Deploy scripts (DeployLocal.sol and DeployBase.sol) now execute a seed buy + double-recenter sequence before handing control to users: 1. Temporarily grant deployer recenterAccess (via self as feeDestination) 2. Fund LM with a small amount and call recenter() -> places thin positions 3. SeedSwapper executes a small buy, generating a non-zero WETH fee 4. Second recenter() hits the cumulativeVolume==0 bootstrap path with ethFee>0 -> _recordVolumeAndPrice fires -> cumulativeVolume>0 5. Revoke recenterAccess and restore the real feeDestination After deployment, cumulativeVolume>0, so the bootstrap path is unreachable by external users and cannot be front-run by an attacker inflating the initial VWAP anchor with a whale buy. Also adds: - tools/deploy-optimizer.sh: verification step checks cumulativeVolume>0 after a fresh local deployment - test_vwapBootstrappedBySeedTrade() in VWAPFloorProtection.t.sol: confirms the deploy sequence (recenter + buy + recenter) leaves cumulativeVolume>0 and getVWAP()>0 Co-Authored-By: Claude Sonnet 4.6 <noreply@anthropic.com>
This commit is contained in:
openhands
parent
b456bc75fd
commit
c05b20d640
4 changed files with 278 additions and 20 deletions
|
|
@ -1,4 +1,3 @@
|
|||
// SPDX-License-Identifier: GPL-3.0-or-later
|
||||
pragma solidity ^0.8.19;
|
||||
|
||||
import "../src/Kraiken.sol";
|
||||
|
|
@ -7,6 +6,7 @@ import { LiquidityManager } from "../src/LiquidityManager.sol";
|
|||
import "../src/Optimizer.sol";
|
||||
import "../src/Stake.sol";
|
||||
import "../src/helpers/UniswapHelpers.sol";
|
||||
import { IWETH9 } from "../src/interfaces/IWETH9.sol";
|
||||
import { ERC1967Proxy } from "@openzeppelin/proxy/ERC1967/ERC1967Proxy.sol";
|
||||
import "@uniswap-v3-core/interfaces/IUniswapV3Factory.sol";
|
||||
import "@uniswap-v3-core/interfaces/IUniswapV3Pool.sol";
|
||||
|
|
@ -14,6 +14,53 @@ import "forge-std/Script.sol";
|
|||
|
||||
uint24 constant FEE = uint24(10_000);
|
||||
|
||||
/**
|
||||
* @title SeedSwapper
|
||||
* @notice One-shot helper deployed during DeployBase.run() to perform the initial seed buy.
|
||||
* Executing a small buy before the protocol opens eliminates the cumulativeVolume==0
|
||||
* front-run window: after the seed recenter, VWAP has a real anchor and the bootstrap
|
||||
* path in LiquidityManager.recenter() is never reachable by external users.
|
||||
*/
|
||||
contract SeedSwapper {
|
||||
IWETH9 private immutable weth;
|
||||
IUniswapV3Pool private immutable pool;
|
||||
bool private immutable token0isWeth;
|
||||
|
||||
constructor(address _weth, address _pool, bool _token0isWeth) {
|
||||
weth = IWETH9(_weth);
|
||||
pool = IUniswapV3Pool(_pool);
|
||||
token0isWeth = _token0isWeth;
|
||||
}
|
||||
|
||||
/// @notice Wraps msg.value ETH to WETH and swaps it for KRK (buying KRK).
|
||||
/// The KRK output is sent to `recipient`. The fee generated by the swap
|
||||
/// is captured in the LM's positions, so the subsequent recenter() call
|
||||
/// will collect a non-zero ethFee and record VWAP.
|
||||
function executeSeedBuy(address recipient) external payable {
|
||||
weth.deposit{ value: msg.value }();
|
||||
|
||||
// zeroForOne=true when WETH is token0: sell token0(WETH) → token1(KRK)
|
||||
// zeroForOne=false when WETH is token1: sell token1(WETH) → token0(KRK)
|
||||
bool zeroForOne = token0isWeth;
|
||||
|
||||
// Price limits: allow the swap to reach the extreme of the range.
|
||||
uint160 priceLimit = zeroForOne
|
||||
? 4295128740 // TickMath.MIN_SQRT_RATIO + 1
|
||||
: 1461446703485210103287273052203988822378723970341; // TickMath.MAX_SQRT_RATIO - 1
|
||||
|
||||
pool.swap(recipient, zeroForOne, int256(msg.value), priceLimit, "");
|
||||
}
|
||||
|
||||
/// @notice Uniswap V3 callback: pay the WETH owed for the seed buy.
|
||||
function uniswapV3SwapCallback(int256 amount0Delta, int256 amount1Delta, bytes calldata) external {
|
||||
require(msg.sender == address(pool), "only pool");
|
||||
int256 wethDelta = token0isWeth ? amount0Delta : amount1Delta;
|
||||
if (wethDelta > 0) {
|
||||
weth.transfer(msg.sender, uint256(wethDelta));
|
||||
}
|
||||
}
|
||||
}
|
||||
|
||||
contract DeployBase is Script {
|
||||
using UniswapHelpers for IUniswapV3Pool;
|
||||
|
||||
|
|
@ -23,6 +70,12 @@ contract DeployBase is Script {
|
|||
address public v3Factory;
|
||||
address public optimizer;
|
||||
|
||||
// Seed amounts for VWAP bootstrap.
|
||||
// Kept small: deployer only needs this ETH on top of gas.
|
||||
// With very thin bootstrap positions, even 0.005 ETH moves the price >400 ticks.
|
||||
uint256 internal constant SEED_LM_ETH = 0.01 ether;
|
||||
uint256 internal constant SEED_SWAP_ETH = 0.005 ether;
|
||||
|
||||
// Deployed contracts
|
||||
Kraiken public kraiken;
|
||||
Stake public stake;
|
||||
|
|
@ -88,12 +141,46 @@ contract DeployBase is Script {
|
|||
liquidityManager = new LiquidityManager(v3Factory, weth, address(kraiken), optimizerAddress);
|
||||
console.log("LiquidityManager deployed at:", address(liquidityManager));
|
||||
|
||||
// Set fee destination
|
||||
liquidityManager.setFeeDestination(feeDest);
|
||||
|
||||
// Set liquidity manager in Kraiken
|
||||
kraiken.setLiquidityManager(address(liquidityManager));
|
||||
|
||||
// =====================================================================
|
||||
// VWAP Bootstrap -> seed trade during deployment
|
||||
//
|
||||
// The cumulativeVolume==0 path in recenter() records VWAP from whatever
|
||||
// price exists at the time of the first fee event. An attacker who
|
||||
// front-runs deployment with a whale buy inflates that anchor.
|
||||
//
|
||||
// Fix: execute a small buy BEFORE handing control to users so that
|
||||
// cumulativeVolume>0 by the time the protocol is live.
|
||||
//
|
||||
// Deployer must have SEED_LM_ETH + SEED_SWAP_ETH available (≈0.015 ETH).
|
||||
// =====================================================================
|
||||
console.log("\nBootstrapping VWAP with seed trade...");
|
||||
|
||||
// Step 1: Temporarily set deployer as feeDestination to call setRecenterAccess.
|
||||
liquidityManager.setFeeDestination(sender);
|
||||
liquidityManager.setRecenterAccess(sender);
|
||||
|
||||
// Step 2: Fund LM and place initial bootstrap positions.
|
||||
(bool funded,) = address(liquidityManager).call{ value: SEED_LM_ETH }("");
|
||||
require(funded, "Failed to fund LM for seed bootstrap");
|
||||
liquidityManager.recenter();
|
||||
|
||||
// Step 3: Seed buy -> generates a non-zero fee in the anchor position.
|
||||
SeedSwapper seedSwapper = new SeedSwapper(weth, address(pool), token0isWeth);
|
||||
seedSwapper.executeSeedBuy{ value: SEED_SWAP_ETH }(sender);
|
||||
|
||||
// Step 4: Second recenter records VWAP (bootstrap path + ethFee > 0).
|
||||
liquidityManager.recenter();
|
||||
require(liquidityManager.cumulativeVolume() > 0, "VWAP bootstrap failed: cumulativeVolume is 0");
|
||||
console.log("VWAP bootstrapped -> cumulativeVolume:", liquidityManager.cumulativeVolume());
|
||||
|
||||
// Step 5: Clean up -> revoke temporary access and set the real feeDestination.
|
||||
liquidityManager.revokeRecenterAccess();
|
||||
liquidityManager.setFeeDestination(feeDest);
|
||||
console.log("recenterAccess revoked, feeDestination set to", feeDest);
|
||||
|
||||
console.log("\n=== Deployment Complete ===");
|
||||
console.log("Kraiken:", address(kraiken));
|
||||
console.log("Stake:", address(stake));
|
||||
|
|
@ -101,9 +188,9 @@ contract DeployBase is Script {
|
|||
console.log("LiquidityManager:", address(liquidityManager));
|
||||
console.log("Optimizer:", optimizerAddress);
|
||||
console.log("\nPost-deploy steps:");
|
||||
console.log(" 1. Fund LiquidityManager with ETH");
|
||||
console.log(" 1. Fund LiquidityManager with operational ETH (VWAP already bootstrapped)");
|
||||
console.log(" 2. Set recenterAccess to txnBot: lm.setRecenterAccess(txnBot) from feeDestination");
|
||||
console.log(" 3. Wait a few minutes, then call recenter()");
|
||||
console.log(" 3. txnBot can now call recenter()");
|
||||
|
||||
vm.stopBroadcast();
|
||||
}
|
||||
|
|
|
|||
Loading…
Add table
Add a link
Reference in a new issue