone {
 
     // Liquidate expired loan
     function doEffectiveAltruism(Loan calldata loan, address to) external {
-        require(liquidators[msg.sender] == true);
+        require(liquidators[msg.sender] == 1);
         uint loanId = getLoanId(loan.nft, loan.interest, loan.startTime, loan.borrowed);
         require(_exists(loanId), "loan closed");
         require(block.timestamp > (loan.startTime + maxLoanLength), "not expired");
-        totalBorrowed -= loan.borrowed;
+        unchecked {
+            totalBorrowed -= loan.borrowed;
+        }
         _burn(loanId);
         nftContract.transferFrom(address(this), to, loan.nft);
     }
@@ -298,12 +310,12 @@ contract LendingPool is OwnableUpgradeable, ERC721Upgradeable, Clone {
     }
 
     function addLiquidator(address liq) external onlyOwner {
-        liquidators[liq] = true;
+        liquidators[liq] = 1;
         emit LiquidatorAdded(liq);
     }
 
     function removeLiquidator(address liq) external onlyOwner {
-        liquidators[liq] = false;
+        liquidators[liq] = 0;
         emit LiquidatorRemoved(liq);
     }
 

From a51a0294d671aca8c842bfd389bbfbb79140d4ec Mon Sep 17 00:00:00 2001
From: nemusona <nemusonaneko@protonmail.com>
Date: Tue, 11 Oct 2022 13:43:00 -0500
Subject: [PATCH 2/4] readd missing iteration

---
 contracts/LendingPool.sol | 1 +
 1 file changed, 1 insertion(+)

diff --git a/contracts/LendingPool.sol b/contracts/LendingPool.sol
index 6cd0979..e536dc4 100644
--- a/contracts/LendingPool.sol
+++ b/contracts/LendingPool.sol
@@ -202,6 +202,7 @@ contract LendingPool is OwnableUpgradeable, ERC721Upgradeable, Clone {
         while(i<length) {
             unchecked {
                 totalToRepay += _repay(loansToRepay[i], from);
+                i++;
             }
         }
         _balances[from] -= length;

From d395180155a6634e7a3ab6d6074f3c11e71ccb05 Mon Sep 17 00:00:00 2001
From: nemusona <nemusonaneko@protonmail.com>
Date: Tue, 11 Oct 2022 16:24:02 -0500
Subject: [PATCH 3/4] change how currentDailyBorrows is added

---
 contracts/LendingPool.sol | 3 ++-
 1 file changed, 2 insertions(+), 1 deletion(-)

diff --git a/contracts/LendingPool.sol b/contracts/LendingPool.sol
index e536dc4..bb88662 100644
--- a/contracts/LendingPool.sol
+++ b/contracts/LendingPool.sol
@@ -74,8 +74,9 @@ contract LendingPool is OwnableUpgradeable, ERC721Upgradeable, Clone {
         } else {
             unchecked {
                 // Resulting daily borrow has to be over 10^47 ETH
-                currentDailyBorrows = uint216(currentDailyBorrows - toReduce) + toAdd;
+                currentDailyBorrows = uint216(currentDailyBorrows - toReduce);
             }
+            currentDailyBorrows += toAdd;
         }
         require(currentDailyBorrows < maxDailyBorrows, "max daily borrow");
         lastUpdateDailyBorrows = uint40(block.timestamp);

From aa970ff194cf3d78638d43bf4ee6cb4d6aea5e5a Mon Sep 17 00:00:00 2001
From: nemusona <nemusonaneko@protonmail.com>
Date: Wed, 12 Oct 2022 21:18:44 -0500
Subject: [PATCH 4/4] remove optimizations

---
 contracts/LendingPool.sol | 7 ++-----
 1 file changed, 2 insertions(+), 5 deletions(-)

diff --git a/contracts/LendingPool.sol b/contracts/LendingPool.sol
index bb88662..e9a096f 100644
--- a/contracts/LendingPool.sol
+++ b/contracts/LendingPool.sol
@@ -129,10 +129,7 @@ contract LendingPool is OwnableUpgradeable, ERC721Upgradeable, Clone {
         require(borrowedNow == totalToBorrow, "ltv changed");
         uint interest = calculateInterest(borrowedNow);
         require(interest <= maxInterest);
-        unchecked {
-            // There isn't enough eth to overflow and probably will never be :bat: :loud_sound:
-            totalBorrowed += borrowedNow;
-        }
+        totalBorrowed += borrowedNow;
         uint i = 0;
         while(i<length){
             _borrow(nftId[i], price, interest);
@@ -201,8 +198,8 @@ contract LendingPool is OwnableUpgradeable, ERC721Upgradeable, Clone {
         uint totalToRepay = 0;
         uint i = 0;
         while(i<length) {
+            totalToRepay += _repay(loansToRepay[i], from);
             unchecked {
-                totalToRepay += _repay(loansToRepay[i], from);
                 i++;
             }
         }