Security
The
Vault
is designed to issue tokens proportional to amount of funds the user deposits. It's meant to issue new tokens or burn existing tokens only when all the fund values are updated. Vault
uses TradeExecutor
contracts to invest the user funds in various protocols. The funds of mainnet TradeExecutor
are updated on a block by block basis. While those interact with other L2 protocols, the funds are updated by keeper in order to process deposits/withdrawals.- Key Functionalities
deposit
- Mint to new vault tokens representing user's share of funds.withdraw
- Burn the vault tokens and transfer the amount to user's wallet.depositIntoExecutor
- Deposits funds into the executor contract to be used for making trades on protocolwithdrawFromExecutor
- Withdraw funds from executor in order to process user withdrawal request.collectFees
- Calims the fees from the yield generated on user funds to governance.
Role Name | Access | Description |
---|---|---|
Governance | Mutable by current Governance role | Allows to add/remove new TradeExecutors on vault . Update any new addresses on batcher and keeper . |
Keeper | Mutable by Governance role | Main operation is move funds across the current TradeExecutors on vault . |
The
vault
contract is responsible for issuing erc20 tokens representing user share based on the total funds it holds. The vault
also keeps the track of funds invested in trade executors. So trade executor funds should be updated before processing any deposits or withdrawals. vault computes the yield it generated between different harvest cycles to process the fees. Keeper
maintains the list of TradeExecutors
and batcher
makes sure there is always enough collateral on vault
to process any user withdrawals.When trade executor funds are updated incorrectly the users might be issued an incorrect amount of tokens. This can be prevented by updating the trade executor funds before processing the deposit and simulating the txn on the new update.
- In case of emergency, the deposits/withdrawals are disabled by taking the
vault
in emergency mode withsetEmergencyMode
function. - All the funds will be recalled from
TradeExecutors
tovault
to reduce attack impact. - Only
Governance
can enable back the deposits/withdrawals after an emergency.
We assume that for
TradeExecutors
that move funds to L2 protocols, their funds are updated correctly by Keeper
as they aren't available solutions to update the state of l2 contract funds. We are exploring solutions with layerZero and anyswap call for this to prevent centralization risk.
Last modified 8mo ago