Uniswap V4
Summary
ExpandUniswap V4 Core is a singleton-architecture automated market maker that consolidates all pool state into a single `PoolManager` contract, representing a fundamental architectural departure from the factory-pattern deployments of prior Uniswap versions. Integrators interact via an unlock-callback pattern: calling `unlock()` triggers a callback on `msg.sender`, during which the caller may execute swaps, liquidity modifications, donations, and settlement operations. All net balances (deltas) must reach zero before the unlock completes, enforced via transient storage counters. The architecture supports extensible hook contracts that are address-encoded for permission bits, enabling custom logic at every stage of pool lifecycle operations including initialization, swap execution, liquidity modification, and donation flows.
The security mechanisms employed throughout the codebase are robust and well-considered. Access control is enforced through the `onlyWhenUnlocked` modifier backed by transient storage locks, `noDelegateCall` guards preventing proxy misuse, and `AlreadyUnlocked` re-entrancy prevention on the `unlock` entry point. The hook system uses address-based permission encoding validated at pool initialization, return-value verification via selector matching, and a `noSelfCall` modifier to prevent infinite recursion. Arithmetic safety relies on Solidity 0.8.26 built-in overflow protection with strategic `unchecked` blocks only where overflow is provably impossible, such as fee growth accumulators and token-supply-bounded calculations. The `SafeCast` library is consistently used at system boundaries to prevent truncation, and `FullMath` provides 512-bit intermediate precision for critical price calculations, eliminating rounding and overflow risks in the core swap math.
The overall security posture of this codebase is exceptionally strong. No vulnerabilities were identified during this audit. The delta accounting system using transient storage is elegant and provides strong settlement guarantees — any miscalculation or incomplete settlement causes the entire transaction to revert, eliminating whole classes of accounting errors by construction. The protocol fee system correctly prevents interference with active settlements via the `ProtocolFeeCurrencySynced` guard, and the `UnsafeMath.simpleMulDiv` usage in fee growth calculations is backed by the documented and verifiable assumption that token supplies are bounded by `uint128`, validated by `SafeCast.toInt128()` checks on swap deltas that would revert before any corrupted fee growth could persist to storage.
Findings
No issues identified
Conclusion
ExpandThe Uniswap V4 Core codebase demonstrates exceptional security engineering maturity. The singleton architecture with transient-storage-based delta accounting is a significant advancement over previous versions, providing atomic settlement guarantees that eliminate entire classes of accounting vulnerabilities present in multi-contract designs. The mathematical libraries — FullMath, SqrtPriceMath, SwapMath, and TickMath — are well-tested through accompanying Echidna fuzzing contracts and correctly handle edge cases around precision, rounding direction, and overflow boundaries. The strategic use of unchecked blocks is consistently backed by provable bounds derived from token supply limits and protocol fee caps, reflecting disciplined optimization practices that do not sacrifice safety.
The hook system represents the primary trust surface of the protocol, and the Uniswap team has appropriately treated hooks as user-chosen trust decisions rather than protocol-level attack surfaces. The address-based permission encoding, selector verification, noSelfCall recursion prevention, and HookDeltaExceedsSwapAmount bounds checking form a comprehensive defense layer that constrains hook behavior without limiting extensibility. The ERC6909Claims token system for representing pool balances is minimal and correctly implements allowance checks on _burnFrom operations, while protocol fee collection is properly guarded against interference with active settlement flows via the synced-currency check. These layered controls reflect a mature threat model that accounts for adversarial hooks, malicious tokens, and reentrancy vectors without over-engineering the core protocol paths.
No vulnerabilities were identified in this audit. The codebase is well-structured, thoroughly documented at the implementation level, and follows established security patterns consistently across all contract modules. The Uniswap V4 Core contracts appear ready for mainnet deployment from a security perspective, contingent on the standard recommendations of continued formal verification efforts, competitive audit coverage from additional independent reviewers, and maintenance of the bug bounty program that the Uniswap team already operates.
On-Chain Verification
Compare these values with the on-chain attestation
Verify: download the markdown and compare the hash
sha256sum uniswap-v4.md
Legal Disclaimer: This report covers the code submitted for analysis. It does not account for infrastructure, deployment configuration, third-party dependencies, or changes made after the audit date. Automated analysis may produce false positives or miss context-dependent vulnerabilities. audited.xyz provides this report “as is” without warranty of any kind.