Description:
Decentralized Finance (DeFi) protocol contract providing Factory, Oracle functionality.
Blockchain: Ethereum
Source Code: View Code On The Blockchain
Solidity Source Code:
{{
"language": "Solidity",
"sources": {
"src/ParamRegistry.sol": {
"content": "// SPDX-License-Identifier: BUSL-1.1
pragma solidity ^0.8.26;
import {AccessControl} from "@openzeppelin/contracts/access/AccessControl.sol";
import {IParamRegistry} from "./interfaces/IParamRegistry.sol";
import {Errors} from "./libraries/Errors.sol";
import {Constants} from "./common/Constants.sol";
/// @title ParamRegistry
/// @author luoyhang003
/// @notice Centralized registry for protocol parameters, including fee rates,
/// deposit caps, tolerances, and operational flags.
/// @dev Controlled via role-based access and timelocks (D0, D1, D3).
/// Provides getter and setter functions for configuration parameters
/// used across deposit, redemption, and pricing logic.
contract ParamRegistry is IParamRegistry, AccessControl, Constants {
/*//////////////////////////////////////////////////////////////////////////
STATE VARIABLES
//////////////////////////////////////////////////////////////////////////*/
/// @notice Role controlling same-day (D0) parameter changes.
bytes32 public constant D0_TIMELOCK_ROLE = keccak256("D0_TIMELOCK_ROLE");
/// @notice Role controlling 1-day delay (D1) parameter changes.
bytes32 public constant D1_TIMELOCK_ROLE = keccak256("D1_TIMELOCK_ROLE");
/// @notice Role controlling 3-day delay (D3) parameter changes.
bytes32 public constant D3_TIMELOCK_ROLE = keccak256("D3_TIMELOCK_ROLE");
/// @notice Maximum allowed upper deviation in exchange rate (bps).
uint256 public constant EXCHANGE_RATE_MAX_UPPER_DEVIATION_BPS = 200;
/// @notice Maximum allowed lower deviation in exchange rate (bps).
uint256 public constant EXCHANGE_RATE_MAX_LOWER_DEVIATION_BPS = 200;
/// @notice Maximum allowed deviation in stablecoin prices (bps).
uint256 public constant STABLECOIN_PRICE_MAX_DEVIATION_BPS = 500;
/// @notice Maximum allowed deviation in volatile asset prices (bps).
uint256 public constant VOLATILE_ASSET_PRICE_MAX_DEVIATION_BPS = 5000;
/// @notice Minimum interval allowed for price updates.
uint256 public constant PRICE_UPDATE_MIN_INTERVAL = 1 hours;
/// @notice Maximum interval allowed for price updates.
uint256 public constant PRICE_UPDATE_MAX_INTERVAL = 3 days;
/// @notice Maximum validity period for price feeds.
uint256 public constant PRICE_MAX_VALIDITY_DURATION = 7 days;
/// @notice Maximum allowed mint fee rate (bps).
uint256 public constant MAX_MINT_FEE_RATE = 200;
/// @notice Maximum allowed redeem fee rate (bps).
uint256 public constant MAX_REDEEM_FEE_RATE = 200;
/// @notice Current configured upper tolerance for exchange rate deviation.
uint256 private _exchangeRateMaxUpperToleranceBps = 100;
/// @notice Current configured lower tolerance for exchange rate deviation.
uint256 private _exchangeRateMaxLowerToleranceBps = 50;
/// @notice Current configured stablecoin price tolerance.
uint256 private _stablecoinPriceToleranceBps = 30;
/// @notice Current configured volatile asset price tolerance.
uint256 private _volatileAssetPriceToleranceBps = 500;
/// @notice Minimum interval between price updates.
uint256 private _priceUpdateInterval = 6 hours;
/// @notice Maximum validity period for cached price feeds.
uint256 private _price_validity_duration = 3 days;
/// @notice Global cap on total deposits across all assets.
uint256 private _total_deposit_cap = type(uint256).max;
/// @notice Global array length limits.
uint256 private _array_length_limit = 20;
/// @notice Address receiving collected fees.
address private _fee_recipient;
/// @notice Address receiving forfeited assets (treasury).
address private _forfeit_treasury;
/// @notice Mapping of mint fee rates by asset.
mapping(address => uint256) private _mintFeeRate;
/// @notice Mapping of redeem fee rates by asset.
mapping(address => uint256) private _redeemFeeRate;
/// @notice Deposit enablement flags by asset.
mapping(address => bool) private _depositEnabled;
/// @notice Redeem enablement flags by asset.
mapping(address => bool) private _redeemEnabled;
/// @notice Deposit caps for individual assets.
mapping(address => uint256) private _tokenDepositCap;
/*//////////////////////////////////////////////////////////////////////////
CONSTRUCTOR
//////////////////////////////////////////////////////////////////////////*/
/// @notice Deploys the ParamRegistry contract with initial roles and recipients.
/// @param _admin Address to be assigned DEFAULT_ADMIN_ROLE.
/// @param _d0Timelock Address for D0 timelock role (immediate changes).
/// @param _d1Timelock Address for D1 timelock role (delayed changes).
/// @param _d3Timelock Address for D3 timelock role (longer delays).
/// @param _feeRecipient Address to receive protocol fees.
/// @param _forfeitTreasury Address to receive forfeited assets.
/// @dev Ensures none of the provided addresses are zero.
constructor(
address _admin,
address _d0Timelock,
address _d1Timelock,
address _d3Timelock,
address _feeRecipient,
address _forfeitTreasury
) {
if (
_admin == address(0) ||
_d0Timelock == address(0) ||
_d1Timelock == address(0) ||
_d3Timelock == address(0) ||
_feeRecipient == address(0) ||
_forfeitTreasury == address(0)
) revert Errors.ZeroAddress();
_grantRole(DEFAULT_ADMIN_ROLE, _admin);
_grantRole(D0_TIMELOCK_ROLE, _d0Timelock);
_grantRole(D1_TIMELOCK_ROLE, _d1Timelock);
_grantRole(D3_TIMELOCK_ROLE, _d3Timelock);
_fee_recipient = _feeRecipient;
_forfeit_treasury = _forfeitTreasury;
}
/*//////////////////////////////////////////////////////////////////////////
GETTER FUNCTIONS
//////////////////////////////////////////////////////////////////////////*/
/// @notice Returns the current upper tolerance for exchange rate deviation.
function getExchangeRateMaxUpperToleranceBps()
external
view
returns (uint256)
{
return _exchangeRateMaxUpperToleranceBps;
}
/// @notice Returns the current lower tolerance for exchange rate deviation.
function getExchangeRateMaxLowerToleranceBps()
external
view
returns (uint256)
{
return _exchangeRateMaxLowerToleranceBps;
}
/// @notice Returns the current stablecoin price tolerance in bps.
function getStablecoinPriceToleranceBps() external view returns (uint256) {
return _stablecoinPriceToleranceBps;
}
/// @notice Returns the current volatile asset price tolerance in bps.
function getVolatileAssetPriceToleranceBps()
external
view
returns (uint256)
{
return _volatileAssetPriceToleranceBps;
}
/// @notice Returns the minimum interval between price updates.
function getPriceUpdateInterval() external view returns (uint256) {
return _priceUpdateInterval;
}
/// @notice Returns the maximum validity duration of cached prices.
function getPriceValidityDuration() external view returns (uint256) {
return _price_validity_duration;
}
/// @notice Returns the configured mint fee rate for a given asset.
/// @param _asset The address of the asset.
/// @return The mint fee rate in basis points.
function getMintFeeRate(address _asset) external view returns (uint256) {
return _mintFeeRate[_asset];
}
/// @notice Returns the configured redeem fee rate for a given asset.
/// @param _asset The address of the asset.
/// @return The redeem fee rate in basis points.
function getRedeemFeeRate(address _asset) external view returns (uint256) {
return _redeemFeeRate[_asset];
}
/// @notice Returns whether deposits are enabled for a given asset.
/// @param _asset The address of the asset.
/// @return True if deposits are enabled, false otherwise.
function getDepositEnabled(address _asset) external view returns (bool) {
return _depositEnabled[_asset];
}
/// @notice Returns whether redemptions are enabled for a given asset.
/// @param _asset The address of the asset.
/// @return True if redemptions are enabled, false otherwise.
function getRedeemEnabled(address _asset) external view returns (bool) {
return _redeemEnabled[_asset];
}
/// @notice Returns the global deposit cap.
function getTotalDepositCap() external view returns (uint256) {
return _total_deposit_cap;
}
/// @notice Returns the deposit cap for a specific asset.
/// @param _asset The address of the asset.
function getTokenDepositCap(
address _asset
) external view returns (uint256) {
return _tokenDepositCap[_asset];
}
/// @notice Returns the global array length limit.
function getArrayLengthLimit() external view returns (uint256) {
return _array_length_limit;
}
/// @notice Returns the address of the fee recipient.
function getFeeRecipient() external view returns (address) {
return _fee_recipient;
}
/// @notice Returns the address of the forfeited assets treasury.
function getForfeitTreasury() external view returns (address) {
return _forfeit_treasury;
}
/*//////////////////////////////////////////////////////////////////////////
SETTER FUNCTIONS
//////////////////////////////////////////////////////////////////////////*/
/// @notice Updates the maximum upper tolerance for exchange rate deviation.
/// @param _bps New tolerance value in basis points.
/// @dev Only callable by {D0_TIMELOCK_ROLE}.
function setExchangeRateMaxUpperToleranceBps(
uint256 _bps
) external onlyRole(D0_TIMELOCK_ROLE) {
if (_bps > EXCHANGE_RATE_MAX_UPPER_DEVIATION_BPS)
revert Errors.ExceedMaxDeviationBps();
emit SetExchangeRateMaxUpperToleranceBps(
_exchangeRateMaxUpperToleranceBps,
_bps
);
_exchangeRateMaxUpperToleranceBps = _bps;
}
/// @notice Updates the maximum lower tolerance for exchange rate deviation.
/// @param _bps New tolerance value in basis points.
/// @dev Only callable by {D0_TIMELOCK_ROLE}.
function setExchangeRateMaxLowerToleranceBps(
uint256 _bps
) external onlyRole(D0_TIMELOCK_ROLE) {
if (_bps > EXCHANGE_RATE_MAX_LOWER_DEVIATION_BPS)
revert Errors.ExceedMaxDeviationBps();
emit SetExchangeRateMaxLowerToleranceBps(
_exchangeRateMaxLowerToleranceBps,
_bps
);
_exchangeRateMaxLowerToleranceBps = _bps;
}
/// @notice Updates the stablecoin price tolerance.
/// @param _bps New tolerance value in basis points.
/// @dev Only callable by {D0_TIMELOCK_ROLE}.
function setStablecoinPriceToleranceBps(
uint256 _bps
) external onlyRole(D0_TIMELOCK_ROLE) {
if (_bps > STABLECOIN_PRICE_MAX_DEVIATION_BPS)
revert Errors.ExceedMaxDeviationBps();
emit SetStablecoinPriceToleranceBps(_stablecoinPriceToleranceBps, _bps);
_stablecoinPriceToleranceBps = _bps;
}
/// @notice Updates the volatile asset price tolerance.
/// @param _bps New tolerance value in basis points.
/// @dev Only callable by {D0_TIMELOCK_ROLE}.
function setVolatileAssetPriceToleranceBps(
uint256 _bps
) external onlyRole(D0_TIMELOCK_ROLE) {
if (_bps > VOLATILE_ASSET_PRICE_MAX_DEVIATION_BPS)
revert Errors.ExceedMaxDeviationBps();
emit SetVolatileAssetPriceToleranceBps(
_volatileAssetPriceToleranceBps,
_bps
);
_volatileAssetPriceToleranceBps = _bps;
}
/// @notice Updates the minimum price update interval.
/// @param _interval New interval in seconds.
/// @dev Only callable by {D0_TIMELOCK_ROLE}.
function setPriceUpdateInterval(
uint256 _interval
) external onlyRole(D0_TIMELOCK_ROLE) {
if (
_interval < PRICE_UPDATE_MIN_INTERVAL ||
_interval > PRICE_UPDATE_MAX_INTERVAL
) revert Errors.InvalidPriceUpdateInterval();
emit SetPriceUpdateInterval(_priceUpdateInterval, _interval);
_priceUpdateInterval = _interval;
}
/// @notice Updates the validity duration of price feeds.
/// @param _duration New duration in seconds.
/// @dev Only callable by {D1_TIMELOCK_ROLE}.
function setPriceValidityDuration(
uint256 _duration
) external onlyRole(D1_TIMELOCK_ROLE) {
if (_duration == 0) revert Errors.ZeroAmount();
if (_duration > PRICE_MAX_VALIDITY_DURATION)
revert Errors.PriceMaxValidityExceeded();
emit SetPriceValidityDuration(_price_validity_duration, _duration);
_price_validity_duration = _duration;
}
/// @notice Sets the mint fee rate for an asset.
/// @param _asset Address of the asset.
/// @param _rate New fee rate in bps.
/// @dev Only callable by {D0_TIMELOCK_ROLE}.
function setMintFeeRate(
address _asset,
uint256 _rate
) external onlyRole(D0_TIMELOCK_ROLE) {
if (_asset == address(0)) revert Errors.ZeroAddress();
if (_rate > MAX_MINT_FEE_RATE) revert Errors.ExceedMaxMintFeeRate();
emit SetMintFeeRate(_asset, _mintFeeRate[_asset], _rate);
_mintFeeRate[_asset] = _rate;
}
/// @notice Sets the redeem fee rate for an asset.
/// @param _asset Address of the asset.
/// @param _rate New fee rate in bps.
/// @dev Only callable by {D3_TIMELOCK_ROLE}.
function setRedeemFeeRate(
address _asset,
uint256 _rate
) external onlyRole(D3_TIMELOCK_ROLE) {
if (_asset == address(0)) revert Errors.ZeroAddress();
if (_rate > MAX_REDEEM_FEE_RATE) revert Errors.ExceedMaxRedeemFeeRate();
emit SetRedeemFeeRate(_asset, _redeemFeeRate[_asset], _rate);
_redeemFeeRate[_asset] = _rate;
}
/// @notice Enables or disables deposits for an asset.
/// @param _asset Asset address.
/// @param _enabled True to enable, false to disable.
/// @dev Only callable by {D0_TIMELOCK_ROLE}.
function setDepositEnabled(
address _asset,
bool _enabled
) external onlyRole(D0_TIMELOCK_ROLE) {
if (_asset == address(0)) revert Errors.ZeroAddress();
_depositEnabled[_asset] = _enabled;
emit SetDepositEnabled(_asset, _enabled);
}
/// @notice Enables or disables redemption for an asset.
/// @param _asset Asset address.
/// @param _enabled True to enable, false to disable.
/// @dev Only callable by {D3_TIMELOCK_ROLE}.
function setRedeemEnabled(
address _asset,
bool _enabled
) external onlyRole(D3_TIMELOCK_ROLE) {
if (_asset == address(0)) revert Errors.ZeroAddress();
_redeemEnabled[_asset] = _enabled;
emit SetRedeemEnabled(_asset, _enabled);
}
/// @notice Sets the global deposit cap.
/// @param _cap New total deposit cap.
/// @dev Only callable by {D0_TIMELOCK_ROLE}.
function setTotalDepositCap(
uint256 _cap
) external onlyRole(D0_TIMELOCK_ROLE) {
emit SetTotalDepositCap(_total_deposit_cap, _cap);
_total_deposit_cap = _cap;
}
/// @notice Sets the deposit cap for a specific asset.
/// @param _asset Asset address.
/// @param _cap New cap value.
/// @dev Only callable by {D0_TIMELOCK_ROLE}.
function setTokenDepositCap(
address _asset,
uint256 _cap
) external onlyRole(D0_TIMELOCK_ROLE) {
if (_asset == address(0)) revert Errors.ZeroAddress();
emit SetTokenDepositCap(_asset, _tokenDepositCap[_asset], _cap);
_tokenDepositCap[_asset] = _cap;
}
/// @notice Sets global array length limit.
/// @param _limit New limit.
/// @dev Only callable by {D0_TIMELOCK_ROLE}.
function setArrayLengthLimit(
uint256 _limit
) external onlyRole(D0_TIMELOCK_ROLE) {
if (_limit == 0) revert Errors.ZeroAmount();
emit SetArrayLengthLimit(_array_length_limit, _limit);
_array_length_limit = _limit;
}
/// @notice Updates the fee recipient address.
/// @param _feeRecipient New recipient address.
/// @dev Only callable by {D0_TIMELOCK_ROLE}.
function setFeeRecipient(
address _feeRecipient
) external onlyRole(D0_TIMELOCK_ROLE) {
if (_feeRecipient == address(0)) revert Errors.ZeroAddress();
emit SetFeeRecipient(_fee_recipient, _feeRecipient);
_fee_recipient = _feeRecipient;
}
/// @notice Updates the forfeited assets treasury address.
/// @param _forfeitTreasury New treasury address.
/// @dev Only callable by {D0_TIMELOCK_ROLE}.
function setForfeitTreasury(
address _forfeitTreasury
) external onlyRole(D0_TIMELOCK_ROLE) {
if (_forfeitTreasury == address(0)) revert Errors.ZeroAddress();
emit SetForfeitTreasury(_forfeit_treasury, _forfeitTreasury);
_forfeit_treasury = _forfeitTreasury;
}
}
"
},
"lib/openzeppelin-contracts/contracts/access/AccessControl.sol": {
"content": "// SPDX-License-Identifier: MIT
// OpenZeppelin Contracts (last updated v5.4.0) (access/AccessControl.sol)
pragma solidity ^0.8.20;
import {IAccessControl} from "./IAccessControl.sol";
import {Context} from "../utils/Context.sol";
import {IERC165, ERC165} from "../utils/introspection/ERC165.sol";
/**
* @dev Contract module that allows children to implement role-based access
* control mechanisms. This is a lightweight version that doesn't allow enumerating role
* members except through off-chain means by accessing the contract event logs. Some
* applications may benefit from on-chain enumerability, for those cases see
* {AccessControlEnumerable}.
*
* Roles are referred to by their `bytes32` identifier. These should be exposed
* in the external API and be unique. The best way to achieve this is by
* using `public constant` hash digests:
*
* ```solidity
* bytes32 public constant MY_ROLE = keccak256("MY_ROLE");
* ```
*
* Roles can be used to represent a set of permissions. To restrict access to a
* function call, use {hasRole}:
*
* ```solidity
* function foo() public {
* require(hasRole(MY_ROLE, msg.sender));
* ...
* }
* ```
*
* Roles can be granted and revoked dynamically via the {grantRole} and
* {revokeRole} functions. Each role has an associated admin role, and only
* accounts that have a role's admin role can call {grantRole} and {revokeRole}.
*
* By default, the admin role for all roles is `DEFAULT_ADMIN_ROLE`, which means
* that only accounts with this role will be able to grant or revoke other
* roles. More complex role relationships can be created by using
* {_setRoleAdmin}.
*
* WARNING: The `DEFAULT_ADMIN_ROLE` is also its own admin: it has permission to
* grant and revoke this role. Extra precautions should be taken to secure
* accounts that have been granted it. We recommend using {AccessControlDefaultAdminRules}
* to enforce additional security measures for this role.
*/
abstract contract AccessControl is Context, IAccessControl, ERC165 {
struct RoleData {
mapping(address account => bool) hasRole;
bytes32 adminRole;
}
mapping(bytes32 role => RoleData) private _roles;
bytes32 public constant DEFAULT_ADMIN_ROLE = 0x00;
/**
* @dev Modifier that checks that an account has a specific role. Reverts
* with an {AccessControlUnauthorizedAccount} error including the required role.
*/
modifier onlyRole(bytes32 role) {
_checkRole(role);
_;
}
/// @inheritdoc IERC165
function supportsInterface(bytes4 interfaceId) public view virtual override returns (bool) {
return interfaceId == type(IAccessControl).interfaceId || super.supportsInterface(interfaceId);
}
/**
* @dev Returns `true` if `account` has been granted `role`.
*/
function hasRole(bytes32 role, address account) public view virtual returns (bool) {
return _roles[role].hasRole[account];
}
/**
* @dev Reverts with an {AccessControlUnauthorizedAccount} error if `_msgSender()`
* is missing `role`. Overriding this function changes the behavior of the {onlyRole} modifier.
*/
function _checkRole(bytes32 role) internal view virtual {
_checkRole(role, _msgSender());
}
/**
* @dev Reverts with an {AccessControlUnauthorizedAccount} error if `account`
* is missing `role`.
*/
function _checkRole(bytes32 role, address account) internal view virtual {
if (!hasRole(role, account)) {
revert AccessControlUnauthorizedAccount(account, role);
}
}
/**
* @dev Returns the admin role that controls `role`. See {grantRole} and
* {revokeRole}.
*
* To change a role's admin, use {_setRoleAdmin}.
*/
function getRoleAdmin(bytes32 role) public view virtual returns (bytes32) {
return _roles[role].adminRole;
}
/**
* @dev Grants `role` to `account`.
*
* If `account` had not been already granted `role`, emits a {RoleGranted}
* event.
*
* Requirements:
*
* - the caller must have ``role``'s admin role.
*
* May emit a {RoleGranted} event.
*/
function grantRole(bytes32 role, address account) public virtual onlyRole(getRoleAdmin(role)) {
_grantRole(role, account);
}
/**
* @dev Revokes `role` from `account`.
*
* If `account` had been granted `role`, emits a {RoleRevoked} event.
*
* Requirements:
*
* - the caller must have ``role``'s admin role.
*
* May emit a {RoleRevoked} event.
*/
function revokeRole(bytes32 role, address account) public virtual onlyRole(getRoleAdmin(role)) {
_revokeRole(role, account);
}
/**
* @dev Revokes `role` from the calling account.
*
* Roles are often managed via {grantRole} and {revokeRole}: this function's
* purpose is to provide a mechanism for accounts to lose their privileges
* if they are compromised (such as when a trusted device is misplaced).
*
* If the calling account had been revoked `role`, emits a {RoleRevoked}
* event.
*
* Requirements:
*
* - the caller must be `callerConfirmation`.
*
* May emit a {RoleRevoked} event.
*/
function renounceRole(bytes32 role, address callerConfirmation) public virtual {
if (callerConfirmation != _msgSender()) {
revert AccessControlBadConfirmation();
}
_revokeRole(role, callerConfirmation);
}
/**
* @dev Sets `adminRole` as ``role``'s admin role.
*
* Emits a {RoleAdminChanged} event.
*/
function _setRoleAdmin(bytes32 role, bytes32 adminRole) internal virtual {
bytes32 previousAdminRole = getRoleAdmin(role);
_roles[role].adminRole = adminRole;
emit RoleAdminChanged(role, previousAdminRole, adminRole);
}
/**
* @dev Attempts to grant `role` to `account` and returns a boolean indicating if `role` was granted.
*
* Internal function without access restriction.
*
* May emit a {RoleGranted} event.
*/
function _grantRole(bytes32 role, address account) internal virtual returns (bool) {
if (!hasRole(role, account)) {
_roles[role].hasRole[account] = true;
emit RoleGranted(role, account, _msgSender());
return true;
} else {
return false;
}
}
/**
* @dev Attempts to revoke `role` from `account` and returns a boolean indicating if `role` was revoked.
*
* Internal function without access restriction.
*
* May emit a {RoleRevoked} event.
*/
function _revokeRole(bytes32 role, address account) internal virtual returns (bool) {
if (hasRole(role, account)) {
_roles[role].hasRole[account] = false;
emit RoleRevoked(role, account, _msgSender());
return true;
} else {
return false;
}
}
}
"
},
"src/interfaces/IParamRegistry.sol": {
"content": "// SPDX-License-Identifier: BUSL-1.1
pragma solidity ^0.8.26;
/// @title IParamRegistry
/// @author luoyhang003
/// @notice Interface for the protocol parameter registry contract.
/// @dev
/// - Defines key protocol configuration parameters such as fee rates, deposit caps,
/// price tolerances, and critical role-restricted settings.
/// - Provides events for tracking parameter updates to ensure transparency and auditability.
/// - Exposes getter functions for external contracts to query configuration values,
/// and (in the implementing contract) setter functions protected by timelock roles.
/// - Used as the central source of truth for system-wide configuration and policy enforcement.
interface IParamRegistry {
/*//////////////////////////////////////////////////////////////////////////
EVENTS
//////////////////////////////////////////////////////////////////////////*/
/// @notice Emitted when the maximum upper tolerance for exchange rate deviation is updated.
/// @param oldVal Previous tolerance value in basis points.
/// @param newVal New tolerance value in basis points.
event SetExchangeRateMaxUpperToleranceBps(uint256 oldVal, uint256 newVal);
/// @notice Emitted when the maximum lower tolerance for exchange rate deviation is updated.
/// @param oldVal Previous tolerance value in basis points.
/// @param newVal New tolerance value in basis points.
event SetExchangeRateMaxLowerToleranceBps(uint256 oldVal, uint256 newVal);
/// @notice Emitted when the stablecoin price tolerance is updated.
/// @param oldVal Previous tolerance value in basis points.
/// @param newVal New tolerance value in basis points.
event SetStablecoinPriceToleranceBps(uint256 oldVal, uint256 newVal);
/// @notice Emitted when the volatile asset price tolerance is updated.
/// @param oldVal Previous tolerance value in basis points.
/// @param newVal New tolerance value in basis points.
event SetVolatileAssetPriceToleranceBps(uint256 oldVal, uint256 newVal);
/// @notice Emitted when the minimum price update interval is updated.
/// @param oldVal Previous interval value in seconds.
/// @param newVal New interval value in seconds.
event SetPriceUpdateInterval(uint256 oldVal, uint256 newVal);
/// @notice Emitted when the maximum price validity duration is updated.
/// @param oldVal Previous duration value in seconds.
/// @param newVal New duration value in seconds.
event SetPriceValidityDuration(uint256 oldVal, uint256 newVal);
/// @notice Emitted when the mint fee rate for a specific asset is updated.
/// @param asset The address of the asset.
/// @param oldRate Previous mint fee rate in basis points.
/// @param newRate New mint fee rate in basis points.
event SetMintFeeRate(
address indexed asset,
uint256 oldRate,
uint256 newRate
);
/// @notice Emitted when the redeem fee rate for a specific asset is updated.
/// @param asset The address of the asset.
/// @param oldRate Previous redeem fee rate in basis points.
/// @param newRate New redeem fee rate in basis points.
event SetRedeemFeeRate(
address indexed asset,
uint256 oldRate,
uint256 newRate
);
/// @notice Emitted when deposit enablement is updated for a specific asset.
/// @param asset The address of the asset.
/// @param enabled True if deposits are enabled, false otherwise.
event SetDepositEnabled(address indexed asset, bool enabled);
/// @notice Emitted when redemption enablement is updated for a specific asset.
/// @param asset The address of the asset.
/// @param enabled True if redemptions are enabled, false otherwise.
event SetRedeemEnabled(address indexed asset, bool enabled);
/// @notice Emitted when the global deposit cap is updated.
/// @param oldVal Previous global deposit cap.
/// @param newVal New global deposit cap.
event SetTotalDepositCap(uint256 oldVal, uint256 newVal);
/// @notice Emitted when the deposit cap for a specific asset is updated.
/// @param asset The address of the asset.
/// @param oldVal Previous cap value.
/// @param newVal New cap value.
event SetTokenDepositCap(
address indexed asset,
uint256 oldVal,
uint256 newVal
);
/// @notice Emitted when the global array length limit is updated.
/// @param oldVal Previous limit value.
/// @param newVal New limit value.
event SetArrayLengthLimit(uint256 oldVal, uint256 newVal);
/// @notice Emitted when the fee recipient address is updated.
/// @param oldVal Previous fee recipient address.
/// @param newVal New fee recipient address.
event SetFeeRecipient(address oldVal, address newVal);
/// @notice Emitted when the forfeited assets treasury address is updated.
/// @param oldVal Previous treasury address.
/// @param newVal New treasury address.
event SetForfeitTreasury(address oldVal, address newVal);
/*//////////////////////////////////////////////////////////////////////////
VIEW FUNCTIONS
//////////////////////////////////////////////////////////////////////////*/
/// @notice Returns the current upper tolerance for exchange rate deviation.
function getExchangeRateMaxUpperToleranceBps()
external
view
returns (uint256);
/// @notice Returns the current lower tolerance for exchange rate deviation.
function getExchangeRateMaxLowerToleranceBps()
external
view
returns (uint256);
/// @notice Returns the current stablecoin price tolerance in bps.
function getStablecoinPriceToleranceBps() external view returns (uint256);
/// @notice Returns the current volatile asset price tolerance in bps.
function getVolatileAssetPriceToleranceBps()
external
view
returns (uint256);
/// @notice Returns the minimum interval between price updates.
function getPriceUpdateInterval() external view returns (uint256);
/// @notice Returns the maximum validity duration of cached prices.
function getPriceValidityDuration() external view returns (uint256);
/// @notice Returns the configured mint fee rate for a given asset.
/// @param _asset The address of the asset.
/// @return The mint fee rate in basis points.
function getMintFeeRate(address _asset) external view returns (uint256);
/// @notice Returns the configured redeem fee rate for a given asset.
/// @param _asset The address of the asset.
/// @return The redeem fee rate in basis points.
function getRedeemFeeRate(address _asset) external view returns (uint256);
/// @notice Returns whether deposits are enabled for a given asset.
/// @param _asset The address of the asset.
/// @return True if deposits are enabled, false otherwise.
function getDepositEnabled(address _asset) external view returns (bool);
/// @notice Returns whether redemptions are enabled for a given asset.
/// @param _asset The address of the asset.
/// @return True if redemptions are enabled, false otherwise.
function getRedeemEnabled(address _asset) external view returns (bool);
/// @notice Returns the global deposit cap.
function getTotalDepositCap() external view returns (uint256);
/// @notice Returns the deposit cap for a specific asset.
/// @param _asset The address of the asset.
function getTokenDepositCap(address _asset) external view returns (uint256);
/// @notice Returns the global array length limit.
function getArrayLengthLimit() external view returns (uint256);
/// @notice Returns the address of the fee recipient.
function getFeeRecipient() external view returns (address);
/// @notice Returns the address of the forfeited assets treasury.
function getForfeitTreasury() external view returns (address);
}
"
},
"src/libraries/Errors.sol": {
"content": "// SPDX-License-Identifier: BUSL-1.1
pragma solidity ^0.8.26;
/// @title Errors Library
/// @author luoyhang003
/// @notice Centralized custom errors for all contracts in the protocol.
/// @dev Each error saves gas compared to revert strings. The @dev comment
/// also includes the corresponding 4-byte selector for debugging
/// and off-chain tooling.
library Errors {
/*//////////////////////////////////////////////////////////////////////////
GENERAL
//////////////////////////////////////////////////////////////////////////*/
/// @notice Thrown when array lengths do not match or are zero.
/// @dev Selector: 0x9d89020a
error InvalidArrayLength();
/// @notice Thrown when a provided address is zero.
/// @dev Selector: 0xd92e233d
error ZeroAddress();
/// @notice Thrown when a provided amount is zero.
/// @dev Selector: 0x1f2a2005
error ZeroAmount();
/// @notice Thrown when an index is out of bounds.
/// @dev Selector: 0x4e23d035
error IndexOutOfBounds();
/// @notice Thrown when a user is not whitelisted but tries to interact.
/// @dev Selector: 0x2ba75b25
error UserNotWhitelisted();
/// @notice Thrown when a token has invalid decimals (e.g., >18).
/// @dev Selector: 0xd25598a0
error InvalidDecimals();
/// @notice Thrown when an asset is not supported.
/// @dev Selector: 0x24a01144
error UnsupportedAsset();
/// @notice Thrown when trying to add an already added asset.
/// @dev Selector: 0x5ed26801
error AssetAlreadyAdded();
/// @notice Thrown when trying to remove an asset that was already removed.
/// @dev Selector: 0x422afd8f
error AssetAlreadyRemoved();
/// @notice Thrown when a common token address conflict with the vault token address.
/// @dev Selector: 0x8a7ea521
error ConflictiveToken();
/// @notice Thrown when an array is reach to the length limit.
/// @dev Selector: 0x951becfa
error ExceedArrayLengthLimit();
/*//////////////////////////////////////////////////////////////////////////
Token.sol
//////////////////////////////////////////////////////////////////////////*/
/// @notice Thrown when transfer is attempted by/for a blacklisted address.
/// @dev Selector: 0x6554e8c5
error TransferBlacklisted();
/*//////////////////////////////////////////////////////////////////////////
DepositVault.sol
//////////////////////////////////////////////////////////////////////////*/
/// @notice Thrown when deposits are paused.
/// @dev Selector: 0x35edea30
error DepositPaused();
/// @notice Thrown when a deposit exceeds per-token deposit cap.
/// @dev Selector: 0xcc60dc5b
error ExceedTokenDepositCap();
/// @notice Thrown when a deposit exceeds global deposit cap.
/// @dev Selector: 0x5054f250
error ExceedTotalDepositCap();
/// @notice Thrown when minting results in zero shares.
/// @dev Selector: 0x1d31001e
error MintZeroShare();
/// @notice Thrown when attempting to deposit zero assets.
/// @dev Selector: 0xd69b89cc
error DepositZeroAsset();
/// @notice Thrown when the oracle for an asset is invalid or missing.
/// @dev Selector: 0x9589a27d
error InvalidOracle();
/*//////////////////////////////////////////////////////////////////////////
WithdrawController.sol
//////////////////////////////////////////////////////////////////////////*/
/// @notice Thrown when withdrawals are paused.
/// @dev Selector: 0xe0a39803
error WithdrawPaused();
/// @notice Thrown when attempting to request withdrawal of zero shares.
/// @dev Selector: 0xef9c351b
error RequestZeroShare();
/// @notice Thrown when a withdrawal receipt has invalid status for the operation.
/// @dev Selector: 0x3bb3ba88
error InvalidReceiptStatus();
/// @notice Thrown when a caller is not the original withdrawal requester.
/// @dev Selector: 0xe39da59e
error NotRequester();
/// @notice Thrown when a caller is blacklisted.
/// @dev Selector: 0x473250af
error UserBlacklisted();
/*//////////////////////////////////////////////////////////////////////////
AssetsRouter.sol
//////////////////////////////////////////////////////////////////////////*/
/// @notice Thrown when a recipient is already added.
/// @dev Selector: 0xce2c4eb3
error RecipientAlreadyAdded();
/// @notice Thrown when a recipient is already removed.
/// @dev Selector: 0x1c7dcc84
error RecipientAlreadyRemoved();
/// @notice Thrown when attempting to set auto-route to its current state.
/// @dev Selector: 0xdf2e473d
error InvalidRouteEnabledStatus();
/// @notice Thrown when a non-registered recipient is used.
/// @dev Selector: 0xf29851db
error NotRouterRecipient();
/// @notice Thrown when attempting to remove the currently active recipient.
/// @dev Selector: 0xa453bd1b
error RemoveActiveRouter();
/// @notice Thrown when attempting to manual route the asstes when auto route is enabled.
/// @dev Selector: 0x92d56bf7
error AutoRouteEnabled();
/// @notice Thrown when setting the same router address.
/// @dev Selector: 0x23b920b6
error SameRouterAddress();
/*//////////////////////////////////////////////////////////////////////////
AccessRegistry.sol
//////////////////////////////////////////////////////////////////////////*/
/// @notice Thrown when trying to blacklist an already blacklisted user.
/// @dev Selector: 0xf53de75f
error AlreadyBlacklisted();
/// @notice Thrown when trying to whitelist an already whitelisted user.
/// @dev Selector: 0xb73e95e1
error AlreadyWhitelisted();
/// @notice Reverts when the requested state matches the current state.
/// @dev Selector: 0x3fbc93f3
error AlreadyInSameState();
/*//////////////////////////////////////////////////////////////////////////
OracleRegister.sol
//////////////////////////////////////////////////////////////////////////*/
/// @notice Thrown when an oracle is already registered for an asset.
/// @dev Selector: 0x652a449e
error OracleAlreadyAdded();
/// @notice Thrown when an oracle does not exist for an asset.
/// @dev Selector: 0x4dca4f7d
error OracleNotExist();
/// @notice Thrown when price deviation exceeds maximum allowed.
/// @dev Selector: 0x8774ad87
error ExceedMaxDeviation();
/// @notice Thrown when price updates are attempted too frequently.
/// @dev Selector: 0x8f46908a
error PriceUpdateTooFrequent();
/// @notice Thrown when a price validity period has expired.
/// @dev Selector: 0x7c9d063a
error PriceValidityExpired();
/// @notice Thrown when a price is zero.
/// @dev Selector: 0x10256287
error InvalidZeroPrice();
/*//////////////////////////////////////////////////////////////////////////
ParamRegister.sol
//////////////////////////////////////////////////////////////////////////*/
/// @notice Thrown when tolerance basis points exceed maximum deviation.
/// @dev Selector: 0xb8d855e2
error ExceedMaxDeviationBps();
/// @notice Thrown when price update interval is invalid.
/// @dev Selector: 0xfff67f52
error InvalidPriceUpdateInterval();
/// @notice Thrown when price validity duration exceeds allowed maximum.
/// @dev Selector: 0x6eca7e24
error PriceMaxValidityExceeded();
/// @notice Thrown when mint fee rate exceeds maximum allowed.
/// @dev Selector: 0x8f59faf8
error ExceedMaxMintFeeRate();
/// @notice Thrown when redeem fee rate exceeds maximum allowed.
/// @dev Selector: 0x86871089
error ExceedMaxRedeemFeeRate();
/*//////////////////////////////////////////////////////////////////////////
ChainlinkOracleFeed.sol
//////////////////////////////////////////////////////////////////////////*/
/// @notice Thrown when a reported price is invalid.
/// @dev Selector: 0x00bfc921
error InvalidPrice();
/// @notice Thrown when a reported price is stale.
/// @dev Selector: 0x19abf40e
error StalePrice();
/// @notice Thrown when a Chainlink round is incomplete.
/// @dev Selector: 0x8ad52bdd
error IncompleteRound();
}
"
},
"src/common/Constants.sol": {
"content": "// SPDX-License-Identifier: MIT
pragma solidity ^0.8.26;
/// @title Constants
/// @author luoyhang003
/// @notice Provides commonly used mathematical and configuration constants
/// @dev Designed to be inherited by other contracts that require fixed values
abstract contract Constants {
/// @notice Scaling factor for 18-decimal precision (commonly used in ERC20 tokens)
/// @dev Equal to 10^18
uint256 internal constant D18 = 1e18;
/// @notice Scaling factor for 6-decimal precision
/// @dev Equal to 10^6
uint256 internal constant D6 = 1e6;
/// @notice Default number of decimals used for calculations
/// @dev Typically corresponds to 18-decimal precision
uint256 internal constant BASE_DECIMALS = 18;
/// @notice Denominator used for fee calculations
/// @dev Basis point system: denominator = 10,000 (e.g., 100 = 1%)
uint256 internal constant FEE_DENOMINATOR = 1e4;
/// @notice Denominator for basis points calculations (10000 = 100%)
/// @dev Basis point system: denominator = 10,000 (e.g., 100 = 1%)
uint256 internal constant BPS_DENOMINATOR = 1e4;
/// @notice Initial exchange price for tokenized vault lp
/// @dev Set to 1 * 10^18 (represents a price of 1.0 in 18 decimals)
uint256 internal constant INIT_EXCHANGE_PRICE = 1e18;
/// @notice The base reference price for a stablecoin, normalized to 18 decimals.
/// @dev Set to 1 * 10^18 (represents a price of 1.0 in 18 decimals)
uint256 internal constant STABLECOIN_BASE_PRICE = 1e18;
}
"
},
"lib/openzeppelin-contracts/contracts/access/IAccessControl.sol": {
"content": "// SPDX-License-Identifier: MIT
// OpenZeppelin Contracts (last updated v5.4.0) (access/IAccessControl.sol)
pragma solidity >=0.8.4;
/**
* @dev External interface of AccessControl declared to support ERC-165 detection.
*/
interface IAccessControl {
/**
* @dev The `account` is missing a role.
*/
error AccessControlUnauthorizedAccount(address account, bytes32 neededRole);
/**
* @dev The caller of a function is not the expected one.
*
* NOTE: Don't confuse with {AccessControlUnauthorizedAccount}.
*/
error AccessControlBadConfirmation();
/**
* @dev Emitted when `newAdminRole` is set as ``role``'s admin role, replacing `previousAdminRole`
*
* `DEFAULT_ADMIN_ROLE` is the starting admin for all roles, despite
* {RoleAdminChanged} not being emitted to signal this.
*/
event RoleAdminChanged(bytes32 indexed role, bytes32 indexed previousAdminRole, bytes32 indexed newAdminRole);
/**
* @dev Emitted when `account` is granted `role`.
*
* `sender` is the account that originated the contract call. This account bears the admin role (for the granted role).
* Expected in cases where the role was granted using the internal {AccessControl-_grantRole}.
*/
event RoleGranted(bytes32 indexed role, address indexed account, address indexed sender);
/**
* @dev Emitted when `account` is revoked `role`.
*
* `sender` is the account that originated the contract call:
* - if using `revokeRole`, it is the admin role bearer
* - if using `renounceRole`, it is the role bearer (i.e. `account`)
*/
event RoleRevoked(bytes32 indexed role, address indexed account, address indexed sender);
/**
* @dev Returns `true` if `account` has been granted `role`.
*/
function hasRole(bytes32 role, address account) external view returns (bool);
/**
* @dev Returns the admin role that controls `role`. See {grantRole} and
* {revokeRole}.
*
* To change a role's admin, use {AccessControl-_setRoleAdmin}.
*/
function getRoleAdmin(bytes32 role) external view returns (bytes32);
/**
* @dev Grants `role` to `account`.
*
* If `account` had not been already granted `role`, emits a {RoleGranted}
* event.
*
* Requirements:
*
* - the caller must have ``role``'s admin role.
*/
function grantRole(bytes32 role, address account) external;
/**
* @dev Revokes `role` from `account`.
*
* If `account` had been granted `role`, emits a {RoleRevoked} event.
*
* Requirements:
*
* - the caller must have ``role``'s admin role.
*/
function revokeRole(bytes32 role, address account) external;
/**
* @dev Revokes `role` from the calling account.
*
* Roles are often managed via {grantRole} and {revokeRole}: this function's
* purpose is to provide a mechanism for accounts to lose their privileges
* if they are compromised (such as when a trusted device is misplaced).
*
* If the calling account had been granted `role`, emits a {RoleRevoked}
* event.
*
* Requirements:
*
* - the caller must be `callerConfirmation`.
*/
function renounceRole(bytes32 role, address callerConfirmation) external;
}
"
},
"lib/openzeppelin-contracts/contracts/utils/Context.sol": {
"content": "// SPDX-License-Identifier: MIT
// OpenZeppelin Contracts (last updated v5.0.1) (utils/Context.sol)
pragma solidity ^0.8.20;
/**
* @dev Provides information about the current execution context, including the
* sender of the transaction and its data. While these are generally available
* via msg.sender and msg.data, they should not be accessed in such a direct
* manner, since when dealing with meta-transactions the account sending and
* paying for execution may not be the actual sender (as far as an application
* is concerned).
*
* This contract is only required for intermediate, library-like contracts.
*/
abstract contract Context {
function _msgSender() internal view virtual returns (address) {
return msg.sender;
}
function _msgData() internal view virtual returns (bytes calldata) {
return msg.data;
}
function _contextSuffixLength() internal view virtual returns (uint256) {
return 0;
}
}
"
},
"lib/openzeppelin-contracts/contracts/utils/introspection/ERC165.sol": {
"content": "// SPDX-License-Identifier: MIT
// OpenZeppelin Contracts (last updated v5.4.0) (utils/introspection/ERC165.sol)
pragma solidity ^0.8.20;
import {IERC165} from "./IERC165.sol";
/**
* @dev Implementation of the {IERC165} interface.
*
* Contracts that want to implement ERC-165 should inherit from this contract and override {supportsInterface} to check
* for the additional interface id that will be supported. For example:
*
* ```solidity
* function supportsInterface(bytes4 interfaceId) public view virtual override returns (bool) {
* return interfaceId == type(MyInterface).interfaceId || super.supportsInterface(interfaceId);
* }
* ```
*/
abstract contract ERC165 is IERC165 {
/// @inheritdoc IERC165
function supportsInterface(bytes4 interfaceId) public view virtual returns (bool) {
return interfaceId == type(IERC165).interfaceId;
}
}
"
},
"lib/openzeppelin-contracts/contracts/utils/introspection/IERC165.sol": {
"content": "// SPDX-License-Identifier: MIT
// OpenZeppelin Contracts (last updated v5.4.0) (utils/introspection/IERC165.sol)
pragma solidity >=0.4.16;
/**
* @dev Interface of the ERC-165 standard, as defined in the
* https://eips.ethereum.org/EIPS/eip-165[ERC].
*
* Implementers can declare support of contract interfaces, which can then be
* queried by others ({ERC165Checker}).
*
* For an implementation, see {ERC165}.
*/
interface IERC165 {
/**
* @dev Returns true if this contract implements the interface defined by
* `interfaceId`. See the corresponding
* https://eips.ethereum.org/EIPS/eip-165#how-interfaces-are-identified[ERC section]
* to learn more about how these ids are created.
*
* This function call must use less than 30 000 gas.
*/
function supportsInterface(bytes4 interfaceId) external view returns (bool);
}
"
}
},
"settings": {
"remappings": [
"@uniswap/v3-periphery/contracts/=lib/v3-periphery/contracts/",
"@chainlink/contracts/src/v0.8/=lib/chainlink-evm/contracts/src/v0.8/shared/",
"@openzeppelin/contracts/=lib/openzeppelin-contracts/contracts/",
"chainlink-evm/=lib/chainlink-evm/",
"erc4626-tests/=lib/openzeppelin-contracts/lib/erc4626-tests/",
"forge-std/=lib/forge-std/src/",
"halmos-cheatcodes/=lib/openzeppelin-contracts/lib/halmos-cheatcodes/src/",
"openzeppelin-contracts/=lib/openzeppelin-contracts/",
"v3-periphery/=lib/v3-periphery/contracts/"
],
"optimizer": {
"enabled": false,
"runs": 200
},
"metadata": {
"useLiteralContent": false,
"bytecodeHash": "ipfs",
"appendCBOR": true
},
"outputSelection": {
"*": {
"*": [
"evm.bytecode",
"evm.deployedBytecode",
"devdoc",
"userdoc",
"metadata",
"abi"
]
}
},
"evmVersion": "cancun",
"viaIR": false
}
}}Submitted on: 2025-10-23 16:39:11
Comments
Log in to comment.
No comments yet.