fix: rewards v2 audit fixes (#987)

* fix: default operator split during first initialization

* test: updated split tests

feat: slashing release

fix(slashing): upgrade script part 4 (#953)

fix: patch (#956)

feat: bindings (#960)

fix: remove numtocomplete interface (#966)

feat: add share helpers (#964)

* feat: add share helpers

* fix: add deposit scaling factor

* fix: rebase

fix: slashable window boundaries (#965)

* fix: slashable window boundaries

* test: regression for alm

* test: update withdrawal delay not passed reversion

* test: burning indices

* refactor: switch conditionals

* fix: added unit tests

* test: assert slashable shares in queue

* fix: typos

---------

Co-authored-by: Yash Patil <[email protected]>

refactor: small cleanup (#959)

refactor small cleanup

chore: `forge fmt`

fix: `getQueuedWithdrawals` + test

fix: add constructor back

test: `totalQueued` > `withdrawal.strategies.length`

test(wip): `completeQueuedWithdrawals`

currently failing

fix: effectBlock

test(wip): @8sunyuan patch

fix: one flaky test

fix: second flaky test

refactor: remove max strats list (#968)

feat: slashing patch upgrade script (#967)

* feat: initial deploy

* feat: slashing patch

fix non-present upgrade.json

chore: bindings (#969)

fix: try catch out of gas edge case (#971)

chore: slashing consolidated script (#972)

test: more slashing integration todos (#961)

* test(wip): todos

* fix: dealloc issue

* fix: remaining

* fix: forktest upgrade issue

* test: add `check_Withdrawal_AsShares_State_AfterSlash`

* refactor: cleanup

* fix: ci

* refactor: review changes

docs: wip slashing docs (#925)

* docs: add slashing docs
* chore: bindings
* docs: fixed commenting and updated queue withdrawal docs
* docs: minor cleanup

---------

Co-authored-by: Nadir Akhtar <[email protected]>

refactor: scaled shares accounting (#975)

* fix: correct expected share calc

* chore: bindings

* fix: rounding on failing unit test

refactor: final slashing cleanup (#982)

* chore: clean comments and naming in dm

* refactor: simplify undelegate method
* feat: removed 0 address check because 0 stakers cant be delegated
* feat: condensed non-staker caller logic

* refactor: remove unnecessary check

* feat: use checks-effects-interactions when completing withdrawals
* feat: remove implicit public method for queuedWithdrawals and impl dedicated getter

* feat: deprecate withdrawer field

* chore: make bindings and clean compile errors

* refactor: redelegate reuses delegateTo and undelegate

* fix: broken integration test

* docs: update to reflect deprecated field

* feat: add getter for stakers withdrawal roots

chore: remove unused avsd events (#984)

fix: integration test initialization params (#978)

* fix: initialization params

* fix: roll blocks usage

fix: `SignatureUtils` construction (#990)

* fix: integration test initialization params (#978)

* fix: initialization params

* fix: roll blocks usage

* fix: `SignatureUtils` construction

---------

Co-authored-by: Yash Patil <[email protected]>
Co-authored-by: davidironblocks <[email protected]>

fix: readd manual checks (#996)

* fix: readd manual checks

* chore: forge fmt

feat: slashing 1.0.3 upgrade script (#995)

* feat: add step 1

* feat: step 1 & 2 complete; pending step 3 sanity

* test: add `_validateProxyDomainSeparators`

* feat: add rc validation

---------

Co-authored-by: clandestine.eth <[email protected]>

fix: update alloc config delay bound (#985)

* fix: update alloc delay bound

* test: remove unnecessary roll

chore: storage report (#1000)

docs: shares accounting (#997)

* docs: shares accounting

* docs: fix gh markdown view

* docs: try fix gh again

* docs: cleanup

* docs: edit share accounting

* docs: wrap up share accounting doc

* docs: edit edge cases

---------

Co-authored-by: wadealexc <[email protected]>

refactor: async burning (#1001)

* refactor: burning

* chore: fmt

* chore: update storage report

* chore: update readme

* refactor: add burnableShares for epm storage

* chore: update storage report

test: `Snapshots` lib (#1002)

docs: finish delegation manager docs (#1004)

* docs: finish delegation manager docs

* docs: update docs readme

* docs: permission controller

* fix: small typos

* docs: address feedback

* docs: nit

---------

Co-authored-by: Michael Sun <[email protected]>

docs: Strategy Manager slashing updates (#999)

* docs: update StrategyManager docs with slashing delta

* docs: remove references to thirdPartyTransfersForbidden

* docs: update strategy docs to latest
* also various edits to docs and natspec

* chore: fmt and make bindings

---------

Co-authored-by: wadealexc <[email protected]>

docs: EigenPod Manager slashing updates (#1005)

* docs: complete EigenPodManager for slashing

* docs: add in _beaconChainSlashingFactor state variable note

* docs: finish epm docs

* chore: make bindings

---------

Co-authored-by: wadealexc <[email protected]>

.github/workflows/certora-prover.yml

@@ -50,7 +50,7 @@ jobs:
       - name: Install solc
         run: |
           pip install solc-select
-          solc-select use 0.8.12 --always-install
+          solc-select use 0.8.27 --always-install
       - name: Verify rule ${{ matrix.params }}
         run: |
           bash ${{ matrix.params }}

.github/workflows/coverage.yml

@@ -26,19 +26,20 @@ jobs:
       id: get_issue_number
       with:
         script: |
-          if (context.issue && context.issue.number) {
-            // Return issue number if present
-            return context.issue.number;
+          let issue_number;
+          // Attempt to find a pull request associated with the commit
+          const pullRequests = await github.rest.repos.listPullRequestsAssociatedWithCommit({
+            commit_sha: context.sha,
+            owner: context.repo.owner,
+            repo: context.repo.repo,
+          });
+
+          if (pullRequests.data.length > 0) {
+            issue_number = pullRequests.data[0].number;
           } else {
-            // Otherwise return issue number from commit
-            return (
-              await github.rest.repos.listPullRequestsAssociatedWithCommit({
-                commit_sha: context.sha,
-                owner: context.repo.owner,
-                repo: context.repo.repo,
-              })
-            ).data[0].number;
+            throw new Error('No associated issue or pull request found.');
           }
+          return issue_number;
         result-encoding: string
     - name: Checkout code
       uses: actions/checkout@v2
@@ -52,6 +53,9 @@ jobs:
         version: nightly
     - name: Run coverage
       run: forge coverage --report lcov
+      env:
+        RPC_MAINNET: ${{ secrets.RPC_MAINNET }}
+        RPC_HOLESKY: ${{ secrets.RPC_HOLESKY }}
     - name: Prune coverage report
       run: lcov --remove ./lcov.info -o ./lcov.info.pruned 'src/test/*' 'script/*' '*Storage.sol' --ignore-errors inconsistent
     - name: Generate reports

.github/workflows/testinparallel.yml

@@ -39,7 +39,7 @@ jobs:
     - name: Run Forge build
       run: |
         forge --version
-        forge build --sizes
+        forge build
       id: build
 
     - name: Run unit tests
@@ -57,9 +57,9 @@ jobs:
         CHAIN_ID: ${{ secrets.CHAIN_ID }}
 
     - name: Run integration mainnet fork tests
-      run: forge test --match-contract Integration
+      run: forge test --match-contract Integration 
       env:
         FOUNDRY_PROFILE: "forktest"
         RPC_MAINNET: ${{ secrets.RPC_MAINNET }}
         RPC_HOLESKY: ${{ secrets.RPC_HOLESKY }}
-        CHAIN_ID: ${{ secrets.CHAIN_ID }}
+        CHAIN_ID: ${{ secrets.CHAIN_ID }}

.gitignore

@@ -47,3 +47,7 @@ InheritanceGraph.png
 surya_report.md
 
 .idea
+
+*state.json
+deployed_strategies.json
+populate_src*

.gitmodules

@@ -1,15 +1,9 @@
-[submodule "lib/openzeppelin-contracts-upgradeable"]
-	path = lib/openzeppelin-contracts-upgradeable
-	url = https://github.com/OpenZeppelin/openzeppelin-contracts-upgradeable
 [submodule "lib/ds-test"]
 	path = lib/ds-test
 	url = https://github.com/dapphub/ds-test
 [submodule "lib/forge-std"]
 	path = lib/forge-std
 	url = https://github.com/foundry-rs/forge-std
-[submodule "lib/openzeppelin-contracts"]
-	path = lib/openzeppelin-contracts
-	url = https://github.com/OpenZeppelin/openzeppelin-contracts
 [submodule "lib/openzeppelin-contracts-v4.9.0"]
 	path = lib/openzeppelin-contracts-v4.9.0
 	url = https://github.com/OpenZeppelin/openzeppelin-contracts

.solhint.json

@@ -16,6 +16,8 @@
     "compiler-version": "off",
     "custom-errors": "off",
     "no-global-import": "off",
-    "immutable-vars-naming": "off"
+    "immutable-vars-naming": "off",
+    "no-console": "off"
+
   }
 }

.solhintignore

@@ -1 +0,0 @@
-Slasher.sol

README.md

@@ -102,6 +102,14 @@ surya mdreport surya_report.md ./src/contracts/**/*.sol
 make bindings
 ```
 
+### Generate updated Storage Report
+
+To update the storage reports in `/docs/storage-report` run:
+
+```bash
+make storage-report
+```
+
 ## Deployments
 
 ### Current Mainnet Deployment

certora/harnesses/DelegationManagerHarness.sol

@@ -1,5 +1,5 @@
 // SPDX-License-Identifier: BUSL-1.1
-pragma solidity ^0.8.12;
+pragma solidity ^0.8.27;
 
 import "../../src/contracts/core/DelegationManager.sol";
 

certora/harnesses/EigenPodHarness.sol

@@ -1,5 +1,5 @@
 // SPDX-License-Identifier: BUSL-1.1
-pragma solidity ^0.8.12;
+pragma solidity ^0.8.27;
 
 import "../../src/contracts/pods/EigenPod.sol";
 

certora/harnesses/EigenPodManagerHarness.sol

@@ -1,5 +1,5 @@
 // SPDX-License-Identifier: BUSL-1.1
-pragma solidity ^0.8.12;
+pragma solidity ^0.8.27;
 
 import "../../src/contracts/pods/EigenPodManager.sol";
 

certora/harnesses/PausableHarness.sol

@@ -1,5 +1,5 @@
 // SPDX-License-Identifier: BUSL-1.1
-pragma solidity ^0.8.12;
+pragma solidity ^0.8.27;
 
 import "../../src/contracts/permissions/Pausable.sol";
 

certora/harnesses/StrategyManagerHarness.sol

@@ -1,5 +1,5 @@
 // SPDX-License-Identifier: BUSL-1.1
-pragma solidity ^0.8.12;
+pragma solidity ^0.8.27;
 
 import "../../src/contracts/core/StrategyManager.sol";
 

certora/scripts/core/verifyDelegationManager.sh

@@ -3,12 +3,12 @@ then
     RULE="--rule $2"
 fi
 
-solc-select use 0.8.12
+solc-select use 0.8.27
 
 certoraRun certora/harnesses/DelegationManagerHarness.sol \
     lib/openzeppelin-contracts/contracts/token/ERC20/ERC20.sol lib/openzeppelin-contracts/contracts/mocks/ERC1271WalletMock.sol \
     src/contracts/pods/EigenPodManager.sol src/contracts/pods/EigenPod.sol src/contracts/strategies/StrategyBase.sol src/contracts/core/StrategyManager.sol \
-    src/contracts/core/Slasher.sol src/contracts/permissions/PauserRegistry.sol \
+    src/contracts/permissions/PauserRegistry.sol \
     --verify DelegationManagerHarness:certora/specs/core/DelegationManager.spec \
     --solc_via_ir \
     --solc_optimize 1 \

certora/scripts/core/verifyStrategyManager.sh

@@ -3,13 +3,13 @@ then
     RULE="--rule $2"
 fi
 
-solc-select use 0.8.12
+solc-select use 0.8.27
 
 certoraRun certora/harnesses/StrategyManagerHarness.sol \
     lib/openzeppelin-contracts/contracts/token/ERC20/ERC20.sol lib/openzeppelin-contracts/contracts/mocks/ERC1271WalletMock.sol \
     src/contracts/pods/EigenPodManager.sol src/contracts/pods/EigenPod.sol \
     src/contracts/strategies/StrategyBase.sol src/contracts/core/DelegationManager.sol \
-    src/contracts/core/Slasher.sol src/contracts/permissions/PauserRegistry.sol \
+    src/contracts/permissions/PauserRegistry.sol \
     --verify StrategyManagerHarness:certora/specs/core/StrategyManager.spec \
     --solc_via_ir \
     --solc_optimize 1 \

certora/scripts/permissions/verifyPausable.sh

@@ -3,7 +3,7 @@ then
     RULE="--rule $2"
 fi
 
-solc-select use 0.8.12
+solc-select use 0.8.27
 
 certoraRun certora/harnesses/PausableHarness.sol \
     src/contracts/permissions/PauserRegistry.sol \

certora/scripts/pods/verifyEigenPod.sh

@@ -3,11 +3,11 @@ then
     RULE="--rule $2"
 fi
 
-# solc-select use 0.8.12
+# solc-select use 0.8.27
 
 # certoraRun certora/harnesses/EigenPodHarness.sol \
 #     src/contracts/core/DelegationManager.sol src/contracts/pods/EigenPodManager.sol \
-#     src/contracts/core/Slasher.sol src/contracts/permissions/PauserRegistry.sol \
+#     src/contracts/permissions/PauserRegistry.sol \
 #     src/contracts/core/StrategyManager.sol \
 #     src/contracts/strategies/StrategyBase.sol \
 #     lib/openzeppelin-contracts/contracts/token/ERC20/ERC20.sol \

certora/scripts/pods/verifyEigenPodManager.sh

@@ -3,11 +3,11 @@ then
     RULE="--rule $2"
 fi
 
-# solc-select use 0.8.12
+# solc-select use 0.8.27
 
 # certoraRun certora/harnesses/EigenPodManagerHarness.sol \
 #     src/contracts/core/DelegationManager.sol src/contracts/pods/EigenPod.sol src/contracts/strategies/StrategyBase.sol src/contracts/core/StrategyManager.sol \
-#     src/contracts/core/Slasher.sol src/contracts/permissions/PauserRegistry.sol \
+#     src/contracts/permissions/PauserRegistry.sol \
 #     --verify EigenPodManagerHarness:certora/specs/pods/EigenPodManager.spec \
 #     --optimistic_loop \
 #     --optimistic_fallback \

certora/scripts/strategies/verifyStrategyBase.sh

@@ -3,13 +3,12 @@ then
     RULE="--rule $2"
 fi
 
-solc-select use 0.8.12
+solc-select use 0.8.27
 
 certoraRun src/contracts/strategies/StrategyBase.sol \
     lib/openzeppelin-contracts/contracts/token/ERC20/ERC20.sol \
     src/contracts/core/StrategyManager.sol \
     src/contracts/permissions/PauserRegistry.sol \
-    src/contracts/core/Slasher.sol \
     --verify StrategyBase:certora/specs/strategies/StrategyBase.spec \
     --solc_via_ir \
     --solc_optimize 1 \

certora/specs/core/DelegationManager.spec

@@ -78,7 +78,7 @@ in this case, the end state is that:
 isOperator(staker) == false,
 delegatedTo(staker) != staker && delegatedTo(staker) != 0,
 and isDelegated(staker) == true (redundant with above)
--only allowed when calling `delegateTo` or `delegateToBySignature`
+-only allowed when calling `delegateTo`
 
 2)
 FROM not delegated AND not registered as an operator
@@ -172,7 +172,7 @@ rule cannotChangeDelegationWithoutUndelegating(address staker) {
     }
 }
 
-// verifies that an undelegated address can only delegate when calling `delegateTo`, `delegateToBySignature` or `registerAsOperator`
+// verifies that an undelegated address can only delegate when calling `delegateTo` or `registerAsOperator`
 rule canOnlyDelegateWithSpecificFunctions(address staker) {
     requireInvariant operatorsAlwaysDelegatedToSelf(staker);
     // assume the staker begins as undelegated
@@ -192,16 +192,6 @@ rule canOnlyDelegateWithSpecificFunctions(address staker) {
         } else {
             assert (!isDelegated(staker), "staker delegated to inappropriate address?");
         }
-    } else if (f.selector == sig:delegateToBySignature(address, address, ISignatureUtils.SignatureWithExpiry, ISignatureUtils.SignatureWithExpiry, bytes32).selector) {
-        address toDelegateFrom;
-        address operator;
-        require(operator != 0);
-        ISignatureUtils.SignatureWithExpiry stakerSignatureAndExpiry;
-        ISignatureUtils.SignatureWithExpiry approverSignatureAndExpiry;
-        bytes32 salt;
-        delegateToBySignature(e, toDelegateFrom, operator, stakerSignatureAndExpiry, approverSignatureAndExpiry, salt);
-        // TODO: this check could be stricter! need to filter when the block timestamp is appropriate for expiry and signature is valid
-        assert (!isDelegated(staker) || delegatedTo(staker) == operator, "delegateToBySignature bug?");
     } else if (f.selector == sig:registerAsOperator(IDelegationManager.OperatorDetails, string).selector) {
         IDelegationManager.OperatorDetails operatorDetails;
         string metadataURI;