defi-amm-security

# DeFi AMM Security Critical vulnerability patterns and hardened implementations for Solidity AMM contracts, LP vaults, and swap functions. ## When to Use - Writing or auditing a Solidity AMM or liquidity-pool contract - Implementing swap, deposit, withdraw, mint, or burn flows that hold token balances - Reviewing any contract that uses `token.balanceOf(address(this))` in share or reserve math - Adding fee setters, pausers, oracle updates, or other admin functions to a DeFi protocol ## How It Works Use this as a checklist-plus-pattern library. Review every user entrypoint against the categories below and prefer the hardened examples over hand-rolled variants. ## Examples ### Reentrancy: enforce CEI order Vulnerable: ```solidity function withdraw(uint256 amount) external { require(balances[msg.sender] >= amount); token.transfer(msg.sender, amount); balances[msg.sender] -= amount; } ``` Safe: ```solidity import {ReentrancyGuard} from "@openzeppelin/contracts/utils/ReentrancyGuard.sol"; import {SafeERC20} from "@openzeppelin/contracts/token/ERC20/utils/SafeERC20.sol"; using SafeERC20 for IERC20; function withdraw(uint256 amount) external nonReentrant { require(balances[msg.sender] >= amount, "Insufficient"); balances[msg.sender] -= amount; token.safeTransfer(msg.sender, amount); } ``` Do not write your own guard when a hardened library exists. ### Donation or inflation attacks Using `token.balanceOf(address(this))` directly for share math ...