> ## Documentation Index
> Fetch the complete documentation index at: https://docs.phylax.systems/llms.txt
> Use this file to discover all available pages before exploring further.

# Assertion Pattern Catalog

> Reference catalog of reusable V2 assertion patterns organized by security category

Use this page as a reference catalog when you already know the class of risk you want to cover and need a matching assertion pattern. If you want to understand a historical exploit first, use the [hack case studies](../previous-hacks/prev-hacks-index).

## Access Control & Administrative Changes

* [**Implementation Address Change**](./ass01-impl-addr-change): Protects against unauthorized changes to proxy implementation addresses, preventing attackers from replacing contract logic with malicious code.

* [**KYC Whitelist**](./ass04-kyc-whitelist): Ensures that only KYC accredited users can interact with a contract based on a unified KYC registry.

* [**Owner Change**](./ass05-ownership-change): Ensures ownership of a contract cannot be transferred unexpectedly, preventing attackers from gaining administrative control over critical protocol functions.

* [**Timelock Verification**](./ass09-timelock-verification): Verifies that administrative actions are executed only after the required timelock period, preventing rushed or malicious changes to protocol parameters.

## Liquidity Pool & AMM Security

* [**Constant Product**](./ass06-constant-product): Ensures the constant product formula (k = x \* y) is maintained in AMM pools, preventing price manipulation attacks and unauthorized token drains.

* [**Price Within Ticks**](./ass15-price-within-ticks): Verifies that concentrated liquidity positions in AMM protocols maintain prices within expected tick boundaries, protecting against price manipulation.

* [**Fee Calculations**](./ass14-fee-calculations): Ensures trading fees are correctly calculated and distributed, preventing fee theft or unexpected losses in AMM protocols.

## Lending Protocol Safety

* [**Lending Health Factor**](./ass07-lending-health-factor): Enforces minimum health factor requirements in lending protocols, preventing under-collateralized positions and protecting protocol solvency.

* [**Liquidation Health Factor**](./ass16-liquidation-health-factor): Ensures liquidations only occur when health factors fall below the liquidation threshold, protecting borrowers from premature or incorrect liquidations.

* [**Sum of All Positions**](./ass08-sum-of-all-positions): Verifies that the sum of all user positions matches the total asset balance, detecting accounting errors or unauthorized fund movements.

* [**Tokens Borrowed Invariant**](./ass19-tokens-borrowed-invariant): Enforces that the relationship between borrowed tokens and collateral remains within safe protocol limits, preventing critical invariant violations.

## Oracle Security

* [**Oracle Liveness Validation**](./ass10-oracle-validation): Verifies that oracle data is fresh enough for protocol operations that rely on it.

* [**TWAP Deviation**](./ass11-twap-deviation): Compares pre-transaction and post-transaction TWAP values and tracks intra-transaction price changes.

* [**Intra-tx Oracle Deviation**](./ass28-intra-tx-oracle-deviation): Checks that oracle price updates stay within an allowed deviation range during a transaction.

## Circuit Breakers

* [**ERC20 Cumulative Outflow Breaker**](./ass20-erc20-drain): Uses the Reshiram `watchCumulativeOutflow` trigger to limit ERC20 outflows over a rolling window.

* [**ERC20 Cumulative Inflow Breaker**](./ass22-erc20-inflow-breaker): Uses the Reshiram `watchCumulativeInflow` trigger to limit suspicious ERC20 inflows over a rolling window.

## Native Asset Protection

* [**Ether Drain**](./ass21-ether-drain): Limits sudden ETH outflows and requires trusted destinations for large withdrawals.

## Vault & ERC4626 Security

* [**ERC4626 Assets to Shares**](./ass12-erc4626-assets-to-shares): Verifies correct conversion between assets and shares in ERC4626 vaults, preventing accounting errors that could lead to fund loss.

* [**ERC4626 Deposit and Withdraw Share Price**](./ass13-erc4626-deposit-withdraw): Checks that deposit and withdraw calls do not reduce the vault share price across matched call snapshots.

* [**Harvest Increases Balance**](./ass18-harvest-increases-balance): Verifies that yield-generating operations like harvests always increase the total balance of vaults, preventing value extraction attacks.

## Emergency & Special Mode Protection

* [**Panic State Validation**](./ass17-panic-state-validation): Validates critical protocol state variables during panic or emergency modes, ensuring fallback mechanisms work correctly when normal operations are suspended.

***

**Next:** Explore [previous hacks analysis](../previous-hacks/prev-hacks-index) to see how assertions could have prevented real-world exploits.