diff --git a/erc4626/MorphoVaults/Gauntlet.md b/erc4626/MorphoVaults/V1-Incompatible-Gauntlet.md similarity index 91% rename from erc4626/MorphoVaults/Gauntlet.md rename to erc4626/MorphoVaults/V1-Incompatible-Gauntlet.md index 421c72a..0b6c24d 100644 --- a/erc4626/MorphoVaults/Gauntlet.md +++ b/erc4626/MorphoVaults/V1-Incompatible-Gauntlet.md @@ -35,7 +35,7 @@ If none of these is checked, then this might be a pretty great Rate Provider! If To save time, we do not bother pointing out low-severity/informational issues or gas optimizations (unless the gas usage is particularly egregious). Instead, we focus only on high- and medium-severity findings which materially impact the contract's functionality and could harm users. ## Conclusion -**Summary judgment: USABLE** +**Summary judgment: UNUSABLE** -The outlined ERC4626 Vaults should work well with Balancer pools. The Vaults implement the required interfaces with fork tests passing as can be seen at: +The outlined ERC4626 Vaults will not work well with Balancer pools due to a flash loan incompatibility on Morpho Vaults . The Vaults implement the required interfaces with fork tests passing as can be seen at: - [Morpho's Gauntlet Weth](https://github.com/balancer/balancer-v3-erc4626-tests/blob/f6245bfe043759ea17d7282ada58871dc12f8fcc/test/mainnet/ERC4626MainnetMorphoGauntletWeth.t.sol#L20) diff --git a/erc4626/MorphoVaults/Steakhouse.md b/erc4626/MorphoVaults/V1-incompatible-Steakhouse.md similarity index 88% rename from erc4626/MorphoVaults/Steakhouse.md rename to erc4626/MorphoVaults/V1-incompatible-Steakhouse.md index e26e977..13b88ad 100644 --- a/erc4626/MorphoVaults/Steakhouse.md +++ b/erc4626/MorphoVaults/V1-incompatible-Steakhouse.md @@ -36,10 +36,9 @@ If none of these is checked, then this might be a pretty great Rate Provider! If To save time, we do not bother pointing out low-severity/informational issues or gas optimizations (unless the gas usage is particularly egregious). Instead, we focus only on high- and medium-severity findings which materially impact the contract's functionality and could harm users. ## Conclusion -**Summary judgment: USABLE** +**Summary judgment: UNUSABLE** -The outlined ERC4626 Vaults should work well with Balancer pools. The Vaults implement the required interfaces with fork tests passing as can be seen at: -- [Morpho's Steakhouse USDC](https://github.com/balancer/balancer-v3-erc4626-tests/blob/main/test/mainnet/ERC4626MainnetMorphoSteakhouseUSDC.t.sol) +The outlined ERC4626 Vaults will not work well with Balancer pools due to a flash loan incompatibility on Morpho Vaults . The Vaults implement the required interfaces with fork tests passing as can be seen at:- [Morpho's Steakhouse USDC](https://github.com/balancer/balancer-v3-erc4626-tests/blob/main/test/mainnet/ERC4626MainnetMorphoSteakhouseUSDC.t.sol) - [Morpho's Steakhouse USDT](https://github.com/balancer/balancer-v3-erc4626-tests/blob/main/test/mainnet/ERC4626MainnetMorphoSteakhouseUSDT.t.sol) - [Morpho's Steakhouse wUSDL](https://github.com/balancer/balancer-v3-erc4626-tests/blob/main/test/mainnet/ERC4626MainnetMorphoSteakhouseWUSDL.t.sol) diff --git a/erc4626/MorphoVaults/V1.1-Steakhouse.md b/erc4626/MorphoVaults/V1.1-Steakhouse.md new file mode 100644 index 0000000..406aa1f --- /dev/null +++ b/erc4626/MorphoVaults/V1.1-Steakhouse.md @@ -0,0 +1,39 @@ +# ERC4626 Vault: `MetaMorpho` + +## Details +- Reviewed by: @mkflow27 +- Checked by: @danielmkm +- Deployed at: + - [ethereum:https://etherscan.io/address/0x7204B7Dbf9412567835633B6F00C3Edc3a8D6330](https://etherscan.io/address/0x7204B7Dbf9412567835633B6F00C3Edc3a8D6330) + - [ethereum:https://etherscan.io/address/0xbEeFc011e94f43b8B7b455eBaB290C7Ab4E216f1](https://etherscan.io/address/0xbEeFc011e94f43b8B7b455eBaB290C7Ab4E216f1) +- Audit report(s): + - [Security Reviews & Formal Verifications](https://docs.morpho.org/security-reviews/) + +## Context +A 4626 Vault which wraps underlying tokens in MetaMorpho vaults in order for vault curators to earn liquidity providers additional yield on their assets. + +## Review Checklist: Bare Minimum Compatibility +Each of the items below represents an absolute requirement for the Rate Provider. If any of these is unchecked, the Rate Provider is unfit to use. + +- [x] Tests based on the [balancer-v3-monorepo](https://github.com/balancer/balancer-v3-monorepo/tree/main/pkg/vault/test/foundry/fork) pass for the given ERC4626 vaults. +- [x] The required Vault implements the required operational ERC4626 Interface + +## Review Checklist: Common Findings +Each of the items below represents a common red flag found in Rate Provider contracts. + +If none of these is checked, then this might be a pretty great Rate Provider! If any of these is checked, we must thoroughly elaborate on the conditions that lead to the potential issue. Decision points are not binary; a Rate Provider can be safe despite these boxes being checked. A check simply indicates that thorough vetting is required in a specific area, and this vetting should be used to inform a holistic analysis of the Rate Provider. + +### Administrative Privileges +- [] The ERC4626 Vault is upgradeable. + - note: Upgradeability remarks for rate relevant aspects can be found in the corresponding rate provider review. + +### Common Manipulation Vectors +- [] The ERC4626 Vault is susceptible to donation attacks. + +## Additional Findings +To save time, we do not bother pointing out low-severity/informational issues or gas optimizations (unless the gas usage is particularly egregious). Instead, we focus only on high- and medium-severity findings which materially impact the contract's functionality and could harm users. + +## Conclusion +**Summary judgment: USABLE** + +The outlined ERC4626 Vaults should work well with Balancer pools. The Vaults implement the required interfaces with fork tests passing as can be seen at: diff --git a/erc4626/registry.json b/erc4626/registry.json index 68bb71d..0311108 100644 --- a/erc4626/registry.json +++ b/erc4626/registry.json @@ -3,29 +3,29 @@ "0x2371e134e3455e0593363cBF89d3b6cf53740618": { "asset": "0xC02aaA39b223FE8D0A0e5C4F27eAD9083C756Cc2", "name": "MetaMorpho Gauntlet wETH Prime", - "summary": "safe", - "review": "./MorphoVaults/Gauntlet.md", + "summary": "unsafe", + "review": "./MorphoVaults/V1-Incompatible-Gauntlet.md", "warnings": [] }, "0xBEEF01735c132Ada46AA9aA4c54623cAA92A64CB": { "asset": "0xA0b86991c6218b36c1d19D4a2e9Eb0cE3606eB48", "name": "MetaMorpho Steakhouse SteakUSDC", - "summary": "safe", - "review": "./MorphoVaults/Steakhouse.md", + "summary": "unsafe", + "review": "./MorphoVaults/V1-incompatible-Steakhouse.md", "warnings": [] }, "0xbEef047a543E45807105E51A8BBEFCc5950fcfBa": { "asset": "0xdAC17F958D2ee523a2206206994597C13D831ec7", "name": "MetaMorpho Steakhouse SteakUSDT", - "summary": "safe", - "review": "./MorphoVaults/Steakhouse.md", + "summary": "unsafe", + "review": "./MorphoVaults/V1-incompatible-Steakhouse.md", "warnings": [] }, "0xbEEFC01767ed5086f35deCb6C00e6C12bc7476C1": { "asset": "0x7751E2F4b8ae93EF6B79d86419d42FE3295A4559", "name": "MetaMorpho Coinshift-Steakhouse csUSDL", - "summary": "safe", - "review": "./MorphoVaults/Steakhouse.md", + "summary": "unsafe", + "review": "./MorphoVaults/V1-incompatible-Steakhouse.md", "warnings": [] }, "0xD4fa2D31b7968E448877f69A96DE69f5de8cD23E": { @@ -76,6 +76,20 @@ "summary": "safe", "review": "./StatATokenV2Review.md", "warnings": [] + }, + "0xbEeFc011e94f43b8B7b455eBaB290C7Ab4E216f1": { + "asset": "0x7751E2F4b8ae93EF6B79d86419d42FE3295A4559", + "name": "MetaMorpho v1.1 Coinshift-Steakhouse csUSDL", + "summary": "safe", + "review": "./MorphoVaults/V1.1-Steakhouse.md", + "warnings": [] + }, + "0x7204B7Dbf9412567835633B6F00C3Edc3a8D6330": { + "asset": "0xA0b86991c6218b36c1d19D4a2e9Eb0cE3606eB48", + "name": "MetaMorpho v1.1 Coinshift-Steakhouse csUSDC", + "summary": "safe", + "review": "./MorphoVaults/V1.1-Steakhouse.md", + "warnings": [] } }, "gnosis": { diff --git a/rate-providers/GravitaRateProviders.md b/rate-providers/GravitaRateProviders.md new file mode 100644 index 0000000..3eb63fa --- /dev/null +++ b/rate-providers/GravitaRateProviders.md @@ -0,0 +1,172 @@ +# Rate Provider: `RPLVault` & `WETHVault` + +## Details +- Reviewed by: @mkflow27 +- Checked by: @danielmkm +- Deployed at: + - [ethereum:0x1DB1Afd9552eeB28e2e36597082440598B7F1320](https://etherscan.io/address/0x1DB1Afd9552eeB28e2e36597082440598B7F1320) + - [ethereum:0xBB22d59B73D7a6F3A8a83A214BECc67Eb3b511fE](https://etherscan.io/address/0xBB22d59B73D7a6F3A8a83A214BECc67Eb3b511fE) +- Audit report(s): + - [Gravita audits](https://docs.gravitaprotocol.com/gravita-docs/about-gravita-protocol/audits) + +## Context +The RPLVault and WETHVault are Vault produces that compound a given asset. The Vaults are also the rate providers and no separate rate providers contracts exist. The valuation approach is based on a totalAssets / totalSupply approach where `totalAssets` is the function doing various external contract calls. + +## Review Checklist: Bare Minimum Compatibility +Each of the items below represents an absolute requirement for the Rate Provider. If any of these is unchecked, the Rate Provider is unfit to use. + +- [x] Implements the [`IRateProvider`](https://github.com/balancer/balancer-v2-monorepo/blob/bc3b3fee6e13e01d2efe610ed8118fdb74dfc1f2/pkg/interfaces/contracts/pool-utils/IRateProvider.sol) interface. +- [x] `getRate` returns an 18-decimal fixed point number (i.e., 1 == 1e18) regardless of underlying token decimals. + +## Review Checklist: Common Findings +Each of the items below represents a common red flag found in Rate Provider contracts. + +If none of these is checked, then this might be a pretty great Rate Provider! If any of these is checked, we must thoroughly elaborate on the conditions that lead to the potential issue. Decision points are not binary; a Rate Provider can be safe despite these boxes being checked. A check simply indicates that thorough vetting is required in a specific area, and this vetting should be used to inform a holistic analysis of the Rate Provider. + +### Administrative Privileges +- [x] The Rate Provider is upgradeable (e.g., via a proxy architecture or an `onlyOwner` function that updates the price source address). + + #### xrRETH + - admin address: [ethereum:0xA4539A9ecE2A653AfC7C8DD49d27dd079ed19d00](https://etherscan.io/address/0xA4539A9ecE2A653AfC7C8DD49d27dd079ed19d00#code) + - admin type: multisig + - multisig threshold/signers: 3/5 + - multisig timelock? 7 days + + + #### xRPL + - admin address: [ethereum:0xA4539A9ecE2A653AfC7C8DD49d27dd079ed19d00](https://etherscan.io/address/0xA4539A9ecE2A653AfC7C8DD49d27dd079ed19d00#code) + - admin type: multisig + - multisig threshold/signers: 3/5 + - multisig timelock? 7 days + +- [x] Some other portion of the price pipeline is upgradeable (e.g., the token itself, an oracle, or some piece of a larger system that tracks the price). + - upgradeable component: `Directory` ([ethereum:0x4343743dBc46F67D3340b45286D8cdC13c8575DE](https://etherscan.io/address/0x4343743dBc46F67D3340b45286D8cdC13c8575DE)) + - admin address: [ethereum:0xA4539A9ecE2A653AfC7C8DD49d27dd079ed19d00](https://etherscan.io/address/0xA4539A9ecE2A653AfC7C8DD49d27dd079ed19d00#code) + - admin type: multisig + - multisig threshold/signers: 3/5 + - multisig timelock? 7 days + + + - upgradeable component: `OperatorDistributor` ([ethereum:0x102809fE582ecaa527bB316DCc4E99fc35FBAbb9](https://etherscan.io/address/0x102809fE582ecaa527bB316DCc4E99fc35FBAbb9#readProxyContract)) + - admin address: [ethereum:0xA4539A9ecE2A653AfC7C8DD49d27dd079ed19d00](https://etherscan.io/address/0xA4539A9ecE2A653AfC7C8DD49d27dd079ed19d00#code) + - admin type: multisig + - multisig threshold/signers: 3/5 + - multisig timelock? 7 days + + - upgradeable component: `PoAConstellationOracle` ([ethereum:0x81C1001e1621d05bE250814123CC81BBb244Cb07](https://etherscan.io/address/0x81C1001e1621d05bE250814123CC81BBb244Cb07#readProxyContract)) + - admin address: [ethereum:0xA4539A9ecE2A653AfC7C8DD49d27dd079ed19d00](https://etherscan.io/address/0xA4539A9ecE2A653AfC7C8DD49d27dd079ed19d00#code) + - admin type: multisig + - multisig threshold/signers: 3/5 + - multisig timelock? 7 days + + - upgradeable component: `MerkleClaimStreamer` ([ethereum:0x312717E67b9a12402fB8d2DB031aC9C84665a04e](https://etherscan.io/address/0x312717E67b9a12402fB8d2DB031aC9C84665a04e#readProxyContract)) + - admin address: [ethereum:0xA4539A9ecE2A653AfC7C8DD49d27dd079ed19d00](https://etherscan.io/address/0xA4539A9ecE2A653AfC7C8DD49d27dd079ed19d00#code) + - admin type: multisig + - multisig threshold/signers: 3/5 + - multisig timelock? 7 days + + + +### Oracles +- [x] Price data is provided by an off-chain source (e.g., a Chainlink oracle, a multisig, or a network of nodes). + - source: A custom oracle for xrRETH. + - source address: [ethereum:0xb5f6eeDE05036A42Af492638Ec0A1704E7cE7894](https://etherscan.io/address/0xb5f6eeDE05036A42Af492638Ec0A1704E7cE7894) + - any protections? Part of the price rate depends on an `outstandingYield` state variable which is part of the oracle response. and is retrieved via + ```solidity + function getTotalYieldAccrued() external view override returns (int256) { + return _totalYieldAccrued; + } + ``` + This state variable can be externally set via signed data by calling `setTotalYieldAccrued` in + ```solidity + function setTotalYieldAccrued(bytes calldata _sig, PoAOracleSignatureData calldata sigData) external { + address recoveredAddress = ECDSA.recover( + ECDSA.toEthSignedMessageHash( + keccak256(abi.encodePacked( + sigData.newTotalYieldAccrued, + sigData.expectedOracleError, + sigData.timeStamp, + address(this), + block.chainid)) + ), + _sig + ); + require( + _directory.hasRole(Constants.ADMIN_ORACLE_ROLE, recoveredAddress), + 'signer must have permission from admin oracle role' + ); + require(sigData.timeStamp > _lastUpdatedTotalYieldAccrued, 'cannot update oracle using old data'); + require(sigData.timeStamp <= block.timestamp, 'cannot update oracle using future data'); + + OperatorDistributor od = OperatorDistributor(_directory.getOperatorDistributorAddress()); + + // Prevent a front-running attack/accident where a valid sig is generated, then a minipool is processed before + // this function is called, causing a double-count of rewards. + if(sigData.expectedOracleError < od.oracleError()) { + if(sigData.newTotalYieldAccrued > 0) { + _totalYieldAccrued = sigData.newTotalYieldAccrued - int(od.oracleError() - sigData.expectedOracleError); + } + else if(sigData.newTotalYieldAccrued < 0) { + _totalYieldAccrued = sigData.newTotalYieldAccrued + int(od.oracleError() - sigData.expectedOracleError); + } + else { + _totalYieldAccrued = 0; + } + } else if(sigData.expectedOracleError == od.oracleError()) { + _totalYieldAccrued = sigData.newTotalYieldAccrued; + } else { + // Note that actual oracle error will only ever increase or be reset to 0, + // so if expectedOracleError is not <= actual oracleError, there is something wrong with the oracle. + revert("actual oracleError was less than expectedOracleError"); + } + + _lastUpdatedTotalYieldAccrued = block.timestamp; + emit TotalYieldAccruedUpdated(_totalYieldAccrued); + + od.resetOracleError(); + } + ``` + + +- [ ] Price data is expected to be volatile (e.g., because it represents an open market price instead of a (mostly) monotonically increasing price). + +### Common Manipulation Vectors +- [x] The Rate Provider is susceptible to donation attacks. + + #### xrRETH + For xrRETH the vaults `asset`'s balance is measured as part of the price rate. + ```solidity + function totalAssets() public view override returns (uint256) { + OperatorDistributor od = OperatorDistributor(getDirectory().getOperatorDistributorAddress()); + (uint256 distributableYield, bool signed) = getDistributableYield(); + uint256 merkleRewards = MerkleClaimStreamer(getDirectory().getMerkleClaimStreamerAddress()).getStreamedTvlEth(); + return ( + uint256( + int(IERC20(asset()).balanceOf(address(this)) + od.getTvlEth() + merkleRewards) + + (signed ? -int(distributableYield) : int(distributableYield)) + ) + ); + } + ``` + + #### xRPL + Similarly this is the case here + ```solidity + function totalAssets() public view override returns (uint256) { + return (IERC20(asset()).balanceOf(address(this)) + + OperatorDistributor(_directory.getOperatorDistributorAddress()).getTvlRpl()) + + MerkleClaimStreamer(getDirectory().getMerkleClaimStreamerAddress()).getStreamedTvlRpl(); + } + ``` + +## Additional Findings +To save time, we do not bother pointing out low-severity/informational issues or gas optimizations (unless the gas usage is particularly egregious). Instead, we focus only on high- and medium-severity findings which materially impact the contract's functionality and could harm users. + + +## Conclusion +**Summary judgment: USABLE** + +The upgradeability of the contracts is guarded behind multisigs and a timelock contract. The involved oracle price data is signed data of an eoa. For more information on the oracle see comments from Gravita +> Response from Gravita: That key is used by the oracle service which reads the validator balances to know how many assets back the token. We can't go into security of this service too much but only one person generated this key (me, the doxxed CTO of the dev team) and no one else has access to it. And of course the admin multisig can change which address has this oracle permission if that oracle signing key is lost for some reason. + + diff --git a/rate-providers/MarketRateTransformerRateProviders.md b/rate-providers/MarketRateTransformerRateProviders.md index 4582f1c..aad8991 100644 --- a/rate-providers/MarketRateTransformerRateProviders.md +++ b/rate-providers/MarketRateTransformerRateProviders.md @@ -16,6 +16,10 @@ - ERC4626RateProvider: aave wsteth market - ERC4626Vault's `asset` rate provider: Wrapped Staked Eth + - csUSDL v1.1 (Steakhouse) [ethereum:0x9062a576D3e6Cf6999e99e405608063033c4CFF6](https://etherscan.io/address/0x9062a576D3e6Cf6999e99e405608063033c4CFF6#code) + - ERC4626RateProvider: MetaMorphoV1_1 + - ERC4626Vault's `asset` rate provider: Wrapped USDL (wUSDL) ERC4626 Rate Provider + - Audit report(s): - [Formal Verification Report For StaticAToken](https://github.com/aave-dao/aave-v3-origin/blob/067d29eb75115179501edc4316d125d9773f7928/audits/11-09-2024_Certora_StataTokenV2.pdf) - [Security Reviews & Formal Verifications](https://docs.morpho.org/security-reviews/) @@ -25,7 +29,7 @@ Aave markets Lido a-wstETH & a-wstETH The ERC4626 RateProvider fetches the rate of Static Aave Tokens in terms of USDC or USDT. The exchange rate is provided by the Aave V3 `POOL` and fetched via `getReserveNormalizedIncome` from the pool and wrapped as part of the `convertToAsset` call to the `StataTokenV2`. -csUSDL +csUSDL & v1.1 The ERC4626 RateProvider fetches the rate of MetaMorpho Vault tokens in terms of the underlying asset. The exchange rate is provided via the conversion between totalAssets and totalSupply. The Morpho contract only determines the potential market parameters, assets, collaterals, beneficiary, owner, fee, and cooldown periods related to the vault curator. There are no entry or exit fees, and no time locks for users to deposit and withdraw from this vault. ## Review Checklist: Bare Minimum Compatibility @@ -83,6 +87,24 @@ If none of these is checked, then this might be a pretty great Rate Provider! If - admin type: multisig - multisig threshold/signers: 3/17 + #### Coinshift USDL (csUSDL) v1.1 + The Metamorpho Vault + - Part of the rate computation relies of `totalAssets` being calculated. This function iterates over a list of Ids. This list of Ids can be changed by the Allocator role. The potential impact has not been thoroughly investigated. There are however protections in place to protect against invalid changes such as + - `revert ErrorsLib.DuplicateMarket(id);` + - `revert ErrorsLib.InvalidMarketRemovalNonZeroCap(id);` + - `revert ErrorsLib.PendingCap(id);` + - `ErrorsLib.InvalidMarketRemovalNonZeroSupply(id);` + - `ErrorsLib.InvalidMarketRemovalTimelockNotElapsed(id);` + - Also take into account the vaultAssetPriceFeed. This was investigated as part of the [review](./wUSDLPaxosRateProvider.md) with the upgradeable component: `wYBSV1` ([ethereum:0x7751E2F4b8ae93EF6B79d86419d42FE3295A4559](https://etherscan.io/address/0x7751E2F4b8ae93EF6B79d86419d42FE3295A4559#readProxyContract)) + - admin address: [ethereum:0x60Be07b68214d49aF3Ec8fa89c7fc0970De0A94E](https://etherscan.io/address/0x60Be07b68214d49aF3Ec8fa89c7fc0970De0A94E#code) + - admin type: multisig + - multisig threshold/signers: 3/20 + - upgradeable component: `YBSV1` ([ethereum:0xbdC7c08592Ee4aa51D06C27Ee23D5087D65aDbcD](https://etherscan.io/address/0xbdC7c08592Ee4aa51D06C27Ee23D5087D65aDbcD#code)) + - admin address: [ethereum:0x65bcf790Cb8ADf60D5f54eC2E10DE8C83886E0AE](https://etherscan.io/address/0x65bcf790Cb8ADf60D5f54eC2E10DE8C83886E0AE#code) + - admin type: multisig + - multisig threshold/signers: 3/17 + + ### Oracles - [ ] Price data is provided by an off-chain source (e.g., a Chainlink oracle, a multisig, or a network of nodes). diff --git a/rate-providers/MorphoERC4626RateProviders.md b/rate-providers/MorphoERC4626RateProviders.md index 20a4472..d68fbc1 100644 --- a/rate-providers/MorphoERC4626RateProviders.md +++ b/rate-providers/MorphoERC4626RateProviders.md @@ -6,9 +6,9 @@ - Deployed at: - Steakhouse USDC [ethereum:0xc81D60E39e065146c6dE186fFC5B39e4CA2189Cf](https://etherscan.io/address/0xc81D60E39e065146c6dE186fFC5B39e4CA2189Cf#code) - Steakhouse USDT [ethereum:0x50A72232c5370321aa78036BaDe8e9d5eB89cbAF](https://etherscan.io/address/0x50A72232c5370321aa78036BaDe8e9d5eB89cbAF#code) - - Steakhouse wUSDL - csUSDL [ethereum:0xbEc8a14233e68C02e803B999DbA3D0f9C5076394](https://etherscan.io/address/0xbEc8a14233e68C02e803B999DbA3D0f9C5076394#code) + - Steakhouse wUSDL - csUSDL [ethereum:0xbEc8a14233e68C02e803B999DbA3D0f9C5076394](https://etherscan.io/address/0xbEc8a14233e68C02e803B999DbA3D0f9C5076394#code) - Gauntlet Prime wETH [ethereum:0x0A25a2C62e3bA90F1e6F08666862df50cdAAB1F5](https://etherscan.io/address/0x0A25a2C62e3bA90F1e6F08666862df50cdAAB1F5#code) - + - Steakhouse v1.1 USDC - csUSDC [ethereum:0xB0926Cfc3aC047035b11d9afB85DC782E6D9d76A](https://etherscan.io/address/0xB0926Cfc3aC047035b11d9afB85DC782E6D9d76A#code) - Audit report(s): - [Security Reviews & Formal Verifications](https://docs.morpho.org/security-reviews/) @@ -54,6 +54,11 @@ If none of these is checked, then this might be a pretty great Rate Provider! If For [Gauntlet Prime wETH](https://etherscan.io/address/0x2371e134e3455e0593363cBF89d3b6cf53740618) some allocators are eoas. - 0xfd32fA2ca22c76dD6E550706Ad913FC6CE91c75D - 0x959d73CB5a1C1ad7EbCE3eC93FAD3b2f9a25432E + #### v1.1 Steakhouse Coinshift USDC + For [Steakhouse csUSDC](https://etherscan.io/address/0xB0926Cfc3aC047035b11d9afB85DC782E6D9d76A) some allocators are eoas. + - 0xfeed46c11F57B7126a773EeC6ae9cA7aE1C03C9a + - 0xfd32fA2ca22c76dD6E550706Ad913FC6CE91c75D + - 0x29d4CDFee8F533af8529A9e1517b580E022874f7 ### Oracles - [ ] Price data is provided by an off-chain source (e.g., a Chainlink oracle, a multisig, or a network of nodes). @@ -64,6 +69,6 @@ If none of these is checked, then this might be a pretty great Rate Provider! If - [ ] The Rate Provider is susceptible to donation attacks. ## Conclusion -**Summary judgment: USABLE** +**Summary judgment: v1.1 is USABLE** The Rate Providers should work well with Balancer pools. The underlying contracts have been audited and been in production for an extended period of time. diff --git a/rate-providers/registry.json b/rate-providers/registry.json index dec52ff..7953193 100644 --- a/rate-providers/registry.json +++ b/rate-providers/registry.json @@ -1791,7 +1791,7 @@ "0xc81D60E39e065146c6dE186fFC5B39e4CA2189Cf": { "asset": "0xBEEF01735c132Ada46AA9aA4c54623cAA92A64CB", "name": "ERC4626RateProvider", - "summary": "safe", + "summary": "unsafe", "review": "./MorphoERC4626RateProviders.md", "warnings": ["eoaUpgradeable"], "factory": "0xFC541f8d8c5e907E236C8931F0Df9F58e0C259Ec", @@ -1805,7 +1805,7 @@ "0x50A72232c5370321aa78036BaDe8e9d5eB89cbAF": { "asset": "0xbEef047a543E45807105E51A8BBEFCc5950fcfBa", "name": "ERC4626RateProvider", - "summary": "safe", + "summary": "unsafe", "review": "./MorphoERC4626RateProviders.md", "warnings": ["eoaUpgradeable"], "factory": "0xFC541f8d8c5e907E236C8931F0Df9F58e0C259Ec", @@ -1819,7 +1819,7 @@ "0x0A25a2C62e3bA90F1e6F08666862df50cdAAB1F5": { "asset": "0x2371e134e3455e0593363cBF89d3b6cf53740618", "name": "ERC4626RateProvider", - "summary": "safe", + "summary": "unsafe", "review": "./MorphoERC4626RateProviders.md", "warnings": ["eoaUpgradeable"], "factory": "0xFC541f8d8c5e907E236C8931F0Df9F58e0C259Ec", @@ -1830,6 +1830,20 @@ } ] }, + "0xB0926Cfc3aC047035b11d9afB85DC782E6D9d76A": { + "asset": "0x7204B7Dbf9412567835633B6F00C3Edc3a8D6330", + "name": "ERC4626RateProvider", + "summary": "safe", + "review": "./MorphoERC4626RateProviders.md", + "warnings": ["eoaUpgradeable"], + "factory": "0xFC541f8d8c5e907E236C8931F0Df9F58e0C259Ec", + "upgradeableComponents": [ + { + "entrypoint": "0x7204B7Dbf9412567835633B6F00C3Edc3a8D6330", + "implementationReviewed": "0x7204B7Dbf9412567835633B6F00C3Edc3a8D6330" + } + ] + }, "0x51b7F50044a2a1A9A846575Be33c00A68e0172DF": { "asset": "0x7751E2F4b8ae93EF6B79d86419d42FE3295A4559", "name": "ERC4626RateProvider", @@ -1919,6 +1933,80 @@ "implementationReviewed": "0xeF434E4573b90b6ECd4a00f4888381e4D0CC5Ccd" } ] + }, + "0x1DB1Afd9552eeB28e2e36597082440598B7F1320": { + "asset": "0x1DB1Afd9552eeB28e2e36597082440598B7F1320", + "name": "RPLVault", + "summary": "safe", + "review": "./GravitaRateProviders.md", + "warnings": ["donation"], + "factory": "", + "upgradeableComponents": [ + { + "entrypoint": "0xBB22d59B73D7a6F3A8a83A214BECc67Eb3b511fE", + "implementationReviewed": "0x767b901B7Eb64133e82F6531614b66cb235E4c71" + }, + { + "entrypoint": "0x4343743dBc46F67D3340b45286D8cdC13c8575DE", + "implementationReviewed": "0x9c9001E0ff0D8C5c535252E883B7D0Ca2BE68Eef" + }, + { + "entrypoint": "0x102809fE582ecaa527bB316DCc4E99fc35FBAbb9", + "implementationReviewed": "0x1044958261F0a3DFf363313FC94f7eA69aC935A1" + }, + { + "entrypoint": "0x312717E67b9a12402fB8d2DB031aC9C84665a04e", + "implementationReviewed": "0x4A878c581C9542ebC467d1Ce5CB86C3Cf25603ab" + } + ] + }, + "0xBB22d59B73D7a6F3A8a83A214BECc67Eb3b511fE": { + "asset": "0xBB22d59B73D7a6F3A8a83A214BECc67Eb3b511fE", + "name": "WETHVault", + "summary": "safe", + "review": "./GravitaRateProviders.md", + "warnings": ["donation", "eoaUpgradeable"], + "factory": "", + "upgradeableComponents": [ + { + "entrypoint": "0xBB22d59B73D7a6F3A8a83A214BECc67Eb3b511fE", + "implementationReviewed": "0x767b901B7Eb64133e82F6531614b66cb235E4c71" + }, + { + "entrypoint": "0x4343743dBc46F67D3340b45286D8cdC13c8575DE", + "implementationReviewed": "0x9c9001E0ff0D8C5c535252E883B7D0Ca2BE68Eef" + }, + { + "entrypoint": "0x102809fE582ecaa527bB316DCc4E99fc35FBAbb9", + "implementationReviewed": "0x1044958261F0a3DFf363313FC94f7eA69aC935A1" + }, + { + "entrypoint": "0x81C1001e1621d05bE250814123CC81BBb244Cb07", + "implementationReviewed": "0x9c778410221841A35e0EEa0e82E27ccE78Ee3C27" + }, + { + "entrypoint": "0x312717E67b9a12402fB8d2DB031aC9C84665a04e", + "implementationReviewed": "0x4A878c581C9542ebC467d1Ce5CB86C3Cf25603ab" + } + ] + }, + "0x9062a576D3e6Cf6999e99e405608063033c4CFF6": { + "asset": "0xbEeFc011e94f43b8B7b455eBaB290C7Ab4E216f1", + "name": "csUSDL-MORPHOv1.1", + "summary": "safe", + "review": "./MarketRateTransformerRateProviders.md", + "warnings": [""], + "factory": "0xeC2C6184761ab7fE061130B4A7e3Da89c72F8395", + "upgradeableComponents": [ + { + "entrypoint": "0x7751E2F4b8ae93EF6B79d86419d42FE3295A4559", + "implementationReviewed": "0x2954c85e7e2b841d0e9a9fdcc09dac1274057d71" + }, + { + "entrypoint": "0xbdC7c08592Ee4aa51D06C27Ee23D5087D65aDbcD", + "implementationReviewed": "0x752d55d62a94658eac08eae42deda902b69b0e76" + } + ] } }, "fantom": {