Content/mainnet docs (#23)

* Add sections for deployed contracts and multisigs

* add warning about consensus rewards claiming being disabled until EigenLayer's next upgrade

* Latest on guardian responsibilities

* align docs with deployed protocol and update RestakingModule -> PufferModule

docs/deployed-contracts.md

@@ -0,0 +1,52 @@
+---
+title: Contract Addresses
+slug: /deployments/deployed-contracts
+---
+
+
+# Contract Addresses and Docs
+## Puffer Protocol Contracts
+Puffer's smart contracts are located in two repos:
+### [PufferFinance/pufETH](https://github.com/PufferFinance/pufETH)
+> This repo contains the `PufferVault` contract which is where the protocol's assets (ETH, wETH, stETH) are held and the `pufETH` LRT is minted.
+
+> Visit the [technical documentation](https://github.com/PufferFinance/pufETH/tree/main/docs) for more information.
+
+### [PufferFinance/PufferPool](https://github.com/PufferFinance/PufferPool)
+> This repo contains the core contracts for Puffer's protocol. The core fuctionality is to:
+- allow for users to permissionlessly run Ethereum validators
+- interface with EigenLayer's contracts to enable native restaking and delegation
+
+> Visit the [technical documentation](https://github.com/PufferFinance/PufferPool/tree/master/docs) for more information.
+
+## Deployment Addresses
+The following are the address of our contratcs on Ethereum mainnet and Holesky testnet:
+### Mainnet
+**pufETH**
+- `PufferVault (pufETH token)`: `0xD9A442856C234a39a81a089C06451EBAa4306a72`
+- `PufferDepositor`: `0x4aA799C5dfc01ee7d790e3bf1a7C2257CE1DcefF`
+- `AccessManager`: `0x8c1686069474410E6243425f4a10177a94EBEE11`
+- `Timelock`: `0x3C28B7c7Ba1A1f55c9Ce66b263B33B204f2126eA`
+
+**PufferPool**
+- `PufferProtocol`: `tbd`
+- `ValidatorTicket`: `tbd`
+- `GuardianModule`: `tbd`
+- `EnclaveVerifier`: `tbd`
+- `PufferModuleManager`: `tbd`
+- `PufferOracle`: `tbd`
+
+### Holeksy Testnet
+**pufETH**
+- `PufferVault (pufETH token)`: `0x98408eadD0C7cC9AebbFB2AD2787c7473Db7A1fa`
+- `PufferDepositor`: `0x9BEF4B8E025ecc91FE5Ee865f4880b106F106e5a`
+- `AccessManager`: `0xA6c916f85DAfeb6f726E03a1Ce8d08cf835138fF`
+- `Timelock`: `0x3C28B7c7Ba1A1f55c9Ce66b263B33B204f2126eA`
+
+**PufferPool**
+- `PufferProtocol`: `0x705E27D6A6A0c77081D32C07DbDE5A1E139D3F14`
+- `ValidatorTicket`: `0xA143c6bFAff0B25B485454a9a8DB94dC469F8c3b`
+- `GuardianModule`: `0xD349FdCD0e4451381bfE7cba3ac28773E176b326`
+- `EnclaveVerifier`: `0x79200dE6299F27b7354Ca95A09a9C3978DBEDf24`
+- `PufferModuleManager`: `0xe4695ab93163F91665Ce5b96527408336f070a71`
+- `PufferOracle`: `0xEf93AA29F627465A7f58A1F25980c90116f27b74`

docs/glossary.md

@@ -79,8 +79,5 @@ AKA ReOp: A NoOp that is delegated funds to operate an AVS on behalf of other No
 ### `Secure Signer`
 A software developed by Puffer that helps prevent validators from being slashed. It utilizes Trusted Execution Environments (TEEs) such as Intel SGX
 
-### `Proof of Reserves`
-This refers to the process by which the protocol proves the amount of ETH backing pufETH, and thus determining the fair exchange ratio between ETH and pufETH
-
 ### `Proof of Rewards`
 This refers to the process by which NoOps prove and receive the rewards generated as a result of running their validator node

docs/guardians.md

@@ -14,22 +14,26 @@ The Guardians are a collective of respected community members who are deeply ali
 
 ## What are their duties?
 
-Guardians have two main responsibilities within the Puffer Protocol:
+Guardians have three main responsibilities within the Puffer Protocol:
 
-1. **Proof of Reserves**: This involves reporting the amount of ETH backing pufETH to update the conversion rate. This ETH is comprised of active NoOp validators, full withdrawal ETH from any exited NoOps, restaking rewards owed to stakers, and the balance of the PufferVault. With the introduction of [**EIP-4788**](https://eips.ethereum.org/EIPS/eip-4788), this task will become automated and trustless via a Zero-Knowledge Proof (ZKP).
 
-2. **Ejecting validators**: Until [**EIP-7002**](https://eips.ethereum.org/EIPS/eip-7002) is realized, the protocol relies on the Guardians to eject validators under certain conditions. They use encrypted validator keyshares, stored in specialized enclaves designed solely to sign exit messages. A validator will be ejected if:
+1. **Ejecting validators**: Until [**EIP-7002**](https://eips.ethereum.org/EIPS/eip-7002) is realized, the protocol relies on the Guardians to eject validators under certain conditions. They use encrypted validator keyshares, stored in specialized enclaves designed solely to sign exit messages. A validator will be ejected if:
    - Its beacon chain balance falls below below the DAO threshold.
-   - Its [module](/protocol/restaking-modules#restaking-modules-) was slashed due to an AVS violation.
+   - Its [module](/protocol/puffer-modules#puffer-modules-) was slashed due to an AVS violation.
    - It consumes all of its validator tickets without renewal.
 
+2. **Provisioning or skipping validators**: When a NoOp registers a validator, the Guardians are responsible for vetting the registration before provisioning them 32 ETH. If the registration is invalid (e.g., uses the wrong withdrawal credentials, is signed with the wrong fork version, uses the wrong enclave version, or the validator already exists) or they failed to properly encrypt keys for the Guardians, they will be skipped. If a NoOp's registration is skipped, their full bond will be returned but a portion of their validator tickets will be penalized to prevent NoOps from griefing the protocol.
+
+3. **Returning validator bonds on exit**: When validators fully exit the beacon chain and EigenLayer, the Guardians will return their bonds, burn any consumed validator tickets, and update the number of active validators in Puffer's on-chain accounting. This step allows Puffer to do "[lazy proof of reserves](https://github.com/PufferFinance/PufferPool/blob/master/docs/PufferOracleV2.md)" which enables a more real time conversion rate for pufETH. See the [technical docs](https://github.com/PufferFinance/PufferPool/blob/master/docs/PufferProtocol.md#after-exiting) for more details.
+
 A majority agreement among the Guardians (e.g., 7 out of 8) is required before any significant action is taken.
 
 ## Roadmap to Decentralization
 
-Achieving full protocol-level decentralization is the end goal for Puffer. This would mean the protocol operates without any dependence on the core team, third parties, or external entities. Two Ethereum Improvement Proposals, **EIP-7002** and **EIP-4788**, are critical to this mission:
+Achieving full protocol-level decentralization is the end goal for Puffer. This would mean the protocol operates without any dependence on the core team, third parties, or external entities. Several Ethereum Improvement Proposals are critical to this mission:
 
-- **EIP-7002**: Once implemented, it will render the Guardian's role in overseeing validator ejections obsolete as they can be triggered from a smart contract.
-- **EIP-4788**: Allows for trustless trustless proof of reserves, removing the dependency on any trusted entity to report how much ETH is backing the pufETH Liquid Staking Token (LST).
+- **[EIP-7002](https://eips.ethereum.org/EIPS/eip-7002)**: Once implemented, it will render the Guardian's role in overseeing validator ejections obsolete as they can be triggered from a smart contract.
+- **[EIP-4788](https://eips.ethereum.org/EIPS/eip-4788)**: Allows many Guardian operations to be replaced via a ZKP.
+- **[EIP-2537](https://eips.ethereum.org/EIPS/eip-2537)**: BLS precompiles allow validator registration messages to be validated on-chain, reducing trust in the Guardians.
 
 Until these EIPs are fully adopted, the Guardians serve as an interim measure. They allow the Puffer Protocol to grow and decentralize Ethereum safely, ensuring stakers remain shielded from risks and uncertainties in the interim. The Guardians' role, although crucial now, is a temporary measure designed to safeguard staker assets and ensure protocol growth in Ethereum's constantly evolving landscape.

docs/guiding-principles.md

@@ -15,9 +15,9 @@ The protocol strives to improve Ethereum validator diversity. In this spirit, th
 - Puffer's NoOps run anti-slashing hardware and lock collateral to mitigate slashing risk. Learn more 👉 [Secure-Signer for slash protection](/technology/secure-signer).
 - Puffer introduces a novel approach to validator collateral with better long-term NoOp incentives. Learn more 👉 [validator tickets incentives](/protocol/validator-tickets).
 - Puffer uses a highly-aligned security counsel to reduce inactivity risk. Learn more 👉 [Guardian duties](/protocol/guardians#what-are-their-duties).
-- Puffer places strict guardrails around which AVSs are allowed as the restaking ecosystem evolves. Learn more 👉 [restaking AVSs](/protocol/restaking-modules#restricting-avss).
-- Puffer places strict guardrails around who can operate AVSs as the restaking ecosystem evolves. Learn more 👉 [restaking operators](/protocol/restaking-modules#restricting-reops).
-- Puffer adjusts risk by allocating the protocol's ETH amongst different Eigenlayer AVSs and Restaking Operators. Learn more 👉 [allocating ETH to modules](/protocol/restaking-modules).
+- Puffer places strict guardrails around which AVSs are allowed as the restaking ecosystem evolves. Learn more 👉 [restaking AVSs](/protocol/puffer-modules#restricting-avss).
+- Puffer places strict guardrails around who can operate AVSs as the restaking ecosystem evolves. Learn more 👉 [restaking operators](/protocol/puffer-modules#restricting-reops).
+- Puffer adjusts risk by allocating the protocol's ETH amongst different Eigenlayer AVSs and Restaking Operators. Learn more 👉 [allocating ETH to modules](/protocol/puffer-modules).
 
 ### Ethos-aligned
 > *The protocol must be aligned with Ethereum's ethos.*
@@ -37,12 +37,12 @@ The protocol strives to improve Ethereum validator diversity. In this spirit, th
 > *The protocol must be capital efficient to attract NoOps.*
 
 - Puffer reduces the ETH amount needed to become an Ethereum validator to as little as 1 ETH, inviting more participants. Learn more 👉 [validator tickets](/protocol/validator-tickets).
-- Puffer gives NoOps restaking exposure with less than 32 ETH. Learn more 👉 [modules](/protocol/restaking-modules).
+- Puffer gives NoOps restaking exposure with less than 32 ETH. Learn more 👉 [modules](/protocol/puffer-modules).
 
 ### Profitable 
 > *The protocol must be profitable to attract NoOps.*
 
-- Puffer allows NoOps to increase their profit margins through Eigenlayer restaking exposure. Learn more 👉 [modules](/protocol/restaking-modules).
+- Puffer allows NoOps to increase their profit margins through Eigenlayer restaking exposure. Learn more 👉 [modules](/protocol/puffer-modules).
 - Puffer NoOps use [enclave-compatible](/reference/glossary#enclave) hardware to protect themselves from slashing while unlocking unique restaking opportunities, increasing their hardware efficiency. Learn more 👉 [Secure-Signer](/technology/secure-signer).
 
 ### Scalable

docs/intro.md

@@ -6,7 +6,7 @@ slug: /
 :::info About Puffer
 Puffer is a decentralized native liquid restaking protocol (nLRP) built on Eigenlayer 🐡🤝🟣
 
-It makes [native restaking](/protocol/restaking-modules/#native-restaking-) on [Eigenlayer](https://www.eigenlayer.xyz/) more accessible, allowing anyone to run an Ethereum Proof of Stake (PoS) validator while supercharging their rewards.
+It makes [native restaking](/protocol/puffer-modules/#native-restaking-) on [Eigenlayer](https://www.eigenlayer.xyz/) more accessible, allowing anyone to run an Ethereum Proof of Stake (PoS) validator while supercharging their rewards.
 :::
 
 
@@ -55,7 +55,7 @@ Together, stakers and NoOps create a flywheel effect that allows Puffer to outpa
 
 
 The protocol is driven by **Stakers** and **Node Operators** (NoOps):
-- **NoOps** can join *any* Puffer [module](/protocol/restaking-modules) by locking [Validator Tickets](/protocol/validator-tickets) and 1 ETH as collateral. In exchange, they get to operate a 32 ETH validator and keep 100% of its PoS rewards until they run out of VTs. NoOps can boost their rewards by joining [restaking](/reference/glossary#Restaking) modules and delegating the validator's ETH to a [restaking operator](/protocol/restaking-modules#restaking-operators) in exchange for restaking rewards commission.
+- **NoOps** can join *any* Puffer [module](/protocol/puffer-modules) by locking [Validator Tickets](/protocol/validator-tickets) and 1 ETH as collateral. In exchange, they get to operate a 32 ETH validator and keep 100% of its PoS rewards until they run out of VTs. NoOps can boost their rewards by joining [restaking](/reference/glossary#Restaking) modules and delegating the validator's ETH to a [restaking operator](/protocol/puffer-modules#restaking-operators) in exchange for restaking rewards commission.
 
 
 - **Stakers** can deposit any amount of ETH to help fund the protocol's 32 ETH NoOp-controlled validators. In exchange, they receive the pufETH [native Liquid Restaking Token](/protocol/nlrt#what-is-an-lst) (nLRT) which grows in value as the protocol mints validator tickets and receives restaking rewards.
@@ -87,5 +87,5 @@ Traditional liquid staking tokens (LSTs) only accrue PoS rewards. As a nLRT, puf
 Puffer prioritizes the safety of stakers' ETH. To ensure staked ETH is safe, the protocol requires:
 - NoOps to lock 1 ETH of collateral and run [Puffer’s anti-slashing technology](/technology/secure-signer) for defense-in-depth or lock 2 ETH of collateral without the anti-slasher
 - [Ejecting validators](/protocol/guardians#what-are-their-duties) whose balance falls too low
-- Guardrails around [which AVSs are allowed](/protocol/restaking-modules#restricting-avss)
-- Guardrails around who can become a [restaking operator](/protocol/restaking-modules#restricting-reops)
+- Guardrails around [which AVSs are allowed](/protocol/puffer-modules#restricting-avss)
+- Guardrails around who can become a [restaking operator](/protocol/puffer-modules#restricting-reops)