liquid-sdk 1.7.4 → 1.7.5
This diff represents the content of publicly available package versions that have been released to one of the supported registries. The information contained in this diff is provided for informational purposes only and reflects changes between package versions as they appear in their respective public registries.
- package/CHANGELOG.md +7 -0
- package/dist/index.js +1 -1
- package/dist/index.js.map +1 -1
- package/dist/index.mjs +1 -1
- package/dist/index.mjs.map +1 -1
- package/package.json +1 -1
- package/skills/bid-in-auction.md +4 -2
package/package.json
CHANGED
|
@@ -1,6 +1,6 @@
|
|
|
1
1
|
{
|
|
2
2
|
"name": "liquid-sdk",
|
|
3
|
-
"version": "1.7.
|
|
3
|
+
"version": "1.7.5",
|
|
4
4
|
"description": "TypeScript SDK to deploy ERC-20 tokens with Uniswap V4 liquidity on Base — zero API keys, one dependency (viem)",
|
|
5
5
|
"author": "Liquid Protocol",
|
|
6
6
|
"homepage": "https://github.com/Liquid-Protocol-Ops/SDK#readme",
|
package/skills/bid-in-auction.md
CHANGED
|
@@ -22,6 +22,8 @@ Sniper auction participation involves significant financial risk:
|
|
|
22
22
|
|
|
23
23
|
7. **Smart contract risk**: The auction contracts are unaudited for this specific deployment. Bugs or misconfigurations could result in loss of funds.
|
|
24
24
|
|
|
25
|
+
8. **Standing WETH approvals are dangerous**: A lingering WETH allowance to `SniperUtilV2` (`0x2B6cd5Be183c388Dd0074d53c52317df1414cd9f`) is the surface a "drain via standing approval" exploit targets — a sibling Clanker fork was drained this way in 2026-05. **As of this SDK version, `bidInAuction` approves only the exact `amountIn` per bid** (no multiplier), so each bid consumes the allowance fully and leaves zero residual. If you bid through an older SDK that approved a multiplier, **revoke your WETH allowance to `SniperUtilV2` before bidding again**. Never grant a max/unlimited WETH approval to these contracts.
|
|
26
|
+
|
|
25
27
|
**As an agent, you MUST:**
|
|
26
28
|
- Clearly present these risks to the user before their first auction bid
|
|
27
29
|
- Ask for explicit confirmation (e.g., "I understand the risks of auction sniping and want to proceed")
|
|
@@ -98,7 +100,7 @@ Before bidding, understand these mechanics:
|
|
|
98
100
|
- **`bidAmount`** (msg.value): ETH sent to the auction as your bid. Goes to protocol/LP.
|
|
99
101
|
- **`amountIn`** (WETH transfer): The actual swap input. Pulled from your WETH balance via `transferFrom`. **This is separate from the bid.**
|
|
100
102
|
|
|
101
|
-
The SDK **automatically wraps ETH → WETH and approves the SniperUtilV2
|
|
103
|
+
The SDK **automatically wraps ETH → WETH and approves the SniperUtilV2 for the exact `amountIn`** (no multiplier — the bid's `transferFrom` consumes the full allowance, so nothing standing survives). You just need enough total ETH.
|
|
102
104
|
|
|
103
105
|
### Gas Price = Bid Encoding
|
|
104
106
|
The bid amount is encoded in the transaction's gas price: `bidAmount = (tx.gasprice - gasPeg) × paymentPerGasUnit`. Both `maxFeePerGas` **and** `maxPriorityFeePerGas` must be set to the calculated value, otherwise Base's EIP-1559 will compute a lower effective gas price.
|
|
@@ -334,7 +336,7 @@ interface BidInAuctionResult {
|
|
|
334
336
|
| Max rounds | 5 | Total auction rounds per token |
|
|
335
337
|
| Blocks between auctions | 2 | Rounds occur every 2 blocks |
|
|
336
338
|
| Blocks before first auction | 2 | First auction = deploy block + 2 |
|
|
337
|
-
| Payment per gas unit | 0.0001 ETH (1e14 wei) | Converts gas delta to bid ETH |
|
|
339
|
+
| Payment per gas unit | 0.0001 ETH (1e14 wei) | Converts gas delta to bid ETH. *May be set to 0 by the auction owner as a security mitigation — when 0, the required bid is also 0 (auctions function as a free gas-price race; the bid-payment path is neutered).* |
|
|
338
340
|
| Starting fee | 800,000 (80%) | Fee at auction start |
|
|
339
341
|
| Ending fee | 400,000 (40%) | Fee floor after decay |
|
|
340
342
|
| Decay period | 20 seconds | Time for fee to decay from start to end |
|