# Checklist For Code Review ## Goals {pending} ### Checklists #### Due Diligences (DD) - Details about: - Multisig - Timelock - Alerts & Monitoring #### Strategies (v2 & v3) ##### Integrations - Curve Finance - [ ] The `get_dy` function is useful **only for `frontend`**. - [ ] Use `price_oracle` (Curve Finance v2) or `virtual_price` (Curve v1) functions **in contracts**. - Balancer - [ ] Correct use of the `getRate` function. // what would be the incorrect way? - Uniswap v2 - [ ] Correct use of the `reserves()` function. // what would be the incorrect way to look out for? - [ ] Use a valid deadline parameter (don't use `block.timestamp`) in AMM like Uniswap. Source [here](https://twitter.com/bytes032/status/1661344118704881668?s=46&t=UFYDwPbS6gChNtzZEDcnPA). - Lending / Borrowing - Verify the types of collateral and borrowing assets (`siloed borrowing` and `isolation mode`). They **must not** are mixed together. Source [here](https://twitter.com/0x3b338/status/1661991662661369856?s=20). ##### Math/Calculations - [ ] If using division and multiplication, be sure precision is not affected by dividing before multiplication. see: https://dacian.me/precision-loss-errors #### Integrations With Vaults - [ ] All deposit calls to yearn vaults need to check return value for actual deposited amount, dont assume the complete amount in `deposit()` method will be use because of deposit limit settings. - [ ] The `fourThreeProtection` is for use in vaults with the withdrawal queue (<0.4.3). I purposely left it unexplained because that bug isn't yet disclosed and we still have vaults in production with the bug. So if you are using 0.3.2-0.4.1 fourThreeProtection should be active - [ ] - Source: [https://github.com/yearn/yearn-strategies/issues/171#issuecomment-951573237](https://github.com/yearn/yearn-strategies/issues/171#issuecomment-951573237)