feat: clinic deploy scripts + audit (#15)

bgd-labs · Mar 3, 2025 · 4a1bfd9 · 4a1bfd9 · sakulstra · Mar 3, 2025
1 parent 3c6dfa5
commit 4a1bfd9
Show file tree

Hide file tree

Showing 8 changed files with 216 additions and 6 deletions.
diff --git a/.gitignore b/.gitignore
@@ -1,9 +1,10 @@
 # Compiler files
 cache/
 out/
+zkout/
 
 # Ignores development broadcast logs
-!/broadcast
+/broadcast
 /broadcast/*/31337/
 /broadcast/**/dry-run/
 
@@ -13,4 +14,4 @@ docs/
 # Dotenv file
 .env
 
-.vscode
+.vscode
diff --git a/Makefile b/Makefile
@@ -0,0 +1,16 @@
+# include .env file and export its env vars
+# (-include to ignore error if it does not exist)
+-include .env
+
+# deps
+update:; forge update
+
+# Build & test
+build  :; forge build --sizes
+test   :; forge test -vvv
+
+test-contract :; forge test --match-contract ${filter} -vv
+
+# Deploy
+deploy-ledger :; FOUNDRY_PROFILE=${chain} forge script $(if $(filter zksync,${chain}),--zksync) ${contract} --rpc-url ${chain} $(if ${dry},--sender 0x25F2226B597E8F9514B3F68F00f494cF4f286491 -vvvv, --ledger --mnemonic-indexes ${MNEMONIC_INDEX} --sender ${LEDGER_SENDER} --verify -vvvv --slow --broadcast)
+deploy-pk :; FOUNDRY_PROFILE=${chain} forge script $(if $(filter zksync,${chain}),--zksync) ${contract} --rpc-url ${chain} $(if ${dry},--sender 0x25F2226B597E8F9514B3F68F00f494cF4f286491 -vvvv, --private-key ${PRIVATE_KEY} --verify -vvvv --slow --broadcast)
diff --git a/README.md b/README.md
@@ -2,6 +2,11 @@
 
 Aave stewards are utility contracts that allow a permissioned entity to perform tasks on behalf of the Aave DAO.
 
+### Audits and security reviews:
+
+- [ClinicSteward](./audits/ClinicSteward.md)
+- [PoolExposureSteward](./audits/PoolExposureSteward.md)
+
 **Stewards**:
 
 - [Generalized Risk Stewards](https://github.com/aave-dao/aave-v3-risk-stewards)

diff --git a/audits/2025_02_17_ClinicSteward_Certora.pdf b/audits/2025_02_17_ClinicSteward_Certora.pdf
diff --git a/foundry.toml b/foundry.toml
@@ -2,7 +2,59 @@
 src = "src"
 out = "out"
 test = "tests"
+script = "scripts"
 libs = ["lib"]
+optimizer = true
+optimizer_runs = 200
+solc = '0.8.22'
+evm_version = 'shanghai'
+bytecode_hash = 'none'
+
+[profile.zksync]
+libs = ['lib']
+solc = '0.8.27'
+evm_version = 'cancun'
+optimizer = true
+optimizer_runs = 200
+bytecode_hash = 'ipfs'
+
+[profile.zksync.zksync]
+fallback_oz = true
+mode = "3"
+zksolc = "1.5.10"
+
+[profile.metis]
+evm_version = 'shanghai'
+
+[profile.mainnet]
+evm_version = 'shanghai'
+
+[profile.arbitrum]
+evm_version = 'shanghai'
+
+[profile.optimism]
+evm_version = 'shanghai'
+
+[profile.base]
+evm_version = 'shanghai'
+
+[profile.polygon]
+evm_version = 'shanghai'
+
+[profile.avalanche]
+evm_version = 'shanghai'
+
+[profile.gnosis]
+evm_version = 'shanghai'
+
+[profile.bnb]
+evm_version = 'shanghai'
+
+[profile.linea]
+evm_version = 'london'
+
+[profile.sonic]
+evm_version = 'cancun'
 
 # See more config options https://github.com/foundry-rs/foundry/blob/master/crates/config/README.md#all-options
 [rpc_endpoints]
@@ -29,6 +81,24 @@ gnosis = "${RPC_GNOSIS}"
 zkEVM = "${RPC_ZKEVM}"
 celo = "${RPC_CELO}"
 zksync = "${RPC_ZKSYNC}"
+linea = "${RPC_LINEA}"
+
+[etherscan]
+mainnet = { key = "${ETHERSCAN_API_KEY_MAINNET}", chain = 1 }
+optimism = { key = "${ETHERSCAN_API_KEY_OPTIMISM}", chain = 10 }
+avalanche = { key = "${ETHERSCAN_API_KEY_AVALANCHE}", chain = 43114 }
+polygon = { key = "${ETHERSCAN_API_KEY_POLYGON}", chain = 137 }
+arbitrum = { key = "${ETHERSCAN_API_KEY_ARBITRUM}", chain = 42161 }
+fantom = { key = "${ETHERSCAN_API_KEY_FANTOM}", chain = 250 }
+metis = { key = "any", chainId = 1088, url = 'https://andromeda-explorer.metis.io/' }
+base = { key = "${ETHERSCAN_API_KEY_BASE}", chainId = 8453 }
+zkevm = { key = "${ETHERSCAN_API_KEY_ZKEVM}", chainId = 1101 }
+gnosis = { key = "${ETHERSCAN_API_KEY_GNOSIS}", chainId = 100 }
+bnb = { key = "${ETHERSCAN_API_KEY_BNB}", chainId = 56, url = 'https://api.bscscan.com/api' }
+scroll = { key = "${ETHERSCAN_API_KEY_SCROLL}", chainId = 534352 }
+zksync = { key = "${ETHERSCAN_API_KEY_ZKSYNC}", chain = 324 }
+linea = { key = "${ETHERSCAN_API_KEY_LINEA}", chain = 59144 }
+sonic = { key = "${ETHERSCAN_API_KEY_SONIC}", chain = 146 }
 
 # See more config options https://github.com/foundry-rs/foundry/blob/master/crates/config/README.md#all-options
 [fmt]

diff --git a/lib/aave-helpers b/lib/aave-helpers
diff --git a/scripts/DeployClinicSteward.s.sol b/scripts/DeployClinicSteward.s.sol
@@ -0,0 +1,118 @@
+// SPDX-License-Identifier: MIT
+pragma solidity ^0.8.0;
+
+import {ClinicSteward} from "src/maintenance/ClinicSteward.sol";
+import {IPool} from "aave-v3-origin/contracts/interfaces/IPool.sol";
+import {ICollector} from "aave-v3-origin/contracts/treasury/ICollector.sol";
+import {Script, Create2Utils} from "solidity-utils/contracts/utils/ScriptUtils.sol";
+import {ChainIds} from "solidity-utils/contracts/utils/ChainHelpers.sol";
+
+import {AaveV3Polygon} from "aave-address-book/AaveV3Polygon.sol";
+import {GovernanceV3Polygon} from "aave-address-book/GovernanceV3Polygon.sol";
+
+import {AaveV3Avalanche} from "aave-address-book/AaveV3Avalanche.sol";
+import {GovernanceV3Avalanche} from "aave-address-book/GovernanceV3Avalanche.sol";
+
+import {AaveV3Optimism} from "aave-address-book/AaveV3Optimism.sol";
+import {GovernanceV3Optimism} from "aave-address-book/GovernanceV3Optimism.sol";
+
+import {AaveV3Arbitrum} from "aave-address-book/AaveV3Arbitrum.sol";
+import {GovernanceV3Arbitrum} from "aave-address-book/GovernanceV3Arbitrum.sol";
+
+import {AaveV3Ethereum} from "aave-address-book/AaveV3Ethereum.sol";
+import {GovernanceV3Ethereum} from "aave-address-book/GovernanceV3Ethereum.sol";
+
+import {AaveV3BNB} from "aave-address-book/AaveV3BNB.sol";
+import {GovernanceV3BNB} from "aave-address-book/GovernanceV3BNB.sol";
+
+import {AaveV3Gnosis} from "aave-address-book/AaveV3Gnosis.sol";
+import {GovernanceV3Gnosis} from "aave-address-book/GovernanceV3Gnosis.sol";
+
+import {AaveV3Scroll} from "aave-address-book/AaveV3Scroll.sol";
+import {GovernanceV3Scroll} from "aave-address-book/GovernanceV3Scroll.sol";
+
+import {AaveV3Base} from "aave-address-book/AaveV3Base.sol";
+import {GovernanceV3Base} from "aave-address-book/GovernanceV3Base.sol";
+
+import {AaveV3Metis} from "aave-address-book/AaveV3Metis.sol";
+import {GovernanceV3Metis} from "aave-address-book/GovernanceV3Metis.sol";
+
+import {AaveV3Linea} from "aave-address-book/AaveV3Linea.sol";
+import {GovernanceV3Linea} from "aave-address-book/GovernanceV3Linea.sol";
+
+import {AaveV3EthereumLido} from "aave-address-book/AaveV3EthereumLido.sol";
+import {AaveV3EthereumEtherFi} from "aave-address-book/AaveV3EthereumEtherFi.sol";
+
+import {AaveV3ZkSync} from "aave-address-book/AaveV3ZkSync.sol";
+import {GovernanceV3ZkSync} from "aave-address-book/GovernanceV3ZkSync.sol";
+
+address constant MULTISIG = 0xdeadD8aB03075b7FBA81864202a2f59EE25B312b;
+address constant MULTISIG_ZK = 0x77CC0A0582475bfD74CD838610e817d05c181E11;
+
+library DeploymentLibrary {
+  function _deploy(IPool pool, ICollector collector, address admin, uint256 budget) internal {
+    Create2Utils.create2Deploy(
+      "v1", type(ClinicSteward).creationCode, abi.encode(address(pool), address(collector), admin, MULTISIG, budget)
+    );
+  }
+
+  function _deployZk(IPool pool, ICollector collector, address admin, uint256 budget) internal {
+    new ClinicSteward{salt: "v1"}(address(pool), address(collector), admin, MULTISIG_ZK, budget);
+  }
+}
+
+contract Deploy is Script {
+  function run() external {
+    vm.startBroadcast();
+    if (block.chainid == ChainIds.MAINNET) {
+      DeploymentLibrary._deploy(
+        AaveV3Ethereum.POOL, AaveV3Ethereum.COLLECTOR, GovernanceV3Ethereum.EXECUTOR_LVL_1, 30_000e8
+      );
+      DeploymentLibrary._deploy(
+        AaveV3EthereumLido.POOL, AaveV3Ethereum.COLLECTOR, GovernanceV3Ethereum.EXECUTOR_LVL_1, 5_000e8
+      );
+      // _deploy(AaveV3EthereumEtherFi.POOL, AaveV3Ethereum.COLLECTOR, GovernanceV3Mainnet.EXECUTOR_LVL_1);
+    }
+    if (block.chainid == ChainIds.POLYGON) {
+      DeploymentLibrary._deploy(
+        AaveV3Polygon.POOL, AaveV3Polygon.COLLECTOR, GovernanceV3Polygon.EXECUTOR_LVL_1, 30_000e8
+      );
+    }
+    if (block.chainid == ChainIds.AVALANCHE) {
+      DeploymentLibrary._deploy(
+        AaveV3Avalanche.POOL, AaveV3Avalanche.COLLECTOR, GovernanceV3Avalanche.EXECUTOR_LVL_1, 350_000e8
+      );
+    }
+    if (block.chainid == ChainIds.OPTIMISM) {
+      DeploymentLibrary._deploy(
+        AaveV3Optimism.POOL, AaveV3Optimism.COLLECTOR, GovernanceV3Optimism.EXECUTOR_LVL_1, 5_000e8
+      );
+    }
+    if (block.chainid == ChainIds.ARBITRUM) {
+      DeploymentLibrary._deploy(
+        AaveV3Arbitrum.POOL, AaveV3Arbitrum.COLLECTOR, GovernanceV3Arbitrum.EXECUTOR_LVL_1, 60_000e8
+      );
+    }
+    if (block.chainid == ChainIds.SCROLL) {
+      DeploymentLibrary._deploy(AaveV3Scroll.POOL, AaveV3Scroll.COLLECTOR, GovernanceV3Scroll.EXECUTOR_LVL_1, 1_000e8);
+    }
+    if (block.chainid == ChainIds.BASE) {
+      DeploymentLibrary._deploy(AaveV3Base.POOL, AaveV3Base.COLLECTOR, GovernanceV3Base.EXECUTOR_LVL_1, 15_000e8);
+    }
+    if (block.chainid == ChainIds.ZKSYNC) {
+      DeploymentLibrary._deployZk(AaveV3ZkSync.POOL, AaveV3ZkSync.COLLECTOR, GovernanceV3ZkSync.EXECUTOR_LVL_1, 1_000e8);
+    }
+    if (block.chainid == ChainIds.BNB) {
+      DeploymentLibrary._deploy(AaveV3BNB.POOL, AaveV3BNB.COLLECTOR, GovernanceV3BNB.EXECUTOR_LVL_1, 2_000e8);
+    }
+    if (block.chainid == ChainIds.GNOSIS) {
+      DeploymentLibrary._deploy(AaveV3Gnosis.POOL, AaveV3Gnosis.COLLECTOR, GovernanceV3Gnosis.EXECUTOR_LVL_1, 1_000e8);
+    }
+    if (block.chainid == ChainIds.METIS) {
+      DeploymentLibrary._deploy(AaveV3Metis.POOL, AaveV3Metis.COLLECTOR, GovernanceV3Metis.EXECUTOR_LVL_1, 1_000e8);
+    }
+    if (block.chainid == ChainIds.LINEA) {
+      DeploymentLibrary._deploy(AaveV3Linea.POOL, AaveV3Linea.COLLECTOR, GovernanceV3Linea.EXECUTOR_LVL_1, 1_000e8);
+    }
+  }
+}
diff --git a/src/maintenance/ClinicSteward.sol b/src/maintenance/ClinicSteward.sol
@@ -4,7 +4,7 @@ pragma solidity ^0.8.0;
 import {IPool, DataTypes, IPoolAddressesProvider, IPriceOracleGetter} from "aave-address-book/AaveV3.sol";
 
 import {UserConfiguration} from "aave-v3-origin/contracts/protocol/libraries/configuration/UserConfiguration.sol";
-import {ICollector, IERC20 as IERC20Col} from "aave-v3-origin/contracts/treasury/ICollector.sol";
+import {ICollector} from "aave-v3-origin/contracts/treasury/ICollector.sol";
 
 import {IRescuableBase} from "solidity-utils/contracts/utils/interfaces/IRescuableBase.sol";
 import {RescuableBase} from "solidity-utils/contracts/utils/RescuableBase.sol";
@@ -217,10 +217,10 @@ contract ClinicSteward is IClinicSteward, RescuableBase, Multicall, AccessContro
     if (useAToken) {
       address aToken = POOL.getReserveAToken(asset);
       // 1 wei surplus to account for rounding on multiple operations
-      ICollector(COLLECTOR).transfer(IERC20Col(aToken), address(this), amount + 1);
+      ICollector(COLLECTOR).transfer(IERC20(aToken), address(this), amount + 1);
       POOL.withdraw(asset, type(uint256).max, address(this));
     } else {
-      ICollector(COLLECTOR).transfer(IERC20Col(asset), address(this), amount);
+      ICollector(COLLECTOR).transfer(IERC20(asset), address(this), amount);
     }
   }
+1 −1		lib/aave-address-book
+1 −1		lib/forge-std
+254 −199		package-lock.json
+1 −1		package.json
+0 −7		scripts/FreezingStewards.s.sol
+0 −12		scripts/RiskStewards.s.sol
+0 −4		src/ChainIds.sol
+6 −9		src/CollectorUtils.sol
+7 −1		src/CommonTestBase.sol
+2 −2		src/GovV3Helpers.sol
+1 −1		src/IpfsUtils.sol
+106 −0		src/ProtocolV3TestBase.sol
+23 −0		src/mocks/MockFlashLoanReceiver.sol
+0 −17		src/v3-config-engine/AaveV3PayloadPolygonZkEvm.sol
+4 −3		tests/CollectorUtils.t.sol
+1 −1		tests/riskstewards/CapsPlusRiskSteward.t.sol
Path	Value
snapshots/ClinicSteward.json
function batchLiquidate: with 0 users	117,607
function batchLiquidate: with 1 user	569,483
function batchLiquidate: with 2 users	899,138
function batchLiquidate: with 3 users	1,116,891
function batchLiquidate: with 4 users	1,334,656
function batchLiquidate: with 5 users	1,658,296
function batchLiquidate: with 6 users	1,876,061
function batchRepayBadDebt: with 0 users	93,637
function batchRepayBadDebt: with 1 user	253,484
function batchRepayBadDebt: with 2 users	315,955
function batchRepayBadDebt: with 3 users	378,425
function batchRepayBadDebt: with 4 users	440,896
function batchRepayBadDebt: with 5 users	503,367
function batchRepayBadDebt: with 6 users	565,838
function getBadDebtAmount: with 0 users	12,843
function getBadDebtAmount: with 1 user	38,653
function getBadDebtAmount: with 2 users	51,411
function getBadDebtAmount: with 4 users	76,929
function getBadDebtAmount: with 5 users	89,688
function getBadDebtAmount: with 6 users	102,447
function getDebtAmount: with 0 users	12,866
function getDebtAmount: with 1 user	34,336
function getDebtAmount: with 2 users	51,411
function getDebtAmount: with 4 users	59,591
function getDebtAmount: with 5 users	68,009
function getDebtAmount: with 6 users	76,428