@zoralabs/limit-orders 0.2.0 → 0.2.2

package/test/LimitOrderLibraries.t.sol

@@ -67,7 +67,8 @@ contract LimitOrderLibrariesTest is BaseTest {
         assertEq(created.length, 3, "should create three orders");
 
         // Verify tick queue linked list structure
-        QueueSnapshot memory tickQueue = _tickQueueSnapshot(created[0].poolKeyHash, orderCoin, tick);
+        int24 fillableTick = _fillableTick(isCurrency0, tick, key.tickSpacing);
+        QueueSnapshot memory tickQueue = _tickQueueSnapshot(created[0].poolKeyHash, orderCoin, fillableTick);
         assertEq(tickQueue.length, 3, "queue length should be 3");
         assertEq(tickQueue.head, created[0].orderId, "head should be first order");
         assertEq(tickQueue.tail, created[2].orderId, "tail should be last order");
@@ -108,7 +109,8 @@ contract LimitOrderLibrariesTest is BaseTest {
         vm.prank(users.seller);
         limitOrderBook.withdraw(orderIds, orderCoin, 0, users.seller);
 
-        QueueSnapshot memory tickQueue = _tickQueueSnapshot(created[0].poolKeyHash, orderCoin, tick);
+        int24 fillableTick = _fillableTick(isCurrency0, tick, key.tickSpacing);
+        QueueSnapshot memory tickQueue = _tickQueueSnapshot(created[0].poolKeyHash, orderCoin, fillableTick);
         assertEq(tickQueue.length, 2, "queue length should be 2");
         assertEq(tickQueue.head, created[1].orderId, "head should be second order");
         assertEq(tickQueue.tail, created[2].orderId, "tail unchanged");
@@ -149,7 +151,8 @@ contract LimitOrderLibrariesTest is BaseTest {
         vm.prank(users.seller);
         limitOrderBook.withdraw(orderIds, orderCoin, 0, users.seller);
 
-        QueueSnapshot memory tickQueue = _tickQueueSnapshot(created[0].poolKeyHash, orderCoin, tick);
+        int24 fillableTick = _fillableTick(isCurrency0, tick, key.tickSpacing);
+        QueueSnapshot memory tickQueue = _tickQueueSnapshot(created[0].poolKeyHash, orderCoin, fillableTick);
         assertEq(tickQueue.length, 2, "queue length should be 2");
         assertEq(tickQueue.head, created[0].orderId, "head unchanged");
         assertEq(tickQueue.tail, created[1].orderId, "tail should be second order");
@@ -190,7 +193,8 @@ contract LimitOrderLibrariesTest is BaseTest {
         vm.prank(users.seller);
         limitOrderBook.withdraw(orderIds, orderCoin, 0, users.seller);
 
-        QueueSnapshot memory tickQueue = _tickQueueSnapshot(created[0].poolKeyHash, orderCoin, tick);
+        int24 fillableTick = _fillableTick(isCurrency0, tick, key.tickSpacing);
+        QueueSnapshot memory tickQueue = _tickQueueSnapshot(created[0].poolKeyHash, orderCoin, fillableTick);
         assertEq(tickQueue.length, 2, "queue length should be 2");
         assertEq(tickQueue.head, created[0].orderId, "head unchanged");
         assertEq(tickQueue.tail, created[2].orderId, "tail unchanged");
@@ -237,7 +241,8 @@ contract LimitOrderLibrariesTest is BaseTest {
 
         // Verify bitmap is set
         bytes32 poolKeyHash = keccak256(abi.encode(key));
-        assertTrue(_isTickInitialized(poolKeyHash, orderCoin, orderTicks[0], key.tickSpacing), "tick should be initialized");
+        int24 fillableTick = _fillableTick(isCurrency0, orderTicks[0], key.tickSpacing);
+        assertTrue(_isTickInitialized(poolKeyHash, orderCoin, fillableTick, key.tickSpacing), "tick should be initialized");
     }
 
     function test_bitmapSetIfFirstWhenNonEmpty() public {
@@ -262,9 +267,10 @@ contract LimitOrderLibrariesTest is BaseTest {
 
         // Verify bitmap is still set (second enqueue didn't break it)
         bytes32 poolKeyHash = keccak256(abi.encode(key));
-        assertTrue(_isTickInitialized(poolKeyHash, orderCoin, tick, key.tickSpacing), "tick should be initialized");
+        int24 fillableTick = _fillableTick(isCurrency0, tick, key.tickSpacing);
+        assertTrue(_isTickInitialized(poolKeyHash, orderCoin, fillableTick, key.tickSpacing), "tick should be initialized");
 
-        QueueSnapshot memory tickQueue = _tickQueueSnapshot(poolKeyHash, orderCoin, tick);
+        QueueSnapshot memory tickQueue = _tickQueueSnapshot(poolKeyHash, orderCoin, fillableTick);
         assertEq(tickQueue.length, 2, "should have 2 orders at same tick");
     }
 
@@ -290,7 +296,8 @@ contract LimitOrderLibrariesTest is BaseTest {
         vm.prank(users.seller);
         limitOrderBook.withdraw(orderIds, orderCoin, 0, users.seller);
 
-        assertFalse(_isTickInitialized(poolKeyHash, orderCoin, orderTicks[0], key.tickSpacing), "tick should be cleared");
+        int24 fillableTick = _fillableTick(isCurrency0, orderTicks[0], key.tickSpacing);
+        assertFalse(_isTickInitialized(poolKeyHash, orderCoin, fillableTick, key.tickSpacing), "tick should be cleared");
     }
 
     function test_bitmapClearIfEmptyWhenStillHasOrders() public {
@@ -323,9 +330,10 @@ contract LimitOrderLibrariesTest is BaseTest {
         vm.prank(users.seller);
         limitOrderBook.withdraw(orderIds, orderCoin, 0, users.seller);
 
-        assertTrue(_isTickInitialized(poolKeyHash, orderCoin, tick, key.tickSpacing), "tick should still be initialized");
+        int24 fillableTick = _fillableTick(isCurrency0, tick, key.tickSpacing);
+        assertTrue(_isTickInitialized(poolKeyHash, orderCoin, fillableTick, key.tickSpacing), "tick should still be initialized");
 
-        QueueSnapshot memory tickQueue = _tickQueueSnapshot(poolKeyHash, orderCoin, tick);
+        QueueSnapshot memory tickQueue = _tickQueueSnapshot(poolKeyHash, orderCoin, fillableTick);
         assertEq(tickQueue.length, 1, "should have 1 order remaining");
     }
 

package/test/LimitOrderLiquidityPayouts.t.sol

@@ -19,6 +19,7 @@ import {IERC20} from "@openzeppelin/contracts/token/ERC20/IERC20.sol";
 import {IERC165} from "@openzeppelin/contracts/utils/introspection/IERC165.sol";
 
 import {SimpleERC20} from "@zoralabs/coins/test/mocks/SimpleERC20.sol";
+import {MockWETH} from "./utils/MockWETH.sol";
 
 contract MockPoolManager {
     using CurrencyLibrary for Currency;
@@ -29,8 +30,12 @@ contract MockPoolManager {
 
     uint256 public swapCalls;
     uint256 public takeCalls;
+    uint256 public syncCalls;
+    uint256 public settleCalls;
     Currency public lastTakeCurrency;
     uint256 public lastTakeAmount;
+    Currency public lastSyncCurrency;
+    uint256 public lastSettleValue;
 
     function setModifyLiquidityResponse(int128 amount0, int128 amount1, int128 fee0, int128 fee1) external {
         liquidityDelta = toBalanceDelta(amount0, amount1);
@@ -63,9 +68,14 @@ contract MockPoolManager {
         }
     }
 
-    function sync(Currency) external {}
+    function sync(Currency currency) external {
+        ++syncCalls;
+        lastSyncCurrency = currency;
+    }
 
     function settle() external payable returns (uint256) {
+        ++settleCalls;
+        lastSettleValue = msg.value;
         return msg.value;
     }
 
@@ -74,6 +84,11 @@ contract MockPoolManager {
 
 contract LimitOrderLiquidityHarness {
     LimitOrderTypes.LimitOrder internal order;
+    address internal weth;
+
+    function setWeth(address weth_) external {
+        weth = weth_;
+    }
 
     function configureOrder(address maker, bool isCurrency0, int24 tickLower, int24 tickUpper, uint128 liquidity) external {
         order.maker = maker;
@@ -99,7 +114,7 @@ contract LimitOrderLiquidityHarness {
         address coinIn,
         IDeployedCoinVersionLookup versionLookup
     ) external returns (Currency coinOut, uint128 makerAmount, uint128 referralAmount) {
-        return LimitOrderLiquidity.burnAndPayout(IPoolManager(address(poolManager)), key, order, orderId, feeRecipient, coinIn, versionLookup);
+        return LimitOrderLiquidity.burnAndPayout(IPoolManager(address(poolManager)), key, order, orderId, feeRecipient, coinIn, versionLookup, weth);
     }
 
     function burnAndRefund(MockPoolManager poolManager, PoolKey memory key, bytes32 orderId, address recipient) external returns (uint128 amountOut) {
@@ -112,13 +127,16 @@ contract LimitOrderLiquidityHarness {
                 order.liquidity,
                 orderId,
                 recipient,
-                order.isCurrency0
+                order.isCurrency0,
+                weth
             );
     }
 
     function refundResidual(PoolKey memory key, bool isCurrency0, address maker, uint128 amount) external {
         LimitOrderLiquidity.refundResidual(key, isCurrency0, maker, amount);
     }
+
+    receive() external payable {}
 }
 
 contract MockCoinVersionLookup is IDeployedCoinVersionLookup {
@@ -167,6 +185,7 @@ contract LimitOrderLiquidityPayoutsTest is Test {
     MockCoinVersionLookup internal versionLookup;
     SimpleERC20 internal currency0Token;
     SimpleERC20 internal currency1Token;
+    MockWETH internal weth;
     PoolKey internal poolKey;
     address internal maker;
 
@@ -179,6 +198,8 @@ contract LimitOrderLiquidityPayoutsTest is Test {
 
         currency0Token = new SimpleERC20("Token0", "TK0");
         currency1Token = new SimpleERC20("Token1", "TK1");
+        weth = new MockWETH();
+        harness.setWeth(address(weth));
 
         poolKey = PoolKey({
             currency0: Currency.wrap(address(currency0Token)),
@@ -249,6 +270,20 @@ contract LimitOrderLiquidityPayoutsTest is Test {
         assertEq(Currency.unwrap(poolManager.lastTakeCurrency()), address(currency1Token));
     }
 
+    function test_burnAndRefundPaysBothCurrenciesWhenPositive() public {
+        poolManager.setModifyLiquidityResponse(int128(10), int128(20), 0, 0);
+        deal(address(currency0Token), address(poolManager), 100e18);
+        deal(address(currency1Token), address(poolManager), 100e18);
+        address recipient = makeAddr("dual-recipient");
+
+        uint128 amountOut = harness.burnAndRefund(poolManager, poolKey, ORDER_ID, recipient);
+
+        assertEq(amountOut, 10, "amountOut should match order currency payout");
+        assertEq(currency0Token.balanceOf(recipient), 10, "recipient receives currency0");
+        assertEq(currency1Token.balanceOf(recipient), 20, "recipient receives currency1");
+        assertEq(poolManager.takeCalls(), 2, "both currencies should be taken");
+    }
+
     function test_burnAndPayoutWithoutReferralRoutesAllProceeds() public {
         poolManager.setModifyLiquidityResponse(0, int128(120), 0, 0);
         deal(address(currency1Token), address(poolManager), 200e18);
@@ -269,6 +304,52 @@ contract LimitOrderLiquidityPayoutsTest is Test {
         assertEq(poolManager.takeCalls(), 1, "single take call expected");
     }
 
+    function test_burnAndPayoutPaysWethForNativePayouts() public {
+        PoolKey memory nativeKey = PoolKey({
+            currency0: CurrencyLibrary.ADDRESS_ZERO,
+            currency1: Currency.wrap(address(currency1Token)),
+            fee: 3000,
+            tickSpacing: 60,
+            hooks: IHooks(address(0))
+        });
+
+        harness.setOrderSide(false);
+        poolManager.setModifyLiquidityResponse(int128(50), 0, 0, 0);
+        vm.deal(address(poolManager), 1 ether);
+
+        uint256 wethBefore = weth.balanceOf(maker);
+        (, uint128 makerAmount, ) = harness.burnAndPayout(poolManager, nativeKey, ORDER_ID, address(0), address(currency1Token), versionLookup);
+
+        assertEq(makerAmount, 50, "maker payout should match native delta");
+        assertEq(weth.balanceOf(maker), wethBefore + 50, "maker should receive WETH");
+        assertEq(maker.balance, 0, "maker should not receive native ETH");
+    }
+
+    function test_burnAndPayoutPaysBothCurrenciesWhenPositive() public {
+        // This test now verifies that when both deltas are positive,
+        // only ONE currency is paid out (the payout currency) after swapping
+        poolManager.setModifyLiquidityResponse(int128(15), int128(25), 0, 0);
+
+        // Simulate swap: 15 of currency0 swaps to get some currency1
+        // (mock doesn't track amounts, just that swap occurred)
+        poolManager.setSwapResponse(0, int128(0));
+
+        deal(address(currency0Token), address(poolManager), 100e18);
+        deal(address(currency1Token), address(poolManager), 100e18);
+
+        uint256 makerCurrency0Before = currency0Token.balanceOf(maker);
+        uint256 makerCurrency1Before = currency1Token.balanceOf(maker);
+
+        (, uint128 makerAmount, ) = harness.burnAndPayout(poolManager, poolKey, ORDER_ID, address(0), address(currency0Token), versionLookup);
+
+        // With the fix: only currency1 is paid out (NOT currency0)
+        assertEq(currency0Token.balanceOf(maker), makerCurrency0Before, "maker should NOT receive currency0");
+        assertGt(currency1Token.balanceOf(maker), makerCurrency1Before, "maker should receive currency1");
+
+        // Verify a swap occurred to convert currency0 to currency1
+        assertEq(poolManager.swapCalls(), 1, "swap should occur to consolidate to single currency");
+    }
+
     function test_burnAndPayoutSplitsReferralShares() public {
         poolManager.setModifyLiquidityResponse(0, int128(150), 0, int128(30));
         deal(address(currency1Token), address(poolManager), 300e18);
@@ -330,4 +411,200 @@ contract LimitOrderLiquidityPayoutsTest is Test {
         assertEq(poolManager.swapCalls(), 1, "swap path should execute");
         assertEq(currency1Token.balanceOf(maker), makerBefore + 40, "maker receives swapped currency");
     }
+
+    /// @notice Test that with dual positive deltas, only currency1 (payout currency) is paid out
+    /// @dev This simulates the audit bug scenario where positions have fees in both tokens
+    function test_dualPositiveDeltas_payoutsCurrency1Only() public {
+        // Order is selling currency0, so payout currency is currency1
+        harness.setOrderSide(true); // isCurrency0 = true
+
+        // Simulate dual positive deltas: both amount0 and amount1 are positive
+        // This happens when a position is crossed in both directions
+        poolManager.setModifyLiquidityResponse(int128(50), int128(100), 0, 0);
+
+        // Simulate swap: swap 50 of currency0 to get 45 of currency1
+        poolManager.setSwapResponse(0, int128(45));
+
+        // Fund pool manager with both currencies
+        deal(address(currency0Token), address(poolManager), 500e18);
+        deal(address(currency1Token), address(poolManager), 500e18);
+
+        uint256 maker0Before = currency0Token.balanceOf(maker);
+        uint256 maker1Before = currency1Token.balanceOf(maker);
+
+        (Currency coinOut, uint128 makerAmount, ) = harness.burnAndPayout(poolManager, poolKey, ORDER_ID, address(0), address(0), versionLookup);
+
+        // Verify only currency1 is paid out (NOT currency0)
+        assertEq(Currency.unwrap(coinOut), address(currency1Token), "payout currency should be currency1");
+        assertEq(currency0Token.balanceOf(maker), maker0Before, "maker should NOT receive currency0");
+
+        // Verify total payout in currency1 includes both the original amount1 + swapped amount0
+        // Expected: 100 (original currency1) + 45 (swapped from currency0) = 145
+        assertEq(currency1Token.balanceOf(maker), maker1Before + 145, "maker should receive combined amount in currency1");
+        assertEq(makerAmount, 145, "makerAmount should be combined total");
+
+        // Verify a swap occurred to convert currency0 to currency1
+        assertEq(poolManager.swapCalls(), 1, "swap should occur to convert currency0 to currency1");
+    }
+
+    /// @notice Test that with dual positive deltas, only currency0 (payout currency) is paid out
+    /// @dev This tests the opposite direction - selling currency1, expecting currency0 payout
+    function test_dualPositiveDeltas_payoutsCurrency0Only() public {
+        // Order is selling currency1, so payout currency is currency0
+        harness.setOrderSide(false); // isCurrency0 = false
+
+        // Simulate dual positive deltas
+        poolManager.setModifyLiquidityResponse(int128(80), int128(60), 0, 0);
+
+        // Simulate swap: swap 60 of currency1 to get 55 of currency0
+        poolManager.setSwapResponse(int128(55), 0);
+
+        // Fund pool manager
+        deal(address(currency0Token), address(poolManager), 500e18);
+        deal(address(currency1Token), address(poolManager), 500e18);
+
+        uint256 maker0Before = currency0Token.balanceOf(maker);
+        uint256 maker1Before = currency1Token.balanceOf(maker);
+
+        (Currency coinOut, uint128 makerAmount, ) = harness.burnAndPayout(poolManager, poolKey, ORDER_ID, address(0), address(0), versionLookup);
+
+        // Verify only currency0 is paid out (NOT currency1)
+        assertEq(Currency.unwrap(coinOut), address(currency0Token), "payout currency should be currency0");
+        assertEq(currency1Token.balanceOf(maker), maker1Before, "maker should NOT receive currency1");
+
+        // Verify total payout in currency0 includes both the original amount0 + swapped amount1
+        // Expected: 80 (original currency0) + 55 (swapped from currency1) = 135
+        assertEq(currency0Token.balanceOf(maker), maker0Before + 135, "maker should receive combined amount in currency0");
+        assertEq(makerAmount, 135, "makerAmount should be combined total");
+
+        // Verify a swap occurred
+        assertEq(poolManager.swapCalls(), 1, "swap should occur to convert currency1 to currency0");
+    }
+
+    /// @notice Test that with dual positive deltas and referral fees, both maker and referral receive single currency
+    function test_dualPositiveDeltas_makerAndReferral_singleCurrencyPayout() public {
+        address referral = makeAddr("referral");
+        harness.setOrderSide(true); // isCurrency0 = true, payout in currency1
+
+        // Simulate dual positive deltas with fees for referral
+        // liquidity: (60 amount0, 120 amount1), fees: (20 amount0, 30 amount1)
+        poolManager.setModifyLiquidityResponse(int128(60), int128(120), int128(20), int128(30));
+
+        // Simulate swaps for both maker and referral portions
+        // First swap (maker): swap 40 of currency0 to get 35 of currency1
+        // Second swap (referral): swap 20 of currency0 to get 18 of currency1
+        poolManager.setSwapResponse(0, int128(35));
+
+        deal(address(currency0Token), address(poolManager), 500e18);
+        deal(address(currency1Token), address(poolManager), 500e18);
+
+        uint256 maker0Before = currency0Token.balanceOf(maker);
+        uint256 maker1Before = currency1Token.balanceOf(maker);
+        uint256 ref0Before = currency0Token.balanceOf(referral);
+        uint256 ref1Before = currency1Token.balanceOf(referral);
+
+        (Currency makerCoinOut, uint128 makerAmount, uint128 referralAmount) = harness.burnAndPayout(
+            poolManager,
+            poolKey,
+            ORDER_ID,
+            referral,
+            address(0),
+            versionLookup
+        );
+
+        // Verify maker receives only currency1
+        assertEq(Currency.unwrap(makerCoinOut), address(currency1Token), "maker payout should be currency1");
+        assertEq(currency0Token.balanceOf(maker), maker0Before, "maker should NOT receive currency0");
+
+        // Verify referral receives only currency1
+        assertEq(currency0Token.balanceOf(referral), ref0Before, "referral should NOT receive currency0");
+
+        // Both should have increased currency1 balances
+        assertGt(currency1Token.balanceOf(maker), maker1Before, "maker should receive currency1");
+        assertGt(currency1Token.balanceOf(referral), ref1Before, "referral should receive currency1");
+
+        // Verify swaps occurred (one for maker, one for referral)
+        assertEq(poolManager.swapCalls(), 2, "two swaps should occur (maker + referral)");
+    }
+
+    function test_burnAndPayoutBypassesSwapPathWhenPayoutCurrencyMismatches() public {
+        TestSwapPathCoin swapCoin = new TestSwapPathCoin(Currency.wrap(address(currency0Token)));
+        versionLookup.setVersion(address(swapCoin), 4);
+
+        poolManager.setModifyLiquidityResponse(int128(22), 0, 0, 0);
+        poolManager.setSwapResponse(0, int128(22));
+
+        deal(address(currency0Token), address(poolManager), 200e18);
+        deal(address(currency1Token), address(poolManager), 200e18);
+
+        uint256 makerBefore = currency1Token.balanceOf(maker);
+
+        harness.burnAndPayout(poolManager, poolKey, ORDER_ID, address(0), address(swapCoin), versionLookup);
+
+        assertEq(poolManager.swapCalls(), 1, "swap should occur using fallback single-hop path");
+        assertEq(currency1Token.balanceOf(maker), makerBefore + 22, "maker receives currency1 from swap");
+    }
+
+    /// @notice MKT-27: Documents that wrong coin is passed but validation provides safety net
+    /// @dev Demonstrates the root cause bug in _fillOrder():
+    ///      - _fillOrder() passes INPUT coin (CoinA) to burnAndPayout
+    ///      - Should pass OUTPUT coin (WETH) instead
+    ///      - Validation in _resolvePayoutPath() catches the mismatch and falls back
+    ///      - Result: User correctly receives WETH (due to validation, not correct logic)
+    ///
+    ///      Scenario: Pool CoinA/WETH, CoinA has path to USDC, Order: Sell CoinA for WETH
+    ///      Root bug: Looks at CoinA's path (wrong coin!)
+    ///      Safety net: Validation sees path leads to USDC not WETH, falls back
+    ///
+    ///      This test verifies the validation works, but we should still fix the root cause.
+    function test_burnAndPayoutUsesWrongCoinPayoutPath_MKT27() public {
+        // Create CoinA with payout path to USDC (currency0Token)
+        // This simulates a coin whose payout path leads to unexpected currency
+        TestSwapPathCoin coinA = new TestSwapPathCoin(Currency.wrap(address(currency0Token))); // path to USDC
+        versionLookup.setVersion(address(coinA), 4);
+
+        // Create pool: CoinA / WETH (currency1Token)
+        PoolKey memory testPoolKey = PoolKey({
+            currency0: Currency.wrap(address(coinA)), // CoinA
+            currency1: Currency.wrap(address(currency1Token)), // WETH
+            fee: 3000,
+            tickSpacing: 60,
+            hooks: poolKey.hooks
+        });
+
+        // Order: Sell CoinA (currency0) for WETH (currency1)
+        harness.setOrderSide(true); // isCurrency0 = true → payout should be currency1 (WETH)
+
+        // Simulate liquidity return: 100 units returned
+        poolManager.setModifyLiquidityResponse(int128(100), 0, 0, 0);
+
+        // Simulate fallback swap (validation rejects CoinA's path, uses single-hop)
+        poolManager.setSwapResponse(0, int128(100));
+
+        // Fund pool manager
+        deal(address(currency0Token), address(poolManager), 500e18); // USDC
+        deal(address(currency1Token), address(poolManager), 500e18); // WETH
+
+        uint256 makerWethBefore = currency1Token.balanceOf(maker);
+
+        // ROOT CAUSE BUG: Pass CoinA (input coin) - this is what _fillOrder() does
+        // SHOULD PASS: WETH (output coin) - this is what it should do
+        (Currency coinOut, , ) = harness.burnAndPayout(
+            poolManager,
+            testPoolKey,
+            ORDER_ID,
+            address(0),
+            address(coinA), // ← ROOT BUG: passing wrong coin
+            versionLookup
+        );
+
+        // VALIDATION SAFETY NET WORKS: User receives correct currency (WETH)
+        // Even though we passed wrong coin, validation caught it and fell back
+        assertEq(Currency.unwrap(coinOut), address(currency1Token), "validation correctly falls back to WETH");
+        assertEq(currency1Token.balanceOf(maker), makerWethBefore + 100, "maker receives WETH (correct)");
+
+        // NOTE: While validation prevents harm, _fillOrder() should still be fixed to pass
+        // the OUTPUT coin, not INPUT coin. This makes the code semantically correct and
+        // doesn't rely on validation as a crutch.
+    }
 }

package/test/LimitOrderWithdraw.t.sol

@@ -54,6 +54,33 @@ contract LimitOrderWithdrawTest is BaseTest {
         }
     }
 
+    /// @notice Fillable orders must be filled, not withdrawn
+    function test_withdrawRevertsForFillableOrder() public {
+        PoolKey memory key = creatorCoin.getPoolKey();
+        bool isCurrency0 = Currency.unwrap(key.currency0) == address(creatorCoin);
+        address orderCoin = _orderCoin(key, isCurrency0);
+
+        // Create orders directly
+        (uint256[] memory orderSizes, int24[] memory orderTicks) = _buildDeterministicOrders(key, isCurrency0, 1, 25e18);
+        uint256 totalSize = orderSizes[0];
+        _fundAndApprove(users.seller, orderCoin, totalSize);
+
+        vm.recordLogs();
+        vm.prank(users.seller);
+        limitOrderBook.create{value: orderCoin == address(0) ? totalSize : 0}(key, isCurrency0, orderSizes, orderTicks, users.seller);
+        CreatedOrderLog[] memory created = _decodeCreatedLogs(vm.getRecordedLogs());
+        assertEq(created.length, 1, "expected 1 order");
+
+        // Move price past order (makes it fillable)
+        _movePriceBeyondTicksWithAutoFillDisabled(created);
+
+        bytes32[] memory orderIds = _orderIds(created);
+
+        vm.expectRevert(IZoraLimitOrderBook.OrderFillable.selector);
+        vm.prank(users.seller);
+        limitOrderBook.withdraw(orderIds, orderCoin, 0, users.seller);
+    }
+
     function test_withdrawOrdersRevertsForMixedCoins() public {
         PoolKey memory creatorKey = creatorCoin.getPoolKey();
         PoolKey memory contentKey = contentCoin.getPoolKey();
@@ -322,7 +349,7 @@ contract LimitOrderWithdrawTest is BaseTest {
 
         CreatedOrderLog[] memory created = _decodeCreatedLogs(vm.getRecordedLogs());
         bytes32 poolKeyHash = created[0].poolKeyHash;
-        int24 tick = ticks[0];
+        int24 tick = _fillableTick(isCurrency0, ticks[0], key.tickSpacing);
 
         // Verify bitmap set
         assertTrue(_isTickInitialized(poolKeyHash, orderCoin, tick, key.tickSpacing), "tick should be initialized");

package/test/SwapWithLimitOrders.t.sol

@@ -9,17 +9,15 @@ import {IERC20} from "@openzeppelin/contracts/token/ERC20/IERC20.sol";
 import {Vm} from "forge-std/Vm.sol";
 
 contract SwapWithLimitOrdersTest is BaseTest {
-    function test_autosellSkipsDustPurchases() public {
+    function test_autosellCreatesOrdersForSmallPurchases() public {
         PoolKey memory key = creatorCoin.getPoolKey();
-        bool isCurrency0 = Currency.unwrap(key.currency0) == address(creatorCoin);
-        address orderCoin = _orderCoin(key, isCurrency0);
 
         vm.recordLogs();
         _executeSingleHopSwapWithLimitOrders(users.buyer, key, 1e13, _defaultMultiples(), _defaultPercentages());
         CreatedOrderLog[] memory created = _decodeCreatedLogs(vm.getRecordedLogs());
 
-        assertEq(created.length, 0, "dust swap should not create orders");
-        assertEq(_makerBalance(users.buyer, orderCoin), 0, "book balance should remain zero");
+        // Small purchases create orders (no minimum threshold)
+        assertGt(created.length, 0, "small swap should create orders");
     }
 
     function test_multiHopAutosellCreatesOrdersOnlyOnLastPool() public {