Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom

No min timelock at initialisation #7

Merged
merged 25 commits into from
Aug 18, 2024
Merged

No min timelock at initialisation #7

merged 25 commits into from
Aug 18, 2024

Conversation

MathisGD
Copy link
Contributor

@MathisGD MathisGD commented Aug 9, 2024
edited
Loading

Remove the minimum timelock at construction, to allow vaults manager to setup their vaults faster (list new markets).

Then the timelock can only be set to a value between the min and the max timelock.

Note that for the formal verification, we are now required to assume that the block timestamp is not zero, because it could mean that you could set a pending value valid at timestamp 0 (as the timelock is zero), which the code does not expect. And also on the timelock bounds, now the min bound is zero.

@MathisGD MathisGD self-assigned this Aug 9, 2024
@MathisGD MathisGD changed the base branch from main to feat/no-share-price-decrease-2 August 9, 2024 12:12
MerlinEgalite
MerlinEgalite reviewed Aug 9, 2024
View reviewed changes
src/MetaMorpho.sol Outdated Show resolved Hide resolved
peyha
peyha reviewed Aug 9, 2024
View reviewed changes
README.md Outdated Show resolved Hide resolved
QGarchery
QGarchery approved these changes Aug 13, 2024
View reviewed changes
Copy link
Contributor

@QGarchery QGarchery left a comment

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

LGTM

test/forge/DeploymentTest.sol Outdated Show resolved Hide resolved
@adhusson
Copy link
Contributor

This seems to significantly increase the attack possibilities by the owner and curator because reducing the timelock to 0 does not look like an attack in itself and can be accepted under emergencies, and then the actual attack happens.

If it's only required for vault setup, would it be enough to either 1) disable the timelock during the creation block, or 2) allow an initial timelock of 0 that can only move away from 0?

@adhusson adhusson mentioned this pull request Aug 16, 2024
Merged
@adhusson
Copy link
Contributor

I did not find a simple, cheap way to allow changes within the contract creation block only.

Here is a version where the initial timelock can be 0 but no timelock change can set it to 0: #19

@MathisGD MathisGD changed the title No min timelock No min timelock at initialisation Aug 17, 2024
@MathisGD MathisGD merged commit 1a4aba1 into feat/no-share-price-decrease-2 Aug 18, 2024
22 checks passed
@MathisGD MathisGD deleted the feat/other-features branch August 18, 2024 17:20
@MathisGD MathisGD mentioned this pull request Aug 18, 2024
Merged
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Reviewers

@peyha peyha peyha left review comments

@Rubilmax Rubilmax Rubilmax approved these changes

@Jean-Grimal Jean-Grimal Jean-Grimal approved these changes

@MerlinEgalite MerlinEgalite MerlinEgalite approved these changes

@QGarchery QGarchery QGarchery approved these changes

@adhusson adhusson adhusson approved these changes

Assignees

@MathisGD MathisGD

Labels
None yet
Projects
None yet
Milestone
No milestone
Development

Successfully merging this pull request may close these issues.
7 participants
@MathisGD @adhusson @Rubilmax @QGarchery @MerlinEgalite @peyha @Jean-Grimal