@@ -221,34 +221,21 @@ contract TrimmingTest is Test {
221221 assertEq (expectedIsLt, isLt);
222222 }
223223
224- function testFuzz_trimisNOOP (uint256 amount , uint8 aDecimals , uint8 bDecimals ) {
225- uint256 amt = bound (amount, 1 , type (uint64 ).max);
224+ // invariant: forall (x: TrimmedAmount, aDecimals: uint8, bDecimals: uint8),
225+ // (x.amount <= type(uint64).max)
226+ // => (trim(untrim(x)) == x)
227+ function testFuzz_trimIsLeftInverse (uint256 amount , uint8 aDecimals , uint8 bDecimals ) public {
228+ // restrict inputs up to u64MAX. Inputs above u64 are tested elsewhere
229+ amount = bound (amount, 0 , type (uint64 ).max);
226230 vm.assume (aDecimals <= 50 );
227231 vm.assume (bDecimals <= 50 );
228232
229- }
230-
231- // invariant: forall (x: uint256, y: uint8, z: uint8),
232- // (x <= type(uint64).max, y <= z)
233- // => (x.trim(x, 8).untrim(y) == x)
234- function testFuzz_trimIsLeftInverse (
235- uint256 amount ,
236- uint8 aDecimals ,
237- uint8 bDecimals
238- ) public {
239- uint256 amt = bound (amount, 1 , type (uint64 ).max);
240- vm.assume (aDecimals <= 50 );
241- vm.assume (bDecimals <= 50 );
242-
243- // NOTE: this is guaranteeed by trimming
244- vm.assume (aDecimals <= 8 && aDecimals <= bDecimals);
245-
246233 // initialize TrimmedAmount
247- TrimmedAmount trimmedAmount = packTrimmedAmount ( uint64 (amt), aDecimals );
234+ TrimmedAmount trimmedAmount = amount. trim (aDecimals, bDecimals );
248235
249236 // trimming is the left inverse of trimming
250- uint256 amountUntrimmed = trimmedAmount. untrim (bDecimals);
251- TrimmedAmount amountRoundTrip = amountUntrimmed .trim (bDecimals, aDecimals);
237+ // e.g. trim( untrim(x)) == x
238+ TrimmedAmount amountRoundTrip = (trimmedAmount. untrim (bDecimals)) .trim (bDecimals, aDecimals);
252239
253240 assertEq (trimmedAmount.getAmount (), amountRoundTrip.getAmount ());
254241 }
0 commit comments