-
Notifications
You must be signed in to change notification settings - Fork 329
Commit
This commit does not belong to any branch on this repository, and may belong to a fork outside of the repository.
fix: refactor (#801) * fix: refactor * default was history * reline * rename rename test: generally compiling + AVSM unit tests compiling chore: forge fmt src/contracts add events, fix bugs, abstract better (#806) * fix bugs, add events, cleanup * wrap conditional * fmt * only one slash per timestamp test(wip): generally compiling update docs (#804) fix: revert change to event feat: am refactor add to wads to slash cleanup refactor: change totalMagnitude to maxMagnitude * condense slashOperator params * some struct field renaming remove unused eigenpod storage chore: storage report (#809) * chore: storage report * patch eigenpod --------- Co-authored-by: gpsanant <gpsanant@gmail.com> feat: eip712 fixes (#808) * feat: use OZ SignatureChecker * feat: add `SignatureUtils` mixin * refactor: cleanup * feat: make storage report * storage report --------- Co-authored-by: gpsanant <gpsanant@gmail.com> test: slashing tests passing (#812) fix: merge issues update events refactor: rename total magnitudes to max magnitudes * various formatting and cleanup * standardize allocation manager getter functions * update and improve commenting refactor: reorder functions to match interface fix: remove memory overwrite bug in delegation manager chore: forge fmt refactor: clean up getDepositedShare logic chore: remove old oz + forge update foundry-rs/forge-std feat: replace getSlashableMagnitudes with general purpose allocation info query Feat: SM/StrategyBase Unit Tests + Formatting (#813) refactor: delegation manager refactors test: AllocationManager progress feat: change event names feat: update doc fix: compile test: AllocationManager progress fix: tests progress add Strategy <> OperatorSet mapping in storage, and APIs and events (#814) * feat: add strategy to operator set mapping with corresponding functions and events * fix: update * fix: remove pagination of getStrategiesInOperatorSet * fix: update * fix: compiles * fix: add checks * fix: address -> IStrategy * fix: storage gap --------- Co-authored-by: gpsanant <gpsanant@gmail.com> Slashing: DM Happy Path Test Cases (#815) * test: basic dm tests * test: start on share increase/decrease delegated shares tests * test: add DM unit tests passing except queue/complete * test: undelegate tests * test: queue withdrawals * test: completed DM happy path test cases * fix: compilation, rebase errors * chore: format Add view funcs (#816) * fix: add new view funcs * fix: update docs test: fix avsD tests (#817) chore: format fix: from scratch deploy feat: add shares to slashing event Slashing: Modify Allocations Happy Path Tests (#821) * refactor: add test contract per func * test: modify allocations * chore: format slashing: allocation delay happy path tests (#822) feat: wadSlashed (#820) Slashing: Clear Modification Queue Happy Path Tests (#823) test: basic allocation tests (#824) feat: inheritdoc refactor: alm test cleanup test: multiple allocations, only one slashed test: one pending alloc, slash test: revert bound refactor so tests pass Slashing: Add additional happy path AM test cases (#828) * test: happy path AM tests * chore: format Slashing: Get all tests passing (#829) * test: all tests passing * fix: mainnet integration test comment out Fix misset storage gaps (#831) * fix: misset storage gaps from #814 * fix: update gap to account for previous refactor fix: update coverage yml name (#833) Fix: Single Deallocation Queue (#827) * test: base regression * test: regression * fix: remove console * test: logs * test: add actual regression * fix: use a single deallocation queue * fix: comments * refactor: use deallocation queue everywhere * fix: address test comments * fix: test comment Feat: Update legacy withdrawal timestamp param to legacy withdrawal check (#836) * fix: make comment on timestamp clearer * chore: format Feat: Public Devnet Deploy (#838) * feat: slashing public devnet * fix: filepath * test: validation * fix: add test * fix: test
- Loading branch information
Showing
116 changed files
with
9,579 additions
and
6,895 deletions.
There are no files selected for viewing
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| Original file line number | Diff line number | Diff line change |
|---|---|---|
| @@ -0,0 +1,145 @@ | ||
| # AVSDirectory | ||
|
|
||
| ## Overview | ||
|
|
||
| The AVSDirectory contract is where registration relationships are defined between AVSs, operatorSets, and operators. Registration and deregistration are used in the protocol to activate and deactivate slashable stake allocations. They're also used to make the protocol more legible to external integrations. | ||
|
|
||
| The slashing release introduces the concept of operatorSets, which are simply an (address, uint32) pair that the define an AVS and an operator set ID. OperatorSets are used to group operators by different tasks and sets of tokens. For example, EigenDA has an ETH/LST operatorSet and an Eigen operatorSet. A bridge may have on operatorSet for all operators that serve a particular chain. Overall, operatorSets are mainly used for protocol legibility. | ||
|
|
||
| Functionality is provided for AVSs to migrate from an pre-operatorSet registration model to an operatorSet model. Direct to AVS registration is still supported for AVSs that have not migrated to the operatorSet model, but is slated to be deprecated soon in the future. | ||
|
|
||
| ## `becomeOperatorSetAVS` | ||
| ```solidity | ||
| /** | ||
| * @notice Sets the AVS as an operator set AVS, preventing legacy M2 operator registrations. | ||
| * | ||
| * @dev msg.sender must be the AVS. | ||
| */ | ||
| function becomeOperatorSetAVS() external; | ||
| ``` | ||
|
|
||
| AVSs call this to become an operator set AVS. Once an AVS becomes an operator set AVS, they can no longer register operators via the legacy M2 registration path. This is a seperate function to help avoid accidental migrations to the operator set AVS model. | ||
|
|
||
| ## `createOperatorSets` | ||
| ```solidity | ||
| /** | ||
| * @notice Called by an AVS to create a list of new operatorSets. | ||
| * | ||
| * @param operatorSetIds The IDs of the operator set to initialize. | ||
| * | ||
| * @dev msg.sender must be the AVS. | ||
| */ | ||
| function createOperatorSets( | ||
| uint32[] calldata operatorSetIds | ||
| ) external; | ||
| ``` | ||
|
|
||
| AVSs use this function to create a list of new operator sets.They must call this function before they add any operators to the operator sets. The operator set IDs must be not already exist. | ||
|
|
||
| This can be called before the AVS becomes an operator set AVS. (TODO: we should make this so that it can only be called after the AVS becomes an operator set AVS?) | ||
|
|
||
| ## `migrateOperatorsToOperatorSets` | ||
| ```solidity | ||
| /** | ||
| * @notice Called by an AVS to migrate operators that have a legacy M2 registration to operator sets. | ||
| * | ||
| * @param operators The list of operators to migrate | ||
| * @param operatorSetIds The list of operatorSets to migrate the operators to | ||
| * | ||
| * @dev The msg.sender used is the AVS | ||
| * @dev The operator can only be migrated at most once per AVS | ||
| * @dev The AVS can no longer register operators via the legacy M2 registration path once it begins migration | ||
| * @dev The operator is deregistered from the M2 legacy AVS once migrated | ||
| */ | ||
| function migrateOperatorsToOperatorSets( | ||
| address[] calldata operators, | ||
| uint32[][] calldata operatorSetIds | ||
| ) external; | ||
| ``` | ||
|
|
||
| AVSs that launched before the slashing release can use this function to migrate operators that have a legacy M2 registration to operator sets. Each operator can only be migrated once for the AVS and the AVS can no longer register operators via the legacy M2 registration path once it begins migration. | ||
|
|
||
| ## `registerOperatorToOperatorSets` | ||
| ```solidity | ||
| /** | ||
| * @notice Called by AVSs to add an operator to list of operatorSets. | ||
| * | ||
| * @param operator The address of the operator to be added to the operator set. | ||
| * @param operatorSetIds The IDs of the operator sets. | ||
| * @param operatorSignature The signature of the operator on their intent to register. | ||
| * | ||
| * @dev msg.sender is used as the AVS. | ||
| */ | ||
| function registerOperatorToOperatorSets( | ||
| address operator, | ||
| uint32[] calldata operatorSetIds, | ||
| ISignatureUtils.SignatureWithSaltAndExpiry memory operatorSignature | ||
| ) external; | ||
| ``` | ||
|
|
||
| AVSs use this function to add an operator to a list of operator sets. The operator's signature is required to confirm their intent to register. If the operator has a slashable stake allocation to the AVS, it takes effect when the operator is registered (and up to `DEALLOCATION_DELAY` seconds after the operator is deregistered). | ||
|
|
||
| The operator set must exist before the operator can be added to it and the AVS must be an operator set AVS. | ||
|
|
||
| ## `deregisterOperatorFromOperatorSets` | ||
| ```solidity | ||
| /** | ||
| * @notice Called by AVSs to remove an operator from an operator set. | ||
| * | ||
| * @param operator The address of the operator to be removed from the operator set. | ||
| * @param operatorSetIds The IDs of the operator sets. | ||
| * | ||
| * @dev msg.sender is used as the AVS. | ||
| */ | ||
| function deregisterOperatorFromOperatorSets(address operator, uint32[] calldata operatorSetIds) external; | ||
| ``` | ||
|
|
||
| AVSs use this function to remove an operator from an operator set. The operator is still slashable for its slashable stake allocation to the AVS until `DEALLOCATION_DELAY` seconds after the operator is deregistered. | ||
|
|
||
| The operator must be registered to the operator set before they can be deregistered from it. | ||
|
|
||
|
|
||
| ## `forceDeregisterFromOperatorSets` | ||
| ```solidity | ||
| /** | ||
| * @notice Called by an operator to deregister from an operator set | ||
| * | ||
| * @param operator The operator to deregister from the operatorSets. | ||
| * @param avs The address of the AVS to deregister the operator from. | ||
| * @param operatorSetIds The IDs of the operator sets. | ||
| * @param operatorSignature the signature of the operator on their intent to deregister or empty if the operator itself is calling | ||
| * | ||
| * @dev if the operatorSignature is empty, the caller must be the operator | ||
| * @dev this will likely only be called in case the AVS contracts are in a state that prevents operators from deregistering | ||
| */ | ||
| function forceDeregisterFromOperatorSets( | ||
| address operator, | ||
| address avs, | ||
| uint32[] calldata operatorSetIds, | ||
| ISignatureUtils.SignatureWithSaltAndExpiry memory operatorSignature | ||
| ) external; | ||
| ``` | ||
|
|
||
| Operators can use this function to deregister from an operator set without requiring the AVS to sign off on the deregistration. This function is intended to be used in cases where the AVS contracts are in a state that prevents operators from deregistering (either malicious or unintentional). | ||
|
|
||
| Operators can also deallocate their slashable stake allocation seperately to avoid slashing risk, so this function is mainly for external integrations to interpret the correct state of the protocol. | ||
|
|
||
| ## `updateAVSMetadataURI` | ||
| ```solidity | ||
| /** | ||
| * @notice Called by an AVS to emit an `AVSMetadataURIUpdated` event indicating the information has updated. | ||
| * | ||
| * @param metadataURI The URI for metadata associated with an AVS. | ||
| * | ||
| * @dev Note that the `metadataURI` is *never stored* and is only emitted in the `AVSMetadataURIUpdated` event. | ||
| */ | ||
| function updateAVSMetadataURI( | ||
| string calldata metadataURI | ||
| ) external; | ||
| ``` | ||
|
|
||
| This function allows an AVS to update the metadata URI associated with the AVS. The metadata URI is never stored on-chain and is only emitted in the `AVSMetadataURIUpdated` event. | ||
|
|
||
| ## View Functions | ||
|
|
||
| See the [AVS Directory Inteface](../../../src/contracts/interfaces/IAVSDirectory.sol) for view functions. |
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| Original file line number | Diff line number | Diff line change |
|---|---|---|
| @@ -0,0 +1,178 @@ | ||
| # AllocationManager | ||
|
|
||
| ## Prerequisites | ||
|
|
||
| - [The Mechanics of Allocating and Slashing Unique Stake](https://forum.eigenlayer.xyz/t/the-mechanics-of-allocating-and-slashing-unique-stake/13870) | ||
|
|
||
| ## Overview | ||
| The AllocationManager contract manages the allocation and reallocation of operators' slashable stake across various strategies and operator sets. It enforces allocation and deallocation delays and handles the slashing process initiated by AVSs. | ||
|
|
||
| ## Parameterization | ||
|
|
||
| - `ALLOCATION_CONFIGURATION_DELAY`: The delay in seconds before allocations take effect. | ||
| - Mainnet: `21 days`. Very TBD | ||
| - Testnet: `1 hour`. Very TBD | ||
| - Public Devnet: `10 minutes` | ||
| - `DEALLOCATION_DELAY`: The delay in seconds before deallocations take effect. | ||
| - Mainnet: `17.5 days`. Slightly TBD | ||
| - Testnet: `3 days`. Very TBD | ||
| - Public Devnet: `1 days` | ||
|
|
||
| ## `setAllocationDelay` | ||
|
|
||
| ```solidity | ||
| /** | ||
| * @notice Called by the delagation manager to set delay when operators register. | ||
| * @param operator The operator to set the delay on behalf of. | ||
| * @param delay The allocation delay in seconds. | ||
| * @dev msg.sender is assumed to be the delegation manager. | ||
| */ | ||
| function setAllocationDelay(address operator, uint32 delay) external; | ||
| /** | ||
| * @notice Called by operators to set their allocation delay. | ||
| * @param delay the allocation delay in seconds | ||
| * @dev msg.sender is assumed to be the operator | ||
| */ | ||
| function setAllocationDelay(uint32 delay) external; | ||
| ``` | ||
|
|
||
| These functions allow operators to set their allocation delay. The first variant is called by the DelegationManager upon operator registration for all new operators created after the slashing release. The second variant is called by operators themselves to update their allocation delay or set it for the first time if they joined before the slashing release. | ||
|
|
||
| The allocation delay takes effect in `ALLOCATION_CONFIGURATION_DELAY` seconds. | ||
|
|
||
| The allocation delay can be any positive uint32. | ||
|
|
||
| The allocation delay's primary purpose is to give stakers delegated to an operator the chance to withdraw their stake before the operator can change the risk profile to something they're not comfortable with. | ||
|
|
||
| ## `modifyAllocations` | ||
|
|
||
| ```solidity | ||
| /** | ||
| * @notice struct used to modify the allocation of slashable magnitude to list of operatorSets | ||
| * @param strategy the strategy to allocate magnitude for | ||
| * @param expectedTotalMagnitude the expected total magnitude of the operator used to combat against race conditions with slashing | ||
| * @param operatorSets the operatorSets to allocate magnitude for | ||
| * @param magnitudes the magnitudes to allocate for each operatorSet | ||
| */ | ||
| struct MagnitudeAllocation { | ||
| IStrategy strategy; | ||
| uint64 expectedTotalMagnitude; | ||
| OperatorSet[] operatorSets; | ||
| uint64[] magnitudes; | ||
| } | ||
| /** | ||
| * @notice Modifies the propotions of slashable stake allocated to a list of operatorSets for a set of strategies | ||
| * @param allocations array of magnitude adjustments for multiple strategies and corresponding operator sets | ||
| * @dev Updates encumberedMagnitude for the updated strategies | ||
| * @dev msg.sender is used as operator | ||
| */ | ||
| function modifyAllocations(MagnitudeAllocation[] calldata allocations) external | ||
| ``` | ||
|
|
||
| This function is called by operators to adjust the proportions of their slashable stake allocated to different operator sets for different strategies. | ||
|
|
||
| The operator provides their expected total magnitude for each strategy they're adjusting the allocation for. This is used to combat race conditions with slashings for the strategy, which may result in larger than expected slashable proportions allocated to operator sets. | ||
|
|
||
| Each `(operator, operatorSet, strategy)` tuple can have at most 1 pending modification at a time. The function will revert is there is a pending modification for any of the tuples in the input. | ||
|
|
||
| The contract limits keeps track of the total magnitude in pending allocations, active allocations, and pending deallocations. This is called the **_encumbered magnitude_** for a strategy. The contract verifies that the allocations made in this call do not make the encumbered magnitude exceed the operator's total magnitude for the strategy. If the encumbered magnitude exceeds the total magnitude, the function reverts. | ||
|
|
||
| Any _allocations_ (i.e. increases in the proportion of slashable stake allocated to an AVS) take effect after the operator's allocation delay. The allocation delay must be set for the operator before they can call this function. | ||
|
|
||
| Any _deallocations_ (i.e. decreases in the proportion of slashable stake allocated to an AVS) take after `DEALLOCATION_DELAY` seconds. This enables AVSs enough time to update their view of stakes to the new proportions and have any tasks created against previous stakes to expire. | ||
|
|
||
| ## `clearDeallocationQueue` | ||
|
|
||
| ```solidity | ||
| /** | ||
| * @notice This function takes a list of strategies and adds all completable deallocations for each strategy, | ||
| * updating the encumberedMagnitude of the operator as needed. | ||
| * | ||
| * @param operator address to complete deallocations for | ||
| * @param strategies a list of strategies to complete deallocations for | ||
| * @param numToComplete a list of number of pending deallocations to complete for each strategy | ||
| * | ||
| * @dev can be called permissionlessly by anyone | ||
| */ | ||
| function clearDeallocationQueue( | ||
| address operator, | ||
| IStrategy[] calldata strategies, | ||
| uint16[] calldata numToComplete | ||
| ) external; | ||
| ``` | ||
|
|
||
| This function is used to complete pending deallocations for a list of strategies for an operator. The function takes a list of strategies and the number of pending deallocations to complete for each strategy. For each strategy, the function completes a modification if its effect timestamp has passed. | ||
|
|
||
| Completing a deallocation decreases the encumbered magnitude for the strategy, allowing them to make allocations with that magnitude. Encumbered magnitude must be decreased only upon completion because pending deallocations can be slashed before they are completable. | ||
|
|
||
| ## `slashOperator` | ||
|
|
||
| ```solidity | ||
| /** | ||
| * @notice Struct containing parameters to slashing | ||
| * @param operator the address to slash | ||
| * @param operatorSetId the ID of the operatorSet the operator is being slashed on behalf of | ||
| * @param strategies the set of strategies to slash | ||
| * @param wadToSlash the parts in 1e18 to slash, this will be proportional to the operator's | ||
| * slashable stake allocation for the operatorSet | ||
| * @param description the description of the slashing provided by the AVS for legibility | ||
| */ | ||
| struct SlashingParams { | ||
| address operator; | ||
| uint32 operatorSetId; | ||
| IStrategy[] strategies; | ||
| uint256 wadToSlash; | ||
| string description; | ||
| } | ||
| /** | ||
| * @notice Called by an AVS to slash an operator for given operatorSetId, list of strategies, and wadToSlash. | ||
| * For each given (operator, operatorSetId, strategy) tuple, bipsToSlash | ||
| * bips of the operatorSet's slashable stake allocation will be slashed | ||
| * | ||
| * @param operator the address to slash | ||
| * @param operatorSetId the ID of the operatorSet the operator is being slashed on behalf of | ||
| * @param strategies the set of strategies to slash | ||
| * @param wadToSlash the parts in 1e18 to slash, this will be proportional to the | ||
| * operator's slashable stake allocation for the operatorSet | ||
| * @param description the description of the slashing provided by the AVS for legibility | ||
| */ | ||
| function slashOperator( | ||
| SlashingParams calldata params | ||
| ) external | ||
| ``` | ||
|
|
||
| This function is called by AVSs to slash an operator for a given operator set and list of strategies. The AVS provides the proportion of the operator's slashable stake allocation to slash for each strategy. The proportion is given in parts in 1e18 and is with respect to the operator's _current_ slashable stake allocation for the operator set (i.e. `wadsToSlash=5e17` means 50% of the operator's slashable stake allocation for the operator set will be slashed). The AVS also provides a description of the slashing for legibility by outside integrations. | ||
|
|
||
| Slashing is instant and irreversable. Slashed funds remain unrecoverable in the protocol but will be burned/redistributed in a future release. Slashing by one operatorSet does not effect the slashable stake allocation of other operatorSets for the same operator and strategy. | ||
|
|
||
| Slashing updates storage in a way that instantly updates all view functions to reflect the correct values. | ||
|
|
||
| ## View Functions | ||
|
|
||
| ### `getMinDelegatedAndSlashableOperatorShares` | ||
|
|
||
| ```solidity | ||
| /** | ||
| * @notice returns the minimum operatorShares and the slashableOperatorShares for an operator, list of strategies, | ||
| * and an operatorSet before a given timestamp. This is used to get the shares to weight operators by given ones slashing window. | ||
| * @param operatorSet the operatorSet to get the shares for | ||
| * @param operators the operators to get the shares for | ||
| * @param strategies the strategies to get the shares for | ||
| * @param beforeTimestamp the timestamp to get the shares at | ||
| */ | ||
| function getMinDelegatedAndSlashableOperatorShares( | ||
| OperatorSet calldata operatorSet, | ||
| address[] calldata operators, | ||
| IStrategy[] calldata strategies, | ||
| uint32 beforeTimestamp | ||
| ) external view returns (uint256[][] memory, uint256[][] memory) | ||
| ``` | ||
|
|
||
| This function returns the minimum operator shares and the slashable operator shares for an operator, list of strategies, and an operator set before a given timestamp. This is used by AVSs to pessimistically estimate the operator's slashable stake allocation for a given strategy and operator set within their slashability windows. If an AVS calls this function every week and creates tasks that are slashable for a week after they're created, then `beforeTimestamp` should be 2 weeks in the future to account for the latest task that may be created against stale stakes. More on this in new docs soon. | ||
|
|
||
| ### Additional View Functions | ||
|
|
||
| See the [AllocationManager Interface](../../../src/contracts/interfaces/IAllocationManager.sol) for additional view functions. |
Oops, something went wrong.