FeedProjects
Developers
Settings
🎉 A new chapter begins: Boardroom has joined Agora
Learn more
protocol logo
Explore / Projects
Gearbox DAO

Proposals

Members

Information

Create Proposal

Gearbox DAO

ProposalsMembersInformation
Proposal
Back to Proposals
closedEnded 3 years ago · Snapshot (Offchain)

[GIP-53] Gearbox V2 Security Improvements

By 0xb9b7...6CceeA

Overview

This proposal is to enable a number of security improvements and bug fixes to currently deployed Gearbox V2 contracts. The core system parameters, such as asset LTs, fees, etc. will not be changed, but some new security parameters will be added (see below). All changes are audited by Chainsecurity.

For motivation and an in-depth description of changes, see the forum discussion.

Contract changes

The contracts to be replaced:

  • CreditConfigurator for each underlying asset’s CM;
  • CreditFacade for each underlying asset’s CM;
  • All adapters;
  • All LP price feeds;
  • A new BlacklistHelper contract will be added to the USDC credit contract suite;

The new versions of the contracts can be found in:

  • Core contracts in the ‘main’ branch of ‘core-v2’ starting from commit 710113f;
  • Adapters in the ‘legacy’ branch of ‘integrations-v3’ starting from commit e34cfbe;

Parameter additions and changes

New security parameters will be established:

  1. Maximal cumulative loss before pausing a CM - equal to maxBorrowedAmount for each respective CM: 1.1) DAI - 1’000’000; 1.2) USDC - 1’000’000; 1.3) WETH - 600; 1.4) wstETH - 600; 1.5) WBTC - 50; 1.6) FRAX - 1’000’000;

  2. Emergency liquidation premium - 4% for all CMs;

  3. Total debt limit - corresponding pool’s expected liquidity at the time of deployment;

Additionally, two dev team bot addresses will be added into the emergency liquidator list:

  1. 0x16040e932b5Ac7A3aB23b88a2f230B4185727b0d
  2. 0x3c2E5548bCe88315D50eAB4f6b1Ffb2f1B8eBd7A

Changes for end users

For UI users:

  • WalletConnect support would be discontinued and the corresponding tab removed. Practically, it was always buggy and never got properly fixed, so nobody is factually being affected by this.

For smart contract users and integrators:

  • All account management would be done through CreditFacade.multicall() - this includes both adapters and CreditFacade functions for managing existing accounts, such as increaseDebt. Account opening/closing is unaffected.
  • Most view functions were removed from adapters (unless the function does not exist in the contract the adapter points to). The target contract needs to be called instead of the adapter;

Timeline

The dev team is essentially ready to deploy, so the changes should be live within 1-2 days after the proposal is successfully voted on.

Continue Reading
Connect Wallet to Add Note
0
Votes 164
VoterCast PowerVote & Rationale
0xC4CA...43153B
33.333M

Yes, update Gearbox V2 contracts

0x81E8...Fd2c08
33.133M

Yes, update Gearbox V2 contracts

0xb9b7...6CceeA
31.086M

Yes, update Gearbox V2 contracts

0xBE35...16CDa2
24.419M

Yes, update Gearbox V2 contracts

0xdAb4...40a38D
20.742M

Yes, update Gearbox V2 contracts

SHOW MORE
VOTE POWER
0
Connect Wallet
Proposal Status
  • Mon May 01 2023, 01:47 pmVoting Period Starts
  • Thu May 04 2023, 01:47 pmEnd Voting Period
Current Results

1-Yes, update Gearbox V2 contracts

225.377M

Quorum 225.377M/200M
DocumentationBrandingContact Us
Home
This Project is Currently Disabled

If you would like to enable it, please checkout below.

Boardroom Subscription

Sign up for an individual subscription (access all projects on the platform)

Subscribe
Enable Project

Enable the entire project for every user

Enable Project
Contact Us