# ManagerWithMerkleVerification

[Git Source](https://github.com/Ion-Protocol/nucleus-boring-vault/blob/cc0b494b83e17b9b169a73b96050d2810b690477/src/base/Roles/ManagerWithMerkleVerification.sol)

**Inherits:** Auth

## State Variables

### manageRoot

A merkle tree root that restricts what data can be passed to the BoringVault.

*Maps a strategist address to their specific merkle root.*

\*Each leaf is composed of the keccak256 hash of abi.encodePacked {decodersAndSanitizer, target, valueIsNonZero, selector, argumentAddress\_0, ...., argumentAddress\_N} Where:

* decodersAndSanitizer is the address to call to extract packed address arguments from the calldata
* target is the address to make the call to
* valueIsNonZero is a bool indicating whether or not the value is non-zero
* selector is the function selector on target
* argumentAddress is each allowed address argument in that call\*

```solidity
mapping(address => bytes32) public manageRoot;
```

### performingFlashLoan

Bool indicating whether or not this contract is actively performing a flash loan.

*Used to block flash loans that are initiated outside a manage call.*

```solidity
bool internal performingFlashLoan;
```

### flashLoanIntentHash

keccak256 hash of flash loan data.

```solidity
bytes32 internal flashLoanIntentHash = bytes32(0);
```

### isPaused

Used to pause calls to `manageVaultWithMerkleVerification`.

```solidity
bool public isPaused;
```

### vault

The BoringVault this contract can manage.

```solidity
BoringVault public immutable vault;
```

### balancerVault

The balancer vault this contract can use for flash loans.

```solidity
BalancerVault public immutable balancerVault;
```

## Functions

### constructor

```solidity
constructor(address _owner, address _vault, address _balancerVault) Auth(_owner, Authority(address(0)));
```

### setManageRoot

Sets the manageRoot.

*Callable by OWNER\_ROLE.*

```solidity
function setManageRoot(address strategist, bytes32 _manageRoot) external requiresAuth;
```

### pause

Pause this contract, which prevents future calls to `manageVaultWithMerkleVerification`.

*Callable by MULTISIG\_ROLE.*

```solidity
function pause() external requiresAuth;
```

### unpause

Unpause this contract, which allows future calls to `manageVaultWithMerkleVerification`.

*Callable by MULTISIG\_ROLE.*

```solidity
function unpause() external requiresAuth;
```

### manageVaultWithMerkleVerification

Allows strategist to manage the BoringVault.

*The strategist must provide a merkle proof for every call that verifiees they are allowed to make that call.*

*Callable by MANAGER\_INTERNAL\_ROLE.*

*Callable by STRATEGIST\_ROLE.*

*Callable by MICRO\_MANAGER\_ROLE.*

```solidity
function manageVaultWithMerkleVerification(
    bytes32[][] calldata manageProofs,
    address[] calldata decodersAndSanitizers,
    address[] calldata targets,
    bytes[] calldata targetData,
    uint256[] calldata values
)
    external
    requiresAuth;
```

### flashLoan

In order to perform a flash loan,

1. Merkle root must contain the leaf(address(this), this.flashLoan.selector, ARGUMENT\_ADDRESSES ...)
2. Strategist must initiate the flash loan using `manageVaultWithMerkleVerification`
3. balancerVault MUST callback to this contract with the same userData

```solidity
function flashLoan(
    address recipient,
    address[] calldata tokens,
    uint256[] calldata amounts,
    bytes calldata userData
)
    external;
```

### receiveFlashLoan

Add support for balancer flash loans.

*userData can optionally have salt encoded at the end of it, in order to change the intentHash, if a flash loan is exact userData is being repeated, and their is fear of 3rd parties front-running the rebalance.*

```solidity
function receiveFlashLoan(
    address[] calldata tokens,
    uint256[] calldata amounts,
    uint256[] calldata feeAmounts,
    bytes calldata userData
)
    external;
```

### \_verifyCallData

Helper function to decode, sanitize, and verify call data.

```solidity
function _verifyCallData(
    bytes32 currentManageRoot,
    bytes32[] calldata manageProof,
    address decoderAndSanitizer,
    address target,
    uint256 value,
    bytes calldata targetData
)
    internal
    view;
```

### \_verifyManageProof

Helper function to verify a manageProof is valid.

```solidity
function _verifyManageProof(
    bytes32 root,
    bytes32[] calldata proof,
    address target,
    address decoderAndSanitizer,
    uint256 value,
    bytes4 selector,
    bytes memory packedArgumentAddresses
)
    internal
    pure
    returns (bool);
```

## Events

### ManageRootUpdated

```solidity
event ManageRootUpdated(address indexed strategist, bytes32 oldRoot, bytes32 newRoot);
```

### BoringVaultManaged

```solidity
event BoringVaultManaged(uint256 callsMade);
```

### Paused

```solidity
event Paused();
```

### Unpaused

```solidity
event Unpaused();
```

## Errors

### ManagerWithMerkleVerification\_\_InvalidManageProofLength

```solidity
error ManagerWithMerkleVerification__InvalidManageProofLength();
```

### ManagerWithMerkleVerification\_\_InvalidTargetDataLength

```solidity
error ManagerWithMerkleVerification__InvalidTargetDataLength();
```

### ManagerWithMerkleVerification\_\_InvalidValuesLength

```solidity
error ManagerWithMerkleVerification__InvalidValuesLength();
```

### ManagerWithMerkleVerification\_\_InvalidDecodersAndSanitizersLength

```solidity
error ManagerWithMerkleVerification__InvalidDecodersAndSanitizersLength();
```

### ManagerWithMerkleVerification\_\_FlashLoanNotExecuted

```solidity
error ManagerWithMerkleVerification__FlashLoanNotExecuted();
```

### ManagerWithMerkleVerification\_\_FlashLoanNotInProgress

```solidity
error ManagerWithMerkleVerification__FlashLoanNotInProgress();
```

### ManagerWithMerkleVerification\_\_BadFlashLoanIntentHash

```solidity
error ManagerWithMerkleVerification__BadFlashLoanIntentHash();
```

### ManagerWithMerkleVerification\_\_FailedToVerifyManageProof

```solidity
error ManagerWithMerkleVerification__FailedToVerifyManageProof(address target, bytes targetData, uint256 value);
```

### ManagerWithMerkleVerification\_\_Paused

```solidity
error ManagerWithMerkleVerification__Paused();
```

### ManagerWithMerkleVerification\_\_OnlyCallableByBoringVault

```solidity
error ManagerWithMerkleVerification__OnlyCallableByBoringVault();
```

### ManagerWithMerkleVerification\_\_OnlyCallableByBalancerVault

```solidity
error ManagerWithMerkleVerification__OnlyCallableByBalancerVault();
```

### ManagerWithMerkleVerification\_\_TotalSupplyMustRemainConstantDuringManagement

```solidity
error ManagerWithMerkleVerification__TotalSupplyMustRemainConstantDuringManagement();
```


---

# Agent Instructions: Querying This Documentation

If you need additional information that is not directly available in this page, you can query the documentation dynamically by asking a question.

Perform an HTTP GET request on the current page URL with the `ask` query parameter:

```
GET https://docs.nucleusearn.io/nucleus-architecture/smart-contracts/contracts/base/roles/managerwithmerkleverification.md?ask=<question>
```

The question should be specific, self-contained, and written in natural language.
The response will contain a direct answer to the question and relevant excerpts and sources from the documentation.

Use this mechanism when the answer is not explicitly present in the current page, you need clarification or additional context, or you want to retrieve related documentation sections.