fix(docs): correct mathematical equivalence in ERC4626 inflation attack formula

[DeVikingMark]

Fixes incorrect mathematical equivalence in the virtual offset defense section.

The formula now correctly shows that 10^δ × u < 1 + loss is equivalent to the previous transformations, rather than the incorrect 10^δ × u ≤ loss.

[changeset-bot]

⚠️ No Changeset found

Latest commit: 1de8975

Merging this PR will not cause a version bump for any packages. If these changes should not result in a new version, you're good to go. If these changes should result in a version bump, you need to add a changeset.

This PR includes no changesets

When changesets are added to this PR, you'll see the packages that this PR includes changesets for and the associated semver types

Click here to learn what changesets are, and how to add one.

Click here if you're a maintainer who wants to add a changeset to this PR

[coderabbitai]

Walkthrough

The pull request updates the documentation for the ERC4626 module, specifically within the inflation-attack security section. A mathematical condition describing the threshold for diluting a user deposit to zero shares has been revised. The formula was modified from 10^δ × u ≤ loss to 10^δ × u < 1 + loss, changing the comparison operator from less-than-or-equal to strict less-than while introducing a +1 offset on the loss term. No exported or public entity signatures were modified by this change.

Pre-merge checks and finishing touches

✅ Passed checks (3 passed)

Check name	Status	Explanation
Title check	✅ Passed	The title clearly and specifically summarizes the main change: correcting a mathematical formula in ERC4626 documentation.
Description check	✅ Passed	The description is directly related to the changeset, explaining the specific mathematical fix from the incorrect formula to the corrected one.
Docstring Coverage	✅ Passed	No functions found in the changed files to evaluate docstring coverage. Skipping docstring coverage check.

✨ Finishing touches

🧪 Generate unit tests (beta)

• Create PR with unit tests
• Post copyable unit tests in a comment

---

📜 Recent review details

Configuration used: CodeRabbit UI

Review profile: CHILL

Plan: Pro

📥 Commits

Reviewing files that changed from the base of the PR and between 6308fdc and 1de8975.

📒 Files selected for processing (1)

• docs/modules/ROOT/pages/erc4626.adoc (1 hunks)

⏰ Context from checks skipped due to timeout of 90000ms. You can increase the timeout in your CodeRabbit configuration to a maximum of 15 minutes (900000ms). (9)

• GitHub Check: Redirect rules - solidity-contracts
• GitHub Check: Header rules - solidity-contracts
• GitHub Check: Pages changed - solidity-contracts
• GitHub Check: slither
• GitHub Check: coverage
• GitHub Check: tests
• GitHub Check: tests-upgradeable
• GitHub Check: tests-foundry
• GitHub Check: halmos

🔇 Additional comments (2)

docs/modules/ROOT/pages/erc4626.adoc (2)

163-176: Mathematical formula correction is sound.

The change from the incorrect form to 10^δ × u < 1 + loss is mathematically correct. The derivation properly shows:

• Line 165: 10^δ × u < \frac{1+a_0+a_1}{1+a_0} (factored from line 160)
• Line 170: This simplifies to 10^δ × u < 1 + \frac{a_1}{1+a_0} (splitting the fraction)
• Line 175: Substitution of the loss definition (line 146) yields the corrected equivalence

The strict inequality < and the + 1 constant term are both essential and follow directly from proper algebraic manipulation. The prior incorrect form (≤ loss) omitted both the constant and used a non-strict operator, which would not be equivalent to the derivation chain.

---

178-181: Implications section correctly applies the corrected formula.

The conclusions in the "Defending with a virtual offset" section appropriately reflect the corrected mathematical condition. Lines 178–181 accurately explain how the + 1 term and the virtual offset mechanism together mitigate inflation attacks, making it unprofitable for attackers to execute even with an offset of zero.

Tip

📝 Customizable high-level summaries are now available!

You can now customize how CodeRabbit generates the high-level summary in your pull requests — including its content, structure, tone, and formatting.

• Provide custom instructions to shape the summary (bullet lists, tables, contributor stats, etc.).
• Use high_level_summary_in_walkthrough to move the summary from the description to the walkthrough section.

Example:

"Create a concise high-level summary as a bullet-point list. Then include a Markdown table showing lines added and removed by each contributing author."

---

Thanks for using CodeRabbit! It's free for OSS, and your support helps us grow. If you like it, consider giving us a shout-out.

❤️ Share

• X
• Mastodon
• Reddit
• LinkedIn

_{Comment @coderabbitai help to get the list of available commands and usage tips.}