The Bricking Point: Analyzing Permanent Fund Loss in Panoptic’s SFPM

Executive Summary During a deep-dive security analysis of the Panoptic protocol (v1.1.x), I identified a critical vulnerability within the SemiFungiblePositionManager (SFPM). The issue, which I’ve categorized as Permanent Bricking, allows for a scenario where user liquidity becomes mathematically "un-burnable." Due to precision loss and rounding discrepancies in the core math libraries, certain positions can enter a state of deadlock, resulting in a 100% loss of funds for the affected user. Technical Context: The Role of SFPM Panoptic is a groundbreaking protocol for perpetual options built on top of Uniswap V3. At its heart lies the SFPM, which manages Uniswap V3 liquidity positions by wrapping them into ERC-1155 tokens. While conducting the audit, I utilized the protocol's deployment configurations (deployment-info.json) to identify the target contract. By tracing the CREATE2 Salt (0x82bf455e9ebd6a541ef10b683de1edcaf05ce7a136f15df6a78bf60145fff15c), I was able to isolate the SFPM log