| SIP | Title | Author | Status | Track | Created |
|---|---|---|---|---|---|
0074 |
Smart Contracts Upgrade Electron |
Tyrone Johnson (@tjcloa) |
Ready for vote |
Contract |
2024-01-16 |
-
Increase Borrowing Debt Bug: Unable to use existing excessive collateral for borrowing When users attempt to borrow more on an existing loan using the collateral of that loan, the calculation for collateral sufficiency is incorrect.
This results in users being unable to borrow a fair amount, only a fraction at best.Solution: The bug is resolved with PR#520.
-
VestingLogic Contract Refactoring: Removal of vestings cancelling & allowance for partial withdrawal
3.1. A legacy and unnecessary Team Vesting cancelling function in the VestingLogic contract has been a source of confusion
and it has already been optimized by moving it to the Staking contract.
The function is removed from the VestingLogic contract.
3.2. Vesting contracts with more than 44 unlocked periods are deadlocked due to a block gas limit issue.
A new function is introduced to allow withdrawals of unlocked amounts in chunks.Solution: Resolved in the Sovryn-smart-contracts repository PR#529.
-
EIP-2612 Bug in DLLR Function transferWithPermit: Extracting from a transaction and front-running permit causes the transaction failure
This vulnerability was reported by a researcher in the Immunefi Bug Bounty Program.
Mynt DLLR contract functiontransferWithPermitis vulnerable to a griefing attack. An attacker can extract permit parameters from a transaction in the mempool and front run its execution before the transaction, causing it to fail because its nonce is already used for this permission by the attacker. The DLLR contract is not upgradable, but a workaround has been found - use a Uniswap Permit2 contract which enables any ERC-20 token with EIP-2612 Permit functionality.
All affected contracts depending on thetransferWithPermitfunction in Mynt and zero-contracts repositories are to be upgraded. -
Aggregating PR#535
This pull request includes a script for SIP creation and deployment data for all new contracts from the pull requests included in this upgrade, necessary for executing the SIP upgrade.
If approved, this proposal will upgrade the following contracts
Existing contracts
| Contract | Address |
|---|---|
| Mynt MocIntegration logic contract | 0x9363323D9c653a2b89C758f62f5043f0B2c67C71 |
| Zero StabilityPool logic contract | 0x05a2dac59122f1dAcb7BB42b9736a8B27C12e193 |
| Zero TroveManager logic contract | 0xF365CC004d4c3826b53B943f5fc7B8aec6e43341 |
| Zero TroveManagerRedeemOps contract | 0xd4CE65a6DB60BeDD51c499b716969d57998Cd941 |
| Zero BorrowerOperations logic contract | 0x6dafc71f49f9aa25325126dd9fec426624afb878 |
| Protocol module contract LoanOpenings | 0x7b520c4BDB4527A2c1cA8E24c245660df9636b22 |
| VestingLogic contract | 0x648Ff0C537A10414b8aFa92Fe1D40aBD4DB2479b |
| VestingFactory contract | 0x2399b527b9966774c99ad600af104CcD320325B6 |
New contracts
| Contract | Address |
|---|---|
| Mynt MocIntegration logic contract | 0x454E8deBBf6900036372407a23E1d0284Be3f12A |
| Zero StabilityPool logic contract | 0x2a1950a06AD5C5113e44721820305645d671eC4F |
| Zero TroveManager logic contract | 0x3d841398AcA5794b9da2f2573F473075417a0117 |
| Zero TroveManagerRedeemOps contract | 0xa4161D23002e110b3d5C430EfAfF299415074c67 |
| Zero BorrowerOperations logic contract | 0xD603B4c5F7BF13a2AA510F2c625546dB4138D330 |
| Protocol module contract LoanOpenings | 0x000fec34466972987928d519948AA1b25EACD3E9 |
| VestingLogic contract | 0x8bFf9023495ed689f2362CCc45Bfe61ba299e90F |
| VestingFactory contract | 0x4DfA9759E1Ff3B7F8055a84e3fd76dF6F57BaEf1 |
Copyright and related rights waived via CC0.