ManagerWithMerkleVerification
Inherits: Auth
State Variables
manageRoot
A merkle tree root that restricts what data can be passed to the BoringVault.
Maps a strategist address to their specific merkle root.
*Each leaf is composed of the keccak256 hash of abi.encodePacked {decodersAndSanitizer, target, valueIsNonZero, selector, argumentAddress_0, ...., argumentAddress_N} Where:
decodersAndSanitizer is the address to call to extract packed address arguments from the calldata
target is the address to make the call to
valueIsNonZero is a bool indicating whether or not the value is non-zero
selector is the function selector on target
argumentAddress is each allowed address argument in that call*
mapping(address => bytes32) public manageRoot;
performingFlashLoan
Bool indicating whether or not this contract is actively performing a flash loan.
Used to block flash loans that are initiated outside a manage call.
bool internal performingFlashLoan;
flashLoanIntentHash
keccak256 hash of flash loan data.
bytes32 internal flashLoanIntentHash = bytes32(0);
isPaused
Used to pause calls to manageVaultWithMerkleVerification
.
bool public isPaused;
vault
The BoringVault this contract can manage.
BoringVault public immutable vault;
balancerVault
The balancer vault this contract can use for flash loans.
BalancerVault public immutable balancerVault;
Functions
constructor
constructor(address _owner, address _vault, address _balancerVault) Auth(_owner, Authority(address(0)));
setManageRoot
Sets the manageRoot.
Callable by OWNER_ROLE.
function setManageRoot(address strategist, bytes32 _manageRoot) external requiresAuth;
pause
Pause this contract, which prevents future calls to manageVaultWithMerkleVerification
.
Callable by MULTISIG_ROLE.
function pause() external requiresAuth;
unpause
Unpause this contract, which allows future calls to manageVaultWithMerkleVerification
.
Callable by MULTISIG_ROLE.
function unpause() external requiresAuth;
manageVaultWithMerkleVerification
Allows strategist to manage the BoringVault.
The strategist must provide a merkle proof for every call that verifiees they are allowed to make that call.
Callable by MANAGER_INTERNAL_ROLE.
Callable by STRATEGIST_ROLE.
Callable by MICRO_MANAGER_ROLE.
function manageVaultWithMerkleVerification(
bytes32[][] calldata manageProofs,
address[] calldata decodersAndSanitizers,
address[] calldata targets,
bytes[] calldata targetData,
uint256[] calldata values
)
external
requiresAuth;
flashLoan
In order to perform a flash loan,
Merkle root must contain the leaf(address(this), this.flashLoan.selector, ARGUMENT_ADDRESSES ...)
Strategist must initiate the flash loan using
manageVaultWithMerkleVerification
balancerVault MUST callback to this contract with the same userData
function flashLoan(
address recipient,
address[] calldata tokens,
uint256[] calldata amounts,
bytes calldata userData
)
external;
receiveFlashLoan
Add support for balancer flash loans.
userData can optionally have salt encoded at the end of it, in order to change the intentHash, if a flash loan is exact userData is being repeated, and their is fear of 3rd parties front-running the rebalance.
function receiveFlashLoan(
address[] calldata tokens,
uint256[] calldata amounts,
uint256[] calldata feeAmounts,
bytes calldata userData
)
external;
_verifyCallData
Helper function to decode, sanitize, and verify call data.
function _verifyCallData(
bytes32 currentManageRoot,
bytes32[] calldata manageProof,
address decoderAndSanitizer,
address target,
uint256 value,
bytes calldata targetData
)
internal
view;
_verifyManageProof
Helper function to verify a manageProof is valid.
function _verifyManageProof(
bytes32 root,
bytes32[] calldata proof,
address target,
address decoderAndSanitizer,
uint256 value,
bytes4 selector,
bytes memory packedArgumentAddresses
)
internal
pure
returns (bool);
Events
ManageRootUpdated
event ManageRootUpdated(address indexed strategist, bytes32 oldRoot, bytes32 newRoot);
BoringVaultManaged
event BoringVaultManaged(uint256 callsMade);
Paused
event Paused();
Unpaused
event Unpaused();
Errors
ManagerWithMerkleVerification__InvalidManageProofLength
error ManagerWithMerkleVerification__InvalidManageProofLength();
ManagerWithMerkleVerification__InvalidTargetDataLength
error ManagerWithMerkleVerification__InvalidTargetDataLength();
ManagerWithMerkleVerification__InvalidValuesLength
error ManagerWithMerkleVerification__InvalidValuesLength();
ManagerWithMerkleVerification__InvalidDecodersAndSanitizersLength
error ManagerWithMerkleVerification__InvalidDecodersAndSanitizersLength();
ManagerWithMerkleVerification__FlashLoanNotExecuted
error ManagerWithMerkleVerification__FlashLoanNotExecuted();
ManagerWithMerkleVerification__FlashLoanNotInProgress
error ManagerWithMerkleVerification__FlashLoanNotInProgress();
ManagerWithMerkleVerification__BadFlashLoanIntentHash
error ManagerWithMerkleVerification__BadFlashLoanIntentHash();
ManagerWithMerkleVerification__FailedToVerifyManageProof
error ManagerWithMerkleVerification__FailedToVerifyManageProof(address target, bytes targetData, uint256 value);
ManagerWithMerkleVerification__Paused
error ManagerWithMerkleVerification__Paused();
ManagerWithMerkleVerification__OnlyCallableByBoringVault
error ManagerWithMerkleVerification__OnlyCallableByBoringVault();
ManagerWithMerkleVerification__OnlyCallableByBalancerVault
error ManagerWithMerkleVerification__OnlyCallableByBalancerVault();
ManagerWithMerkleVerification__TotalSupplyMustRemainConstantDuringManagement
error ManagerWithMerkleVerification__TotalSupplyMustRemainConstantDuringManagement();
Was this helpful?