arcadia-finance · Thomas-Smets · Mar 1, 2024 · Feb 25, 2024 · Mar 1, 2024 · Mar 1, 2024
diff --git a/lib/accounts-v2 b/lib/accounts-v2
diff --git a/src/LendingPool.sol b/src/LendingPool.sol
@@ -540,18 +540,47 @@ contract LendingPool is LendingPoolGuardian, Creditor, DebtToken, ILendingPool {
         address accountOwner = IFactory(ACCOUNT_FACTORY).ownerOfAccount(account);
         if (accountOwner == address(0)) revert LendingPoolErrors.IsNotAnAccount();
 
-        uint256 amountBorrowedWithFee = amountBorrowed + amountBorrowed.mulDivUp(originationFee, ONE_4);
-
         // Check allowances to take debt.
         if (accountOwner != msg.sender) {
-            // Since calling accountManagementAction() gives the sender full control over all assets in the Account,
+            // Calling flashActionByCreditor() gives the sender full control over all assets in the Account,
             // Only Beneficiaries with maximum allowance can call the flashAction function.
             if (creditAllowance[account][accountOwner][msg.sender] != type(uint256).max) {
                 revert LendingPoolErrors.Unauthorized();
             }
         }
 
-        // Mint debt tokens to the Account, debt must be minted before the actions in the Account are performed.
+        // Prepare callback of the Account.
+        // The borrowing of funds during a flashAction has to be executed via a callback of the Account.
+        // As such the Account cannot be reentered in between the time that funds are borrowed and the final health check is done.
+        callbackAccount = account;
+        bytes memory callbackData = abi.encode(amountBorrowed, actionTarget, msg.sender, referrer);
+
+        // The Action Target will use the borrowed funds (optionally with additional assets withdrawn from the Account)
+        // to execute one or more actions (swap, deposit, mint...).
+        // Next the action Target will deposit any of the remaining funds or any of the recipient token
+        // resulting from the actions back into the Account.
+        // As last step, after all assets are deposited back into the Account a final health check is done:
+        // The Collateral Value of all assets in the Account must be bigger than the total liabilities against the Account (including the debt taken during this function).
+        // flashActionByCreditor also checks that the Account indeed has opened a margin account for this Lending Pool.
+        {
+            uint256 accountVersion = IAccount(account).flashActionByCreditor(callbackData, actionTarget, actionData);
+            if (!isValidVersion[accountVersion]) revert LendingPoolErrors.InvalidVersion();
+        }
+    }
+
+    /**
+     * @notice Callback of the Account during a flashAction.
+     * @param account The contract address of the Arcadia Account.
+     * @param callbackData The data for the borrow during a flashAction.
+     * @dev During the callback, the Account cannot be reentered and the actionTimestamp is updated.
+     */
+    function _flashActionCallback(address account, bytes calldata callbackData) internal override {
+        (uint256 amountBorrowed, address actionTarget, address sender, bytes3 referrer) =
+            abi.decode(callbackData, (uint256, address, address, bytes3));
+
+        uint256 amountBorrowedWithFee = amountBorrowed + amountBorrowed.mulDivUp(originationFee, ONE_4);
+
+        // Mint debt tokens to the Account.
         _deposit(amountBorrowedWithFee, account);
 
         // Add origination fee to the treasury.
@@ -562,29 +591,12 @@ contract LendingPool is LendingPoolGuardian, Creditor, DebtToken, ILendingPool {
             }
         }
 
-        // Need to update the actionTimestamp before transferring tokens,
-        // or ERC777s could reenter to frontrun Account transfers.
-        IAccount(account).updateActionTimestampByCreditor();
-
         // Send Borrowed funds to the actionTarget.
+        // Transfer fails if there is insufficient liquidity in the pool.
         asset.safeTransfer(actionTarget, amountBorrowed);
 
-        // The Action Target will use the borrowed funds (optionally with additional assets withdrawn from the Account)
-        // to execute one or more actions (swap, deposit, mint...).
-        // Next the action Target will deposit any of the remaining funds or any of the recipient token
-        // resulting from the actions back into the Account.
-        // As last step, after all assets are deposited back into the Account a final health check is done:
-        // The Collateral Value of all assets in the Account is bigger than the total liabilities against the Account (including the debt taken during this function).
-        // flashActionByCreditor also checks that the Account indeed has opened a margin account for this Lending Pool.
-        {
-            uint256 accountVersion = IAccount(account).flashActionByCreditor(actionTarget, actionData);
-            if (!isValidVersion[accountVersion]) revert LendingPoolErrors.InvalidVersion();
-        }
-
         unchecked {
-            emit Borrow(
-                account, msg.sender, actionTarget, amountBorrowed, amountBorrowedWithFee - amountBorrowed, referrer
-            );
+            emit Borrow(account, sender, actionTarget, amountBorrowed, amountBorrowedWithFee - amountBorrowed, referrer);
         }
     }
 

diff --git a/src/interfaces/IAccount.sol b/src/interfaces/IAccount.sol
@@ -24,11 +24,6 @@ interface IAccount {
      */
     function getUsedMargin() external view returns (uint256);
 
-    /**
-     * @notice Updates the actionTimestamp
-     */
-    function updateActionTimestampByCreditor() external;
-
     /**
      * @notice Checks if the Account is still healthy for an updated open position.
      * @param openPosition The new open position.
@@ -47,7 +42,9 @@ interface IAccount {
      * The second bytes object contains the encoded input for the actionTarget.
      * @return accountVersion The current Account version.
      */
-    function flashActionByCreditor(address actionTarget, bytes calldata actionData) external returns (uint256);
+    function flashActionByCreditor(bytes calldata callbackData, address actionTarget, bytes calldata actionData)
+        external
+        returns (uint256);
 
     /**
      * @notice Checks if an Account is liquidatable and continues the liquidation flow.

diff --git a/test/fuzz/LendingPool/AuctionRepay.fuzz.t.sol b/test/fuzz/LendingPool/AuctionRepay.fuzz.t.sol
@@ -51,6 +51,7 @@ contract AuctionRepay_LendingPool_Fuzz_Test is LendingPool_Fuzz_Test {
         vm.assume(sender != address(0));
         vm.assume(sender != users.liquidityProvider);
         vm.assume(sender != users.accountOwner);
+        vm.assume(sender != address(proxyAccount));
 
         depositTokenInAccount(proxyAccount, mockERC20.stable1, amountLoaned);
 

diff --git a/test/fuzz/LendingPool/FlashAction.fuzz.t.sol b/test/fuzz/LendingPool/FlashAction.fuzz.t.sol
@@ -94,8 +94,7 @@ contract FlashAction_LendingPool_Fuzz_Test is LendingPool_Fuzz_Test {
     function testFuzz_Revert_flashAction_InsufficientLiquidity(
         uint128 amountLoaned,
         uint112 collateralValue,
-        uint128 liquidity,
-        bytes calldata actionData
+        uint128 liquidity
     ) public {
         // Given: collateralValue is smaller than maxExposure.
         collateralValue = uint112(bound(collateralValue, 0, type(uint112).max - 1));
@@ -110,7 +109,7 @@ contract FlashAction_LendingPool_Fuzz_Test is LendingPool_Fuzz_Test {
 
         vm.startPrank(users.accountOwner);
         vm.expectRevert("TRANSFER_FAILED");
-        pool.flashAction(amountLoaned, address(proxyAccount), address(actionHandler), actionData, emptyBytes3);
+        pool.flashAction(amountLoaned, address(proxyAccount), address(actionHandler), callData, emptyBytes3);
         vm.stopPrank();
     }
 

diff --git a/test/fuzz/LendingPool/FlashActionCallback.fuzz.t.sol b/test/fuzz/LendingPool/FlashActionCallback.fuzz.t.sol
@@ -0,0 +1,114 @@
+/**
+ * Created by Pragma Labs
+ * SPDX-License-Identifier: BUSL-1.1
+ */
+pragma solidity 0.8.22;
+
+import { LendingPool_Fuzz_Test } from "./_LendingPool.fuzz.t.sol";
+
+import { FixedPointMathLib } from "../../../lib/solmate/src/utils/FixedPointMathLib.sol";
+
+import { ActionData } from "../../../lib/accounts-v2/src/interfaces/IActionBase.sol";
+import { ActionMultiCall } from "../../../lib/accounts-v2/src/actions/MultiCall.sol";
+import { IPermit2 } from "../../../lib/accounts-v2/src/interfaces/IPermit2.sol";
+
+/**
+ * @notice Fuzz tests for the function "flashActionCallback" of contract "LendingPool".
+ */
+contract FlashActionCallback_LendingPool_Fuzz_Test is LendingPool_Fuzz_Test {
+    using FixedPointMathLib for uint256;
+
+    /* ///////////////////////////////////////////////////////////////
+                            TEST CONTRACTS
+    /////////////////////////////////////////////////////////////// */
+
+    ActionMultiCall internal actionHandler;
+    bytes internal callData;
+
+    /* ///////////////////////////////////////////////////////////////
+                              SETUP
+    /////////////////////////////////////////////////////////////// */
+
+    function setUp() public override {
+        LendingPool_Fuzz_Test.setUp();
+    }
+
+    /*//////////////////////////////////////////////////////////////
+                              TESTS
+    //////////////////////////////////////////////////////////////*/
+    function testFuzz_Revert_flashActionCallback_Unauthorised(
+        address account,
+        address sender,
+        bytes calldata callbackData
+    ) public {
+        vm.assume(account != sender);
+
+        pool.setCallbackAccount(account);
+
+        vm.prank(sender);
+        vm.expectRevert(Unauthorized.selector);
+        pool.flashActionCallback(callbackData);
+    }
+
+    function testFuzz_Revert_flashActionCallback_InsufficientLiquidity(
+        uint128 amountLoaned,
+        uint128 liquidity,
+        address account,
+        address actionTarget,
+        address sender,
+        bytes3 referrer
+    ) public {
+        vm.assume(liquidity < amountLoaned);
+        vm.assume(liquidity > 0);
+
+        vm.prank(address(srTranche));
+        pool.depositInLendingPool(liquidity, users.liquidityProvider);
+
+        pool.setCallbackAccount(account);
+        bytes memory callbackData = abi.encode(amountLoaned, actionTarget, sender, referrer);
+
+        vm.prank(account);
+        vm.expectRevert("TRANSFER_FAILED");
+        pool.flashActionCallback(callbackData);
+    }
+
+    function testFuzz_Success_flashActionCallback(
+        uint128 amountLoaned,
+        uint128 liquidity,
+        address account,
+        address actionTarget,
+        address sender,
+        bytes3 referrer,
+        uint8 originationFee
+    ) public {
+        vm.assume(liquidity >= amountLoaned);
+        uint256 fee = uint256(amountLoaned).mulDivUp(originationFee, 10_000);
+        vm.assume(liquidity <= type(uint128).max - fee);
+        vm.assume(amountLoaned > 0);
+
+        vm.prank(users.creatorAddress);
+        pool.setOriginationFee(originationFee);
+
+        vm.prank(users.liquidityProvider);
+        mockERC20.stable1.approve(address(pool), type(uint256).max);
+
+        vm.prank(address(srTranche));
+        pool.depositInLendingPool(liquidity, users.liquidityProvider);
+
+        pool.setCallbackAccount(account);
+        bytes memory callbackData = abi.encode(amountLoaned, actionTarget, sender, referrer);
+
+        vm.startPrank(account);
+        vm.expectEmit(true, true, true, true);
+        emit Borrow(account, sender, actionTarget, amountLoaned, fee, referrer);
+        pool.flashActionCallback(callbackData);
+        vm.stopPrank();
+
+        assertEq(pool.getCallbackAccount(), address(0));
+        assertEq(mockERC20.stable1.balanceOf(address(pool)), liquidity - amountLoaned);
+        assertEq(mockERC20.stable1.balanceOf(actionTarget), amountLoaned);
+        assertEq(debt.balanceOf(account), uint256(amountLoaned) + fee);
+        assertEq(pool.liquidityOf(treasury), fee);
+        assertEq(pool.totalLiquidity(), liquidity + fee);
+    }
+}
diff --git a/test/fuzz/LendingPool/LiquidityOf.fuzz.t.sol b/test/fuzz/LendingPool/LiquidityOf.fuzz.t.sol
@@ -97,7 +97,7 @@ contract LiquidityOf_LendingPool_Fuzz_Test is LendingPool_Fuzz_Test {
         vm.stopPrank();
 
         // Given: collateralValue is smaller than maxExposure.
-        realisedDebt = uint112(bound(realisedDebt, 0, type(uint112).max - 1));
+        realisedDebt = uint112(bound(realisedDebt, 1, type(uint112).max - 1));
         vm.assume(deltaTimestamp <= 5 * 365 * 24 * 60 * 60); // 5 year
         vm.assume(interestRate <= 1e3 * 10 ** 18); // 1000%
         vm.assume(interestRate > 0);
@@ -153,7 +153,7 @@ contract LiquidityOf_LendingPool_Fuzz_Test is LendingPool_Fuzz_Test {
         pool.setInterestWeightTranche(0, totalInterestWeight);
 
         // Given: collateralValue is smaller than maxExposure.
-        realisedDebt = uint112(bound(realisedDebt, 0, type(uint112).max - 1));
+        realisedDebt = uint112(bound(realisedDebt, 1, type(uint112).max - 1));
         vm.assume(deltaTimestamp <= 5 * 365 * 24 * 60 * 60); // 5 year
         vm.assume(interestRate <= 1e3 * 10 ** 18); // 1000%
         vm.assume(interestRate > 0);

diff --git a/test/scenario/LeveragedActions.scenario.t.sol b/test/scenario/LeveragedActions.scenario.t.sol
@@ -208,7 +208,7 @@ contract LeveragedActions_Scenario_Test is Scenario_Lending_Test {
         });
 
         withdrawData.assets[0] = address(mockERC20.stable1);
-        withdrawData.assetTypes[0] = 0;
+        withdrawData.assetTypes[0] = 1;
         withdrawData.assetIds[0] = 0;
         withdrawData.assetAmounts[0] = stableCollateral;
 
@@ -220,7 +220,7 @@ contract LeveragedActions_Scenario_Test is Scenario_Lending_Test {
         });
 
         depositData.assets[0] = address(mockERC20.token1);
-        depositData.assetTypes[0] = 0;
+        depositData.assetTypes[0] = 1;
         withdrawData.assetIds[0] = 0;
 
         ActionData memory transferFromOwner;
@@ -304,7 +304,7 @@ contract LeveragedActions_Scenario_Test is Scenario_Lending_Test {
         });
 
         withdrawData.assets[0] = address(mockERC20.stable1);
-        withdrawData.assetTypes[0] = 0;
+        withdrawData.assetTypes[0] = 1;
         withdrawData.assetIds[0] = 0;
         withdrawData.assetAmounts[0] = stableCollateral;
 
@@ -316,7 +316,7 @@ contract LeveragedActions_Scenario_Test is Scenario_Lending_Test {
         });
 
         depositData.assets[0] = address(mockERC20.token1);
-        depositData.assetTypes[0] = 0;
+        depositData.assetTypes[0] = 1;
         withdrawData.assetIds[0] = 0;
 
         ActionData memory transferFromOwner;
@@ -429,7 +429,7 @@ contract LeveragedActions_Scenario_Test is Scenario_Lending_Test {
             });
 
             withdrawData.assets[0] = address(mockERC20.stable1);
-            withdrawData.assetTypes[0] = 0;
+            withdrawData.assetTypes[0] = 1;
             withdrawData.assetIds[0] = 0;
             withdrawData.assetAmounts[0] = stableCollateral;
 
@@ -441,7 +441,7 @@ contract LeveragedActions_Scenario_Test is Scenario_Lending_Test {
             });
 
             depositData.assets[0] = address(mockERC20.token1);
-            depositData.assetTypes[0] = 0;
+            depositData.assetTypes[0] = 1;
             withdrawData.assetIds[0] = 0;
 
             ActionData memory transferFromOwner;

diff --git a/test/utils/Extensions.sol b/test/utils/Extensions.sol
@@ -52,6 +52,14 @@ contract LendingPoolExtension is LendingPool {
         LendingPool(riskManager_, asset_, treasury_, account_factory, liquidator_)
     { }
 
+    function getCallbackAccount() public view returns (address callbackAccount_) {
+        callbackAccount_ = callbackAccount;
+    }
+
+    function setCallbackAccount(address callbackAccount_) public {
+        callbackAccount = callbackAccount_;
+    }
+
     function getMaxTotalPenalty() public pure returns (uint256 maxTotalPenalty) {
         maxTotalPenalty = MAX_TOTAL_PENALTY;
     }