tempo_precompiles/tip_fee_manager/

amm.rs

use crate::{
    error::{Result, TempoPrecompileError},
    storage::Handler,
    tip_fee_manager::{ITIPFeeAMM, TIPFeeAMMError, TIPFeeAMMEvent, TipFeeManager},
    tip20::{ITIP20, TIP20Token, validate_usd_currency},
};
use alloy::{
    primitives::{Address, B256, U256, keccak256, uint},
    sol_types::SolValue,
};
use tempo_precompiles_macros::Storable;

/// Fee multiplier for fee swaps: 0.9970 scaled by 10000 (30 bps fee).
pub const M: U256 = uint!(9970_U256);
/// Fee multiplier for rebalance swaps: 0.9985 scaled by 10000.
pub const N: U256 = uint!(9985_U256);
/// Scale factor for fixed-point AMM arithmetic (10000).
pub const SCALE: U256 = uint!(10000_U256);
/// Minimum liquidity locked permanently when initializing a pool.
pub const MIN_LIQUIDITY: U256 = uint!(1000_U256);

/// Computes the output amount for a fee swap: `amount_in * M / SCALE`.
///
/// # Errors
/// - `UnderOverflow` — multiplication of `amount_in * M` overflows
#[inline]
pub fn compute_amount_out(amount_in: U256) -> Result<U256> {
    amount_in
        .checked_mul(M)
        .map(|product| product / SCALE)
        .ok_or(TempoPrecompileError::under_overflow())
}

/// AMM pool reserves for a user-token / validator-token pair.
#[derive(Debug, Clone, Default, Storable)]
pub struct Pool {
    /// Reserve of the user's fee token.
    pub reserve_user_token: u128,
    /// Reserve of the validator's fee token.
    pub reserve_validator_token: u128,
}

impl From<Pool> for ITIPFeeAMM::Pool {
    fn from(value: Pool) -> Self {
        Self {
            reserveUserToken: value.reserve_user_token,
            reserveValidatorToken: value.reserve_validator_token,
        }
    }
}

/// Identifies a directional token pair in the fee AMM.
#[derive(Debug, Clone, PartialEq, Eq, Hash, Storable)]
pub struct PoolKey {
    /// The fee token chosen by the user (transaction sender).
    pub user_token: Address,
    /// The fee token chosen by the validator (block producer).
    pub validator_token: Address,
}

impl Pool {
    /// Decodes a [`Pool`] from a raw EVM storage slot value (needed from changeset diffs).
    pub fn decode_from_slot(slot_value: U256) -> Self {
        use crate::storage::{LayoutCtx, Storable, packing::PackedSlot};

        // NOTE: fine to expect, as `StorageOps` on `PackedSlot` are infallible
        Self::load(&PackedSlot(slot_value), U256::ZERO, LayoutCtx::FULL)
            .expect("unable to decode Pool from slot")
    }
}

impl PoolKey {
    /// Creates a new pool key from user and validator token addresses.
    /// This key uniquely identifies a trading pair in the AMM.
    pub fn new(user_token: Address, validator_token: Address) -> Self {
        Self {
            user_token,
            validator_token,
        }
    }

    /// Generates a unique pool ID by hashing the token pair addresses.
    /// Uses keccak256 to create a deterministic identifier for this pool.
    pub fn get_id(&self) -> B256 {
        keccak256((self.user_token, self.validator_token).abi_encode())
    }
}

/// AMM path [`TipFeeManager`] will take to swap `user_token` into `validator_token` for fee collection.
#[derive(Debug, Clone, Copy, PartialEq, Eq)]
pub enum FeeRoute {
    /// User and validator share the same fee token; no swap is performed.
    SameToken,
    /// Direct pool `(user_token, validator_token)` swap.
    Direct,
    /// Two-hop swap (T5+): routes through `intermediate = userToken.quoteToken()`.
    /// Each hop applies the standard `M = 9970/10000` rate sequentially.
    TwoHop(Address),
}

/// Pools read during planning, paired with their observed validator-token reserve.
pub type PoolData = ((Address, Address), u128);

impl TipFeeManager {
    /// Returns the deterministic pool ID for a directional token pair. Note that the pool id is
    /// order-dependent: `(A, B)` produces a different ID than `(B, A)`.
    pub fn pool_id(&self, user_token: Address, validator_token: Address) -> B256 {
        PoolKey::new(user_token, validator_token).get_id()
    }

    /// Returns the [`Pool`] reserves for the given user/validator token pair.
    pub fn get_pool(&self, call: ITIPFeeAMM::getPoolCall) -> Result<Pool> {
        let pool_id = self.pool_id(call.userToken, call.validatorToken);
        self.pools[pool_id].read()
    }

    /// Reserves pool liquidity in transient storage for a pending fee swap.
    #[inline]
    pub fn reserve_pool_liquidity(&mut self, pool_id: B256, amount: u128) -> Result<()> {
        self.pending_fee_swap_reservation[pool_id].t_write(amount)
    }

    /// Executes a rebalance swap: sells `amount_out` of user-token from the pool in exchange for
    /// validator-token at the rebalance rate (`N / SCALE`). Used by arbitrageurs to rebalance reserves.
    ///
    /// # Errors
    /// - `InvalidAmount` — `amount_out` is zero or exceeds `u128`
    /// - `InsufficientReserves` — adding `amount_in` overflows the validator reserve
    /// - `InsufficientLiquidity` — remaining reserve would violate the pending reservation (T1C+)
    /// - `UnderOverflow` — arithmetic overflow computing `amount_in`
    pub fn rebalance_swap(
        &mut self,
        msg_sender: Address,
        user_token: Address,
        validator_token: Address,
        amount_out: U256,
        to: Address,
    ) -> Result<U256> {
        if amount_out.is_zero() {
            return Err(TIPFeeAMMError::invalid_amount().into());
        }

        let pool_id = self.pool_id(user_token, validator_token);
        let mut pool = self.pools[pool_id].read()?;

        // Rebalancing swaps are always from validatorToken to userToken
        // Calculate input and update reserves
        let amount_in = amount_out
            .checked_mul(N)
            .and_then(|product| product.checked_div(SCALE))
            .and_then(|result| result.checked_add(U256::ONE))
            .ok_or(TempoPrecompileError::under_overflow())?;

        let amount_in: u128 = amount_in
            .try_into()
            .map_err(|_| TIPFeeAMMError::invalid_amount())?;
        let amount_out: u128 = amount_out
            .try_into()
            .map_err(|_| TIPFeeAMMError::invalid_amount())?;

        pool.reserve_validator_token = pool
            .reserve_validator_token
            .checked_add(amount_in)
            .ok_or(TIPFeeAMMError::insufficient_reserves())?;

        pool.reserve_user_token = pool
            .reserve_user_token
            .checked_sub(amount_out)
            .ok_or(TIPFeeAMMError::invalid_amount())?;

        if self.storage.spec().is_t1c() {
            let reserved = self.pending_fee_swap_reservation[pool_id].t_read()?;
            if pool.reserve_validator_token < reserved {
                return Err(TIPFeeAMMError::insufficient_liquidity().into());
            }
        }

        self.pools[pool_id].write(pool)?;

        let amount_in = U256::from(amount_in);
        let amount_out = U256::from(amount_out);
        TIP20Token::from_address(validator_token)?.system_transfer_from(
            self.address,
            msg_sender,
            amount_in,
        )?;

        TIP20Token::from_address(user_token)?.transfer(
            self.address,
            ITIP20::transferCall {
                to,
                amount: amount_out,
            },
        )?;

        self.emit_event(TIPFeeAMMEvent::rebalance_swap(
            user_token,
            validator_token,
            msg_sender,
            amount_in,
            amount_out,
        ))?;

        Ok(amount_in)
    }

    /// Mints LP tokens by depositing validator-token into a pool.
    ///
    /// On first deposit the pool is initialized with equal reserves and [`MIN_LIQUIDITY`] is
    /// permanently locked. Subsequent deposits mint pro-rata to existing supply. Both tokens
    /// must be distinct, USD-denominated TIP-20s.
    ///
    /// NOTE: Validators who also provide liquidity have an information advantage over non-validator
    /// LPs. Because validators choose their preferred fee token and control transaction inclusion
    /// order as block producers, a validator-LP can predict which pool will receive fee-swap
    /// revenue and position liquidity accordingly.
    ///
    /// # Errors
    /// - `IdenticalAddresses` — `user_token` equals `validator_token`
    /// - `InvalidAmount` — `amount_validator_token` is zero or exceeds `u128`
    /// - `InvalidCurrency` — either token is not USD-denominated
    /// - `InsufficientLiquidity` — initial deposit ≤ `MIN_LIQUIDITY`, or zero liquidity minted
    /// - `InvalidSwapCalculation` — pro-rata arithmetic fails
    /// - `UnderOverflow` — supply or balance overflow
    pub fn mint(
        &mut self,
        msg_sender: Address,
        user_token: Address,
        validator_token: Address,
        amount_validator_token: U256,
        to: Address,
    ) -> Result<U256> {
        if user_token == validator_token {
            return Err(TIPFeeAMMError::identical_addresses().into());
        }

        if amount_validator_token.is_zero() {
            return Err(TIPFeeAMMError::invalid_amount().into());
        }

        // Validate both tokens are USD currency
        validate_usd_currency(user_token)?;
        validate_usd_currency(validator_token)?;

        let pool_id = self.pool_id(user_token, validator_token);
        let mut pool = self.pools[pool_id].read()?;
        let mut total_supply = self.get_total_supply(pool_id)?;

        let liquidity = if pool.reserve_user_token == 0 && pool.reserve_validator_token == 0 {
            let half_amount = amount_validator_token
                .checked_div(uint!(2_U256))
                .ok_or(TempoPrecompileError::under_overflow())?;

            if half_amount <= MIN_LIQUIDITY {
                return Err(TIPFeeAMMError::insufficient_liquidity().into());
            }

            total_supply = total_supply
                .checked_add(MIN_LIQUIDITY)
                .ok_or(TempoPrecompileError::under_overflow())?;
            self.set_total_supply(pool_id, total_supply)?;

            half_amount
                .checked_sub(MIN_LIQUIDITY)
                .ok_or(TIPFeeAMMError::insufficient_liquidity())?
        } else {
            // Subsequent deposits: mint as if user called rebalanceSwap then minted with both
            // liquidity = amountValidatorToken * _totalSupply / (V + n * U), with n = N / SCALE
            let product = N
                .checked_mul(U256::from(pool.reserve_user_token))
                .and_then(|product| product.checked_div(SCALE))
                .ok_or(TIPFeeAMMError::invalid_swap_calculation())?;

            let denom = U256::from(pool.reserve_validator_token)
                .checked_add(product)
                .ok_or(TIPFeeAMMError::invalid_amount())?;

            if denom.is_zero() {
                return Err(TIPFeeAMMError::division_by_zero().into());
            }

            amount_validator_token
                .checked_mul(total_supply)
                .and_then(|numerator| numerator.checked_div(denom))
                .ok_or(TIPFeeAMMError::invalid_swap_calculation())?
        };

        if liquidity.is_zero() {
            return Err(TIPFeeAMMError::insufficient_liquidity().into());
        }

        // Transfer validator tokens from user
        let _ = TIP20Token::from_address(validator_token)?.system_transfer_from(
            self.address,
            msg_sender,
            amount_validator_token,
        )?;

        // Update reserves
        let validator_amount: u128 = amount_validator_token
            .try_into()
            .map_err(|_| TIPFeeAMMError::invalid_amount())?;

        pool.reserve_validator_token = pool
            .reserve_validator_token
            .checked_add(validator_amount)
            .ok_or(TIPFeeAMMError::invalid_amount())?;

        self.pools[pool_id].write(pool)?;

        // Mint LP tokens
        self.set_total_supply(
            pool_id,
            total_supply
                .checked_add(liquidity)
                .ok_or(TempoPrecompileError::under_overflow())?,
        )?;

        let balance = self.get_liquidity_balances(pool_id, to)?;
        self.set_liquidity_balances(
            pool_id,
            to,
            balance
                .checked_add(liquidity)
                .ok_or(TempoPrecompileError::under_overflow())?,
        )?;

        // Emit Mint event
        self.emit_event(TIPFeeAMMEvent::mint(
            msg_sender,
            to,
            user_token,
            validator_token,
            amount_validator_token,
            liquidity,
        ))?;

        Ok(liquidity)
    }

    /// Burns LP tokens and returns the pro-rata share of both pool tokens to `to`.
    ///
    /// On T1C+ the burn is rejected if the remaining validator-token reserve would fall below
    /// the pending fee-swap reservation set by [`TipFeeManager::reserve_pool_liquidity`].
    ///
    /// # Errors
    /// - `IdenticalAddresses` — `user_token` equals `validator_token`
    /// - `InvalidAmount` — `liquidity` is zero or amounts exceed `u128`
    /// - `InvalidCurrency` — either token is not USD-denominated
    /// - `InsufficientLiquidity` — caller's balance < `liquidity`, or remaining reserve would
    ///   violate the pending reservation (T1C+)
    /// - `InsufficientReserves` — pool reserves underflow after withdrawal
    /// - `UnderOverflow` — supply or balance arithmetic overflows
    pub fn burn(
        &mut self,
        msg_sender: Address,
        user_token: Address,
        validator_token: Address,
        liquidity: U256,
        to: Address,
    ) -> Result<(U256, U256)> {
        if user_token == validator_token {
            return Err(TIPFeeAMMError::identical_addresses().into());
        }

        if liquidity.is_zero() {
            return Err(TIPFeeAMMError::invalid_amount().into());
        }

        // Validate both tokens are USD currency
        validate_usd_currency(user_token)?;
        validate_usd_currency(validator_token)?;

        let pool_id = self.pool_id(user_token, validator_token);
        // Check user has sufficient liquidity
        let balance = self.get_liquidity_balances(pool_id, msg_sender)?;
        if balance < liquidity {
            return Err(TIPFeeAMMError::insufficient_liquidity().into());
        }

        let mut pool = self.pools[pool_id].read()?;
        // Calculate amounts to return
        let (amount_user_token, amount_validator_token) =
            self.calculate_burn_amounts(&pool, pool_id, liquidity)?;

        // T1C+: Check that burn leaves enough liquidity for pending fee swaps
        // Reservation is set by reserve_pool_liquidity() in collect_fee_pre_tx
        let validator_amount: u128 = amount_validator_token
            .try_into()
            .map_err(|_| TIPFeeAMMError::invalid_amount())?;
        let available_after_burn = pool
            .reserve_validator_token
            .checked_sub(validator_amount)
            .ok_or(TIPFeeAMMError::insufficient_reserves())?;
        if self.storage.spec().is_t1c() {
            let reserved = self.pending_fee_swap_reservation[pool_id].t_read()?;
            if available_after_burn < reserved {
                return Err(TIPFeeAMMError::insufficient_liquidity().into());
            }
        }

        // Burn LP tokens
        self.set_liquidity_balances(
            pool_id,
            msg_sender,
            balance
                .checked_sub(liquidity)
                .ok_or(TempoPrecompileError::under_overflow())?,
        )?;
        let total_supply = self.get_total_supply(pool_id)?;
        self.set_total_supply(
            pool_id,
            total_supply
                .checked_sub(liquidity)
                .ok_or(TempoPrecompileError::under_overflow())?,
        )?;

        // Update reserves with underflow checks
        let user_amount: u128 = amount_user_token
            .try_into()
            .map_err(|_| TIPFeeAMMError::invalid_amount())?;
        let validator_amount: u128 = amount_validator_token
            .try_into()
            .map_err(|_| TIPFeeAMMError::invalid_amount())?;

        pool.reserve_user_token = pool
            .reserve_user_token
            .checked_sub(user_amount)
            .ok_or(TIPFeeAMMError::insufficient_reserves())?;
        pool.reserve_validator_token = pool
            .reserve_validator_token
            .checked_sub(validator_amount)
            .ok_or(TIPFeeAMMError::insufficient_reserves())?;
        self.pools[pool_id].write(pool)?;

        // Transfer tokens to user
        let _ = TIP20Token::from_address(user_token)?.transfer(
            self.address,
            ITIP20::transferCall {
                to,
                amount: amount_user_token,
            },
        )?;

        let _ = TIP20Token::from_address(validator_token)?.transfer(
            self.address,
            ITIP20::transferCall {
                to,
                amount: amount_validator_token,
            },
        )?;

        // Emit Burn event
        self.emit_event(TIPFeeAMMEvent::burn(
            msg_sender,
            user_token,
            validator_token,
            amount_user_token,
            amount_validator_token,
            liquidity,
            to,
        ))?;

        Ok((amount_user_token, amount_validator_token))
    }

    /// Calculate burn amounts for liquidity withdrawal
    fn calculate_burn_amounts(
        &self,
        pool: &Pool,
        pool_id: B256,
        liquidity: U256,
    ) -> Result<(U256, U256)> {
        let total_supply = self.get_total_supply(pool_id)?;
        let amount_user_token = liquidity
            .checked_mul(U256::from(pool.reserve_user_token))
            .and_then(|product| product.checked_div(total_supply))
            .ok_or(TempoPrecompileError::under_overflow())?;
        let amount_validator_token = liquidity
            .checked_mul(U256::from(pool.reserve_validator_token))
            .and_then(|product| product.checked_div(total_supply))
            .ok_or(TempoPrecompileError::under_overflow())?;

        Ok((amount_user_token, amount_validator_token))
    }

    /// Plans the AMM path needed to swap `max_amount` of `user_token` into `validator_token`
    /// under the active hardfork. Read-only; does not reserve.
    ///
    /// On T5+ falls back to a two-hop path through `userToken.quoteToken()` as per [TIP-1033].
    /// Returns `(route, queried_intermediate, pools)`:
    /// - `route` is `None` when no path has sufficient liquidity.
    /// - `queried_intermediate` is `Some(addr)` whenever `userToken.quoteToken()` was read,
    ///   regardless of whether the value is usable. Callers can cache it to skip the cold
    ///   storage read on subsequent admissions.
    /// - `pools` lists every pool slot read during planning, paired with its observed reserve.
    ///
    /// # Errors
    /// - `InvalidToken` — `user_token` does not have a valid TIP-20 prefix
    /// - `UnderOverflow` — fee-amount arithmetic overflows
    ///
    /// [TIP-1033]: <https://docs.tempo.xyz/protocol/tips/tip-1033>
    pub fn plan_fee_route(
        &self,
        user_token: Address,
        validator_token: Address,
        max_amount: U256,
    ) -> Result<(Option<FeeRoute>, Option<Address>, Vec<PoolData>)> {
        let mut data = Vec::new();

        if user_token == validator_token {
            return Ok((Some(FeeRoute::SameToken), None, data));
        }

        // Direct (single-hop) path — always checked.
        let direct = self.pools[self.pool_id(user_token, validator_token)].read()?;
        data.push((
            (user_token, validator_token),
            direct.reserve_validator_token,
        ));
        let amount_out = compute_amount_out(max_amount)?;
        if amount_out <= U256::from(direct.reserve_validator_token) {
            return Ok((Some(FeeRoute::Direct), None, data));
        }

        // T5+: two-hop fallback through `userToken.quoteToken()`.
        if !self.storage.spec().is_t5() {
            return Ok((None, None, data));
        }

        // TIP-20 token graph forbids self-quoting, so `intermediate == user_token` is unreachable.
        let mid_token = TIP20Token::from_address(user_token)?.quote_token()?;
        if mid_token.is_zero() || mid_token == validator_token {
            return Ok((None, Some(mid_token), data));
        }

        // First leg: user_token -> intermediate.
        let leg1 = self.pools[self.pool_id(user_token, mid_token)].read()?;
        data.push(((user_token, mid_token), leg1.reserve_validator_token));
        if amount_out > U256::from(leg1.reserve_validator_token) {
            return Ok((None, Some(mid_token), data));
        }

        // Second leg: intermediate -> validator_token.
        let amount_out2 = compute_amount_out(amount_out)?;
        let leg2 = self.pools[self.pool_id(mid_token, validator_token)].read()?;
        data.push(((mid_token, validator_token), leg2.reserve_validator_token));
        if amount_out2 > U256::from(leg2.reserve_validator_token) {
            return Ok((None, Some(mid_token), data));
        }

        Ok((Some(FeeRoute::TwoHop(mid_token)), Some(mid_token), data))
    }

    /// Executes a fee swap, converting `user_token` to `validator_token` at a fixed rate m = 0.997
    /// Called internally by [`TipFeeManager::collect_fee_post_tx`] during post-tx fee collection.
    ///
    /// # Errors
    /// - `InsufficientLiquidity` — pool validator-token reserve is below the required output
    /// - `UnderOverflow` — reserve arithmetic overflows or amounts exceed `u128`
    pub fn execute_fee_swap(
        &mut self,
        user_token: Address,
        validator_token: Address,
        amount_in: U256,
    ) -> Result<U256> {
        let pool_id = self.pool_id(user_token, validator_token);
        let mut pool = self.pools[pool_id].read()?;

        // Calculate output at fixed price m = 0.9970
        let amount_out = compute_amount_out(amount_in)?;

        // Check if there's enough validatorToken available
        if amount_out > U256::from(pool.reserve_validator_token) {
            return Err(TIPFeeAMMError::insufficient_liquidity().into());
        }

        // Update reserves
        let amount_in_u128: u128 = amount_in
            .try_into()
            .map_err(|_| TempoPrecompileError::under_overflow())?;
        let amount_out_u128: u128 = amount_out
            .try_into()
            .map_err(|_| TempoPrecompileError::under_overflow())?;

        pool.reserve_user_token = pool
            .reserve_user_token
            .checked_add(amount_in_u128)
            .ok_or(TempoPrecompileError::under_overflow())?;
        pool.reserve_validator_token = pool
            .reserve_validator_token
            .checked_sub(amount_out_u128)
            .ok_or(TempoPrecompileError::under_overflow())?;

        self.pools[pool_id].write(pool)?;

        Ok(amount_out)
    }

    /// Returns the total supply of LP tokens for the given pool.
    pub fn get_total_supply(&self, pool_id: B256) -> Result<U256> {
        self.total_supply[pool_id].read()
    }

    /// Set total supply of LP tokens for a pool
    fn set_total_supply(&mut self, pool_id: B256, total_supply: U256) -> Result<()> {
        self.total_supply[pool_id].write(total_supply)
    }

    /// Returns the LP token balance for `user` in the given pool.
    pub fn get_liquidity_balances(&self, pool_id: B256, user: Address) -> Result<U256> {
        self.liquidity_balances[pool_id][user].read()
    }

    /// Set user's LP token balance
    fn set_liquidity_balances(
        &mut self,
        pool_id: B256,
        user: Address,
        balance: U256,
    ) -> Result<()> {
        self.liquidity_balances[pool_id][user].write(balance)
    }
}

#[cfg(test)]
mod tests {
    use alloy::primitives::Address;
    use tempo_chainspec::hardfork::TempoHardfork;
    use tempo_contracts::precompiles::TIP20Error;

    use super::*;
    use crate::{
        error::TempoPrecompileError,
        storage::{ContractStorage, StorageCtx, hashmap::HashMapStorageProvider},
        test_util::TIP20Setup,
        tip_fee_manager::TIPFeeAMMError,
    };

    /// Integer square root using the Babylonian method
    fn sqrt(x: U256) -> U256 {
        if x == U256::ZERO {
            return U256::ZERO;
        }
        let mut z = (x + U256::ONE) / uint!(2_U256);
        let mut y = x;
        while z < y {
            y = z;
            z = (x / z + z) / uint!(2_U256);
        }
        y
    }

    /// Sets up a pool with initial liquidity for testing
    fn setup_pool_with_liquidity(
        amm: &mut TipFeeManager,
        user_token: Address,
        validator_token: Address,
        user_amount: U256,
        validator_amount: U256,
    ) -> Result<B256> {
        let pool_id = amm.pool_id(user_token, validator_token);
        let pool = Pool {
            reserve_user_token: user_amount.try_into().unwrap(),
            reserve_validator_token: validator_amount.try_into().unwrap(),
        };
        amm.pools[pool_id].write(pool)?;
        let liquidity = sqrt(user_amount * validator_amount);
        amm.total_supply[pool_id].write(liquidity)?;
        Ok(pool_id)
    }

    #[test]
    fn test_mint_identical_addresses() -> eyre::Result<()> {
        let mut storage = HashMapStorageProvider::new(1);
        let admin = Address::random();
        StorageCtx::enter(&mut storage, || {
            let token = TIP20Setup::create("Test", "TST", admin).apply()?;
            let mut amm = TipFeeManager::new();
            let result = amm.mint(
                admin,
                token.address(),
                token.address(),
                U256::from(1000),
                admin,
            );
            assert!(matches!(
                result,
                Err(TempoPrecompileError::TIPFeeAMMError(
                    TIPFeeAMMError::IdenticalAddresses(_)
                ))
            ));
            Ok(())
        })
    }

    #[test]
    fn test_burn_identical_addresses() -> eyre::Result<()> {
        let mut storage = HashMapStorageProvider::new(1);
        let admin = Address::random();
        StorageCtx::enter(&mut storage, || {
            let token = TIP20Setup::create("Test", "TST", admin).apply()?;
            let mut amm = TipFeeManager::new();
            let result = amm.burn(
                admin,
                token.address(),
                token.address(),
                U256::from(1000),
                admin,
            );
            assert!(matches!(
                result,
                Err(TempoPrecompileError::TIPFeeAMMError(
                    TIPFeeAMMError::IdenticalAddresses(_)
                ))
            ));
            Ok(())
        })
    }

    #[test]
    fn test_rebalance_swap_insufficient_funds() -> eyre::Result<()> {
        let mut storage = HashMapStorageProvider::new(1);
        let admin = Address::random();
        let to = Address::random();
        StorageCtx::enter(&mut storage, || {
            let user_token = TIP20Setup::create("UserToken", "UTK", admin).apply()?;
            let validator_token = TIP20Setup::create("ValidatorToken", "VTK", admin).apply()?;

            let mut amm = TipFeeManager::new();
            let amount = uint!(100000_U256) * uint!(10_U256).pow(U256::from(6));
            setup_pool_with_liquidity(
                &mut amm,
                user_token.address(),
                validator_token.address(),
                amount,
                amount,
            )?;

            let result = amm.rebalance_swap(
                admin,
                user_token.address(),
                validator_token.address(),
                amount + U256::ONE,
                to,
            );
            assert!(matches!(
                result,
                Err(TempoPrecompileError::TIPFeeAMMError(
                    TIPFeeAMMError::InvalidAmount(_)
                ))
            ));
            Ok(())
        })
    }

    #[test]
    fn test_mint_rejects_non_usd_user_token() -> eyre::Result<()> {
        let mut storage = HashMapStorageProvider::new(1);
        let admin = Address::random();
        StorageCtx::enter(&mut storage, || {
            let eur_token = TIP20Setup::create("EuroToken", "EUR", admin)
                .currency("EUR")
                .apply()?;
            let usd_token = TIP20Setup::create("USDToken", "USD", admin).apply()?;
            let mut amm = TipFeeManager::new();

            let result = amm.mint(
                admin,
                eur_token.address(),
                usd_token.address(),
                U256::from(1000),
                admin,
            );
            assert!(matches!(
                result,
                Err(TempoPrecompileError::TIP20(TIP20Error::InvalidCurrency(_)))
            ));

            let result = amm.mint(
                admin,
                usd_token.address(),
                eur_token.address(),
                U256::from(1000),
                admin,
            );
            assert!(matches!(
                result,
                Err(TempoPrecompileError::TIP20(TIP20Error::InvalidCurrency(_)))
            ));
            Ok(())
        })
    }

    #[test]
    fn test_burn_rejects_non_usd_tokens() -> eyre::Result<()> {
        let mut storage = HashMapStorageProvider::new(1);
        let admin = Address::random();
        StorageCtx::enter(&mut storage, || {
            let eur_token = TIP20Setup::create("EuroToken", "EUR", admin)
                .currency("EUR")
                .apply()?;
            let usd_token = TIP20Setup::create("USDToken", "USD", admin).apply()?;
            let mut amm = TipFeeManager::new();

            let result = amm.burn(
                admin,
                eur_token.address(),
                usd_token.address(),
                U256::from(1000),
                admin,
            );
            assert!(matches!(
                result,
                Err(TempoPrecompileError::TIP20(TIP20Error::InvalidCurrency(_)))
            ));

            let result = amm.burn(
                admin,
                usd_token.address(),
                eur_token.address(),
                U256::from(1000),
                admin,
            );
            assert!(matches!(
                result,
                Err(TempoPrecompileError::TIP20(TIP20Error::InvalidCurrency(_)))
            ));
            Ok(())
        })
    }

    #[test]
    fn test_mint_insufficient_amount() -> eyre::Result<()> {
        let mut storage = HashMapStorageProvider::new(1);
        let admin = Address::random();
        StorageCtx::enter(&mut storage, || {
            let user_token = TIP20Setup::create("UserToken", "UTK", admin).apply()?;
            let validator_token = TIP20Setup::create("ValidatorToken", "VTK", admin).apply()?;
            let mut amm = TipFeeManager::new();

            // MIN_LIQUIDITY = 1000, amount/2 must be > 1000, so 2000 should fail
            let insufficient = uint!(2000_U256);
            let result = amm.mint(
                admin,
                user_token.address(),
                validator_token.address(),
                insufficient,
                admin,
            );
            assert!(matches!(
                result,
                Err(TempoPrecompileError::TIPFeeAMMError(
                    TIPFeeAMMError::InsufficientLiquidity(_)
                ))
            ));
            Ok(())
        })
    }

    #[test]
    fn test_add_liquidity() -> eyre::Result<()> {
        let mut storage = HashMapStorageProvider::new(1);
        let admin = Address::random();

        StorageCtx::enter(&mut storage, || {
            let mint_amount = uint!(10000000_U256);
            let token1 = TIP20Setup::create("Token1", "TK1", admin)
                .with_issuer(admin)
                .with_mint(admin, mint_amount)
                .apply()?
                .address();
            let token2 = TIP20Setup::create("Token2", "TK2", admin)
                .with_issuer(admin)
                .with_mint(admin, mint_amount)
                .apply()?
                .address();

            let mut amm = TipFeeManager::new();
            let amount = uint!(10000_U256);
            let result = amm.mint(admin, token1, token2, amount, admin)?;
            let expected_mean = amount / uint!(2_U256);
            let expected_liquidity = expected_mean - MIN_LIQUIDITY;

            assert_eq!(result, expected_liquidity,);

            Ok(())
        })
    }

    #[test]
    fn test_calculate_burn_amounts() -> eyre::Result<()> {
        let mut storage = HashMapStorageProvider::new(1);

        StorageCtx::enter(&mut storage, || {
            let mut amm = TipFeeManager::new();

            let pool = Pool {
                reserve_user_token: 1000,
                reserve_validator_token: 1000,
            };
            let pool_id = B256::ZERO;
            amm.set_total_supply(pool_id, uint!(1000000000000000_U256))?;

            let liquidity = uint!(1_U256);
            let result = amm.calculate_burn_amounts(&pool, pool_id, liquidity);

            assert!(result.is_ok());
            let (amount_user, amount_validator) = result?;
            assert_eq!(amount_user, U256::ZERO);
            assert_eq!(amount_validator, U256::ZERO);

            Ok(())
        })
    }

    /// Test execute_fee_swap executes swap immediately and updates reserves
    #[test]
    fn test_execute_fee_swap_immediate() -> eyre::Result<()> {
        let mut storage = HashMapStorageProvider::new(1);
        let admin = Address::random();

        StorageCtx::enter(&mut storage, || {
            let user_token = TIP20Setup::create("UserToken", "UTK", admin)
                .apply()?
                .address();
            let validator_token = TIP20Setup::create("ValidatorToken", "VTK", admin)
                .apply()?
                .address();

            let mut amm = TipFeeManager::new();

            // Setup pool with 1000 tokens each
            let liquidity_amount = uint!(1000_U256);
            let pool_id = setup_pool_with_liquidity(
                &mut amm,
                user_token,
                validator_token,
                liquidity_amount,
                liquidity_amount,
            )?;

            // Execute fee swap for 100 tokens
            let amount_in = uint!(100_U256);
            let expected_out = (amount_in * M) / SCALE; // 100 * 9970 / 10000 = 99

            let amount_out = amm.execute_fee_swap(user_token, validator_token, amount_in)?;

            assert_eq!(amount_out, expected_out);

            // Verify reserves updated immediately
            let pool = amm.pools[pool_id].read()?;
            assert_eq!(
                U256::from(pool.reserve_user_token),
                liquidity_amount + amount_in
            );
            assert_eq!(
                U256::from(pool.reserve_validator_token),
                liquidity_amount - expected_out
            );

            Ok(())
        })
    }

    /// Test execute_fee_swap fails with insufficient liquidity
    #[test]
    fn test_execute_fee_swap_insufficient_liquidity() -> eyre::Result<()> {
        let mut storage = HashMapStorageProvider::new(1);
        let admin = Address::random();

        StorageCtx::enter(&mut storage, || {
            let user_token = TIP20Setup::create("UserToken", "UTK", admin)
                .apply()?
                .address();
            let validator_token = TIP20Setup::create("ValidatorToken", "VTK", admin)
                .apply()?
                .address();

            let mut amm = TipFeeManager::new();

            // Setup pool with only 100 tokens each
            let small_liquidity = uint!(100_U256);
            setup_pool_with_liquidity(
                &mut amm,
                user_token,
                validator_token,
                small_liquidity,
                small_liquidity,
            )?;

            // Try to swap 200 tokens (would need ~199 output, but only 100 available)
            let too_large_amount = uint!(200_U256);

            let result = amm.execute_fee_swap(user_token, validator_token, too_large_amount);

            assert!(matches!(
                result,
                Err(TempoPrecompileError::TIPFeeAMMError(
                    TIPFeeAMMError::InsufficientLiquidity(_)
                ))
            ));

            Ok(())
        })
    }

    /// Test fee swap rounding consistency across multiple swaps
    #[test]
    fn test_fee_swap_rounding_consistency() -> eyre::Result<()> {
        let mut storage = HashMapStorageProvider::new(1);
        let admin = Address::random();

        StorageCtx::enter(&mut storage, || {
            let user_token = TIP20Setup::create("UserToken", "UTK", admin)
                .apply()?
                .address();
            let validator_token = TIP20Setup::create("ValidatorToken", "VTK", admin)
                .apply()?
                .address();

            let mut amm = TipFeeManager::new();
            let liquidity = uint!(100000_U256) * uint!(10_U256).pow(U256::from(6));
            let pool_id = setup_pool_with_liquidity(
                &mut amm,
                user_token,
                validator_token,
                liquidity,
                liquidity,
            )?;

            let amount_in = uint!(10000_U256) * uint!(10_U256).pow(U256::from(6));
            let expected_out = (amount_in * M) / SCALE;

            let actual_out = amm.execute_fee_swap(user_token, validator_token, amount_in)?;
            assert_eq!(actual_out, expected_out, "Output should match expected");

            let pool = amm.pools[pool_id].read()?;
            assert_eq!(
                U256::from(pool.reserve_user_token),
                liquidity + amount_in,
                "User reserve should increase"
            );
            assert_eq!(
                U256::from(pool.reserve_validator_token),
                liquidity - actual_out,
                "Validator reserve should decrease"
            );

            Ok(())
        })
    }

    /// Test multiple consecutive fee swaps update reserves correctly
    #[test]
    fn test_multiple_consecutive_fee_swaps() -> eyre::Result<()> {
        let mut storage = HashMapStorageProvider::new(1);
        let admin = Address::random();

        StorageCtx::enter(&mut storage, || {
            let user_token = TIP20Setup::create("UserToken", "UTK", admin)
                .apply()?
                .address();
            let validator_token = TIP20Setup::create("ValidatorToken", "VTK", admin)
                .apply()?
                .address();

            let mut amm = TipFeeManager::new();
            let initial = uint!(100000_U256) * uint!(10_U256).pow(U256::from(6));
            let pool_id =
                setup_pool_with_liquidity(&mut amm, user_token, validator_token, initial, initial)?;

            let swap1 = uint!(1000_U256) * uint!(10_U256).pow(U256::from(6));
            let swap2 = uint!(2000_U256) * uint!(10_U256).pow(U256::from(6));
            let swap3 = uint!(3000_U256) * uint!(10_U256).pow(U256::from(6));

            let out1 = amm.execute_fee_swap(user_token, validator_token, swap1)?;
            let out2 = amm.execute_fee_swap(user_token, validator_token, swap2)?;
            let out3 = amm.execute_fee_swap(user_token, validator_token, swap3)?;

            let total_in = swap1 + swap2 + swap3;
            let total_out = out1 + out2 + out3;

            // Each swap output should be amount_in * M / SCALE
            assert_eq!(out1, (swap1 * M) / SCALE);
            assert_eq!(out2, (swap2 * M) / SCALE);
            assert_eq!(out3, (swap3 * M) / SCALE);

            let pool = amm.pools[pool_id].read()?;
            assert_eq!(U256::from(pool.reserve_user_token), initial + total_in);
            assert_eq!(
                U256::from(pool.reserve_validator_token),
                initial - total_out
            );

            Ok(())
        })
    }

    /// Test pool boundary condition
    #[test]
    fn test_pool_liquidity_boundary() -> eyre::Result<()> {
        let mut storage = HashMapStorageProvider::new(1);
        let admin = Address::random();

        StorageCtx::enter(&mut storage, || {
            let user_token = TIP20Setup::create("UserToken", "UTK", admin)
                .apply()?
                .address();
            let validator_token = TIP20Setup::create("ValidatorToken", "VTK", admin)
                .apply()?
                .address();

            let mut amm = TipFeeManager::new();
            let liquidity = uint!(100_U256) * uint!(10_U256).pow(U256::from(6));
            let pool_id = setup_pool_with_liquidity(
                &mut amm,
                user_token,
                validator_token,
                liquidity,
                liquidity,
            )?;

            let reserve = U256::from(amm.pools[pool_id].read()?.reserve_validator_token);

            // Exactly at boundary should succeed (100 * 0.997 = 99.7, which is < 100)
            let ok_amount = uint!(100_U256) * uint!(10_U256).pow(U256::from(6));
            assert!(reserve >= compute_amount_out(ok_amount)?);

            // Just over boundary should fail (101 * 0.997 = 100.697, which is > 100)
            let too_much = uint!(101_U256) * uint!(10_U256).pow(U256::from(6));
            assert!(reserve < compute_amount_out(too_much)?);

            Ok(())
        })
    }

    /// Test zero liquidity burn
    #[test]
    fn test_burn_zero_liquidity() -> eyre::Result<()> {
        let mut storage = HashMapStorageProvider::new(1);
        let admin = Address::random();

        StorageCtx::enter(&mut storage, || {
            let user_token = TIP20Setup::create("UserToken", "UTK", admin)
                .apply()?
                .address();
            let validator_token = TIP20Setup::create("ValidatorToken", "VTK", admin)
                .apply()?
                .address();

            let mut amm = TipFeeManager::new();

            let result = amm.burn(admin, user_token, validator_token, U256::ZERO, admin);

            assert!(matches!(
                result,
                Err(TempoPrecompileError::TIPFeeAMMError(
                    TIPFeeAMMError::InvalidAmount(_)
                ))
            ));

            Ok(())
        })
    }

    /// Test zero amount validator token
    #[test]
    fn test_mint_zero_amount_validator_token() -> eyre::Result<()> {
        let mut storage = HashMapStorageProvider::new(1);
        let admin = Address::random();

        StorageCtx::enter(&mut storage, || {
            let user_token = TIP20Setup::create("UserToken", "UTK", admin)
                .apply()?
                .address();
            let validator_token = TIP20Setup::create("ValidatorToken", "VTK", admin)
                .apply()?
                .address();

            let mut amm = TipFeeManager::new();

            let result = amm.mint(admin, user_token, validator_token, U256::ZERO, admin);

            assert!(matches!(
                result,
                Err(TempoPrecompileError::TIPFeeAMMError(
                    TIPFeeAMMError::InvalidAmount(_)
                ))
            ));

            Ok(())
        })
    }

    #[test]
    fn test_rebalance_swap() -> eyre::Result<()> {
        let mut storage = HashMapStorageProvider::new(1);
        let admin = Address::random();
        let recipient = Address::random();

        StorageCtx::enter(&mut storage, || {
            let mint_amount = uint!(10000000_U256);
            let mut amm = TipFeeManager::new();
            let amm_address = amm.address;

            let user_token = TIP20Setup::create("UserToken", "UTK", admin)
                .with_issuer(admin)
                .with_mint(admin, mint_amount)
                .with_mint(amm_address, mint_amount)
                .apply()?
                .address();
            let validator_token = TIP20Setup::create("ValidatorToken", "VTK", admin)
                .with_issuer(admin)
                .with_mint(admin, mint_amount)
                .apply()?
                .address();

            let liquidity = uint!(100000_U256);
            let pool_id = setup_pool_with_liquidity(
                &mut amm,
                user_token,
                validator_token,
                liquidity,
                liquidity,
            )?;

            let amount_out = uint!(1000_U256);
            let expected_in = (amount_out * N) / SCALE + U256::ONE;

            let amount_in =
                amm.rebalance_swap(admin, user_token, validator_token, amount_out, recipient)?;

            assert_eq!(amount_in, expected_in);

            let pool = amm.pools[pool_id].read()?;
            assert_eq!(U256::from(pool.reserve_user_token), liquidity - amount_out);
            assert_eq!(
                U256::from(pool.reserve_validator_token),
                liquidity + amount_in
            );

            Ok(())
        })
    }

    #[test]
    fn test_mint_subsequent_deposit() -> eyre::Result<()> {
        let mut storage = HashMapStorageProvider::new(1);
        let admin = Address::random();
        let second_user = Address::random();

        StorageCtx::enter(&mut storage, || {
            let mint_amount = uint!(100000000_U256);
            let user_token = TIP20Setup::create("UserToken", "UTK", admin)
                .with_issuer(admin)
                .with_mint(admin, mint_amount)
                .with_mint(second_user, mint_amount)
                .apply()?
                .address();
            let validator_token = TIP20Setup::create("ValidatorToken", "VTK", admin)
                .with_issuer(admin)
                .with_mint(admin, mint_amount)
                .with_mint(second_user, mint_amount)
                .apply()?
                .address();

            let mut amm = TipFeeManager::new();

            let initial_amount = uint!(100000_U256);
            let first_liquidity =
                amm.mint(admin, user_token, validator_token, initial_amount, admin)?;

            let expected_first_liquidity = initial_amount / uint!(2_U256) - MIN_LIQUIDITY;
            assert_eq!(first_liquidity, expected_first_liquidity);

            let pool_id = amm.pool_id(user_token, validator_token);
            let total_supply_after_first = amm.get_total_supply(pool_id)?;
            assert_eq!(total_supply_after_first, first_liquidity + MIN_LIQUIDITY);

            let pool_after_first = amm.pools[pool_id].read()?;
            let reserve_val = U256::from(pool_after_first.reserve_validator_token);

            let second_amount = uint!(50000_U256);
            let second_liquidity = amm.mint(
                second_user,
                user_token,
                validator_token,
                second_amount,
                second_user,
            )?;

            let expected_second_liquidity = second_amount * total_supply_after_first / reserve_val;
            assert_eq!(second_liquidity, expected_second_liquidity);

            let total_supply_after_second = amm.get_total_supply(pool_id)?;
            assert_eq!(
                total_supply_after_second,
                total_supply_after_first + second_liquidity
            );

            let admin_balance = amm.get_liquidity_balances(pool_id, admin)?;
            let second_user_balance = amm.get_liquidity_balances(pool_id, second_user)?;
            assert_eq!(admin_balance, first_liquidity);
            assert_eq!(second_user_balance, second_liquidity);

            Ok(())
        })
    }

    #[test]
    fn test_burn() -> eyre::Result<()> {
        let mut storage = HashMapStorageProvider::new(1);
        let admin = Address::random();
        let recipient = Address::random();

        StorageCtx::enter(&mut storage, || {
            let mint_amount = uint!(100000000_U256);
            let user_token = TIP20Setup::create("UserToken", "UTK", admin)
                .with_issuer(admin)
                .with_mint(admin, mint_amount)
                .apply()?
                .address();
            let validator_token = TIP20Setup::create("ValidatorToken", "VTK", admin)
                .with_issuer(admin)
                .with_mint(admin, mint_amount)
                .apply()?
                .address();

            let mut amm = TipFeeManager::new();

            let deposit_amount = uint!(100000_U256);
            let liquidity = amm.mint(admin, user_token, validator_token, deposit_amount, admin)?;

            let expected_liquidity = deposit_amount / uint!(2_U256) - MIN_LIQUIDITY;
            assert_eq!(liquidity, expected_liquidity);

            let pool_id = amm.pool_id(user_token, validator_token);
            let pool_before = amm.pools[pool_id].read()?;
            let total_supply_before = amm.get_total_supply(pool_id)?;

            let burn_amount = liquidity / uint!(2_U256);
            let (amount_user, amount_validator) =
                amm.burn(admin, user_token, validator_token, burn_amount, recipient)?;

            let expected_user =
                burn_amount * U256::from(pool_before.reserve_user_token) / total_supply_before;
            let expected_validator =
                burn_amount * U256::from(pool_before.reserve_validator_token) / total_supply_before;
            assert_eq!(amount_user, expected_user);
            assert_eq!(amount_validator, expected_validator);

            let pool_after = amm.pools[pool_id].read()?;
            let total_supply_after = amm.get_total_supply(pool_id)?;

            assert_eq!(total_supply_after, total_supply_before - burn_amount);

            let admin_balance = amm.get_liquidity_balances(pool_id, admin)?;
            assert_eq!(admin_balance, liquidity - burn_amount);

            assert_eq!(
                U256::from(pool_after.reserve_user_token),
                U256::from(pool_before.reserve_user_token) - amount_user
            );
            assert_eq!(
                U256::from(pool_after.reserve_validator_token),
                U256::from(pool_before.reserve_validator_token) - amount_validator
            );

            Ok(())
        })
    }

    #[test]
    fn test_burn_insufficient_balance() -> eyre::Result<()> {
        let mut storage = HashMapStorageProvider::new(1);
        let admin = Address::random();
        let other_user = Address::random();

        StorageCtx::enter(&mut storage, || {
            let mint_amount = uint!(100000000_U256);
            let user_token = TIP20Setup::create("UserToken", "UTK", admin)
                .with_issuer(admin)
                .with_mint(admin, mint_amount)
                .apply()?
                .address();
            let validator_token = TIP20Setup::create("ValidatorToken", "VTK", admin)
                .with_issuer(admin)
                .with_mint(admin, mint_amount)
                .apply()?
                .address();

            let mut amm = TipFeeManager::new();

            let deposit_amount = uint!(100000_U256);
            let liquidity = amm.mint(admin, user_token, validator_token, deposit_amount, admin)?;

            let result = amm.burn(
                other_user,
                user_token,
                validator_token,
                liquidity,
                other_user,
            );

            assert!(matches!(
                result,
                Err(TempoPrecompileError::TIPFeeAMMError(
                    TIPFeeAMMError::InsufficientLiquidity(_)
                ))
            ));

            Ok(())
        })
    }

    // Test zero amount rebalance swap
    #[test]
    fn test_rebalance_swap_zero_amount_out() -> eyre::Result<()> {
        let mut storage = HashMapStorageProvider::new(1);
        let admin = Address::random();
        let to = Address::random();

        StorageCtx::enter(&mut storage, || {
            let user_token = TIP20Setup::create("UserToken", "UTK", admin)
                .apply()?
                .address();
            let validator_token = TIP20Setup::create("ValidatorToken", "VTK", admin)
                .apply()?
                .address();

            let mut amm = TipFeeManager::new();

            let result = amm.rebalance_swap(admin, user_token, validator_token, U256::ZERO, to);

            assert!(matches!(
                result,
                Err(TempoPrecompileError::TIPFeeAMMError(
                    TIPFeeAMMError::InvalidAmount(_)
                ))
            ));

            Ok(())
        })
    }

    #[test]
    fn test_t1c_reserve_pool_liquidity() -> eyre::Result<()> {
        let mut storage = HashMapStorageProvider::new_with_spec(1, TempoHardfork::T1C);
        let admin = Address::random();

        StorageCtx::enter(&mut storage, || {
            let mint_amount = uint!(10000000_U256);
            let user_token = TIP20Setup::create("UserToken", "UTK", admin)
                .with_issuer(admin)
                .with_mint(admin, mint_amount)
                .apply()?
                .address();
            let validator_token = TIP20Setup::create("ValidatorToken", "VTK", admin)
                .with_issuer(admin)
                .with_mint(admin, mint_amount)
                .apply()?
                .address();

            let mut amm = TipFeeManager::new();
            let liquidity = uint!(100000_U256);
            let pool_id = setup_pool_with_liquidity(
                &mut amm,
                user_token,
                validator_token,
                liquidity,
                liquidity,
            )?;

            let max_amount = uint!(10000_U256);
            let amount_out: u128 = compute_amount_out(max_amount)?.try_into().unwrap();
            amm.reserve_pool_liquidity(pool_id, amount_out)?;

            let reserved = amm.pending_fee_swap_reservation[pool_id].t_read()?;
            let expected_reserved: u128 = compute_amount_out(max_amount)?.try_into().unwrap();
            assert_eq!(reserved, expected_reserved);

            Ok(())
        })
    }

    #[test]
    fn test_t1c_burn_respects_reservation() -> eyre::Result<()> {
        let mut storage = HashMapStorageProvider::new_with_spec(1, TempoHardfork::T1C);
        let admin = Address::random();
        let recipient = Address::random();

        StorageCtx::enter(&mut storage, || {
            let mint_amount = uint!(100000000_U256);
            let user_token = TIP20Setup::create("UserToken", "UTK", admin)
                .with_issuer(admin)
                .with_mint(admin, mint_amount)
                .apply()?
                .address();
            let validator_token = TIP20Setup::create("ValidatorToken", "VTK", admin)
                .with_issuer(admin)
                .with_mint(admin, mint_amount)
                .apply()?
                .address();

            let mut amm = TipFeeManager::new();

            let deposit_amount = uint!(100000_U256);
            let liquidity = amm.mint(admin, user_token, validator_token, deposit_amount, admin)?;

            let pool_id = amm.pool_id(user_token, validator_token);
            let pool = amm.pools[pool_id].read()?;

            // Reserve most of the validator token liquidity
            let reserve_amount = U256::from(pool.reserve_validator_token) - uint!(100_U256);
            let amount_out: u128 = compute_amount_out(reserve_amount)?.try_into().unwrap();
            amm.reserve_pool_liquidity(pool_id, amount_out)?;

            let result = amm.burn(admin, user_token, validator_token, liquidity, recipient);
            assert!(matches!(
                result,
                Err(TempoPrecompileError::TIPFeeAMMError(
                    TIPFeeAMMError::InsufficientLiquidity(_)
                ))
            ));

            Ok(())
        })
    }

    #[test]
    fn test_t1c_partial_burn_with_reservation() -> eyre::Result<()> {
        let mut storage = HashMapStorageProvider::new_with_spec(1, TempoHardfork::T1C);
        let admin = Address::random();
        let recipient = Address::random();

        StorageCtx::enter(&mut storage, || {
            let mint_amount = uint!(100000000_U256);
            let user_token = TIP20Setup::create("UserToken", "UTK", admin)
                .with_issuer(admin)
                .with_mint(admin, mint_amount)
                .apply()?
                .address();
            let validator_token = TIP20Setup::create("ValidatorToken", "VTK", admin)
                .with_issuer(admin)
                .with_mint(admin, mint_amount)
                .apply()?
                .address();

            let mut amm = TipFeeManager::new();

            let deposit_amount = uint!(100000_U256);
            let liquidity = amm.mint(admin, user_token, validator_token, deposit_amount, admin)?;

            let pool_id = amm.pool_id(user_token, validator_token);
            let small_reserve = uint!(1000_U256);
            let amount_out: u128 = compute_amount_out(small_reserve)?.try_into().unwrap();
            amm.reserve_pool_liquidity(pool_id, amount_out)?;

            let small_burn = liquidity / uint!(10_U256);
            let result = amm.burn(admin, user_token, validator_token, small_burn, recipient);

            assert!(result.is_ok());

            Ok(())
        })
    }

    #[test]
    fn test_t1c_rebalance_swap_respects_reservation() -> eyre::Result<()> {
        let mut storage = HashMapStorageProvider::new_with_spec(1, TempoHardfork::T1C);
        let admin = Address::random();
        let to = Address::random();

        StorageCtx::enter(&mut storage, || {
            let mint_amount = uint!(100000000_U256);
            let mut amm = TipFeeManager::new();
            let amm_address = amm.address;
            let user_token = TIP20Setup::create("UserToken", "UTK", admin)
                .with_issuer(admin)
                .with_mint(admin, mint_amount)
                .with_mint(amm_address, mint_amount)
                .apply()?
                .address();
            let validator_token = TIP20Setup::create("ValidatorToken", "VTK", admin)
                .with_issuer(admin)
                .with_mint(admin, mint_amount)
                .apply()?
                .address();

            let liq = uint!(100000_U256);
            let pool_id =
                setup_pool_with_liquidity(&mut amm, user_token, validator_token, liq, liq)?;

            let amount_out: u128 = compute_amount_out(uint!(50000_U256))?.try_into().unwrap();
            amm.reserve_pool_liquidity(pool_id, amount_out)?;

            amm.rebalance_swap(admin, user_token, validator_token, uint!(5000_U256), to)?;
            let pool = amm.pools[pool_id].read()?;
            let reserved = amm.pending_fee_swap_reservation[pool_id].t_read()?;
            assert!(pool.reserve_validator_token >= reserved);

            Ok(())
        })
    }

    #[test]
    fn test_pre_t1c_rebalance_swap_skips_reservation() -> eyre::Result<()> {
        let mut storage = HashMapStorageProvider::new_with_spec(1, TempoHardfork::T1B);
        let admin = Address::random();
        let to = Address::random();

        StorageCtx::enter(&mut storage, || {
            let mint_amount = uint!(100000000_U256);
            let mut amm = TipFeeManager::new();
            let amm_address = amm.address;
            let user_token = TIP20Setup::create("UserToken", "UTK", admin)
                .with_issuer(admin)
                .with_mint(admin, mint_amount)
                .with_mint(amm_address, mint_amount)
                .apply()?
                .address();
            let validator_token = TIP20Setup::create("ValidatorToken", "VTK", admin)
                .with_issuer(admin)
                .with_mint(admin, mint_amount)
                .apply()?
                .address();

            let liq = uint!(100000_U256);
            setup_pool_with_liquidity(&mut amm, user_token, validator_token, liq, liq)?;
            assert!(
                amm.rebalance_swap(admin, user_token, validator_token, uint!(5000_U256), to)
                    .is_ok()
            );

            Ok(())
        })
    }

    #[test]
    fn test_pre_t1c_no_reservation() -> eyre::Result<()> {
        let mut storage = HashMapStorageProvider::new_with_spec(1, TempoHardfork::T1B);
        let admin = Address::random();
        let recipient = Address::random();

        StorageCtx::enter(&mut storage, || {
            let mint_amount = uint!(100000000_U256);
            let user_token = TIP20Setup::create("UserToken", "UTK", admin)
                .with_issuer(admin)
                .with_mint(admin, mint_amount)
                .apply()?
                .address();
            let validator_token = TIP20Setup::create("ValidatorToken", "VTK", admin)
                .with_issuer(admin)
                .with_mint(admin, mint_amount)
                .apply()?
                .address();

            let mut amm = TipFeeManager::new();

            let deposit_amount = uint!(100000_U256);
            let liquidity = amm.mint(admin, user_token, validator_token, deposit_amount, admin)?;

            let result = amm.burn(admin, user_token, validator_token, liquidity, recipient);
            assert!(result.is_ok());

            Ok(())
        })
    }
}