Skip to content

Instant WDs stEth #294

New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom
Merged
merged 47 commits into from
Nov 5, 2025
Merged

Instant WDs stEth #294

merged 47 commits into from
Nov 5, 2025

Conversation

@vvalecha519
Copy link
Contributor

@vvalecha519 vvalecha519 commented Sep 22, 2025
edited by cursor bot
Loading

Note

Enable instant redemptions to ETH or stETH with per-token limits/fees, integrate EtherFiRestaker, and add non-ETH share burn path in LiquidityPool with deployment/ops scripts.

  • Redemptions/Protocol:
    • Extend EtherFiRedemptionManager to redeem eETH/weETH to ETH or stETH, with per-token RedemptionInfo (rate limit, fees, low watermark) and admin setters; add initializeTokenParameters, previewRedeem(shares, token), and output-token routing.
    • Integrate EtherFiRestaker (constructor param + lido) and emit token-aware Redeemed event; add rate-limit and liquidity checks per token.
  • Restaker:
    • Add immutable etherFiRedemptionManager and transferStETH(recipient, amount) restricted to the manager.
  • LiquidityPool:
    • Add burnEEthSharesForNonETHWithdrawal(uint256,uint256) and EEthSharesBurnedForNonETHWithdrawal event to support stETH redemptions without ETH withdrawal.
  • Scripts/Ops:
    • Add deployment, verification, and timelock execution scripts for LiquidityPool, EtherFiRedemptionManager(Temp), and EtherFiRestaker; include rollback paths.
    • Add mainnet addresses registry (script/deploys/Deployed.s.sol) and deployment logs (CREATE2 salt and new impl addresses).
  • Utilities:
    • Fix ContractCodeChecker byte comparison order in full/partial match helpers.
  • Tests:
    • Update and add tests for per-token admin controls, ETH/stETH redemption flows, share-price invariants, and restaker permissions.

Written by Cursor Bugbot for commit 51cf1fb. This will update automatically on new commits. Configure here.

@vvalecha519 vvalecha519 changed the title make more maintainable Instant WDs stEth Sep 22, 2025
shivam-ef
shivam-ef requested changes Sep 23, 2025
View reviewed changes
@pankajjagtapp pankajjagtapp self-requested a review September 23, 2025 22:51
pankajjagtapp
pankajjagtapp reviewed Sep 24, 2025
View reviewed changes
vvalecha519 and others added 12 commits September 29, 2025 12:05
@vvalecha519
H1 fix
cfefe84
@vvalecha519
allow rebase call from redemptionManager"
6fe932b
@vvalecha519
test difference in share price
17f4cbc
@vvalecha519
add more testing for H1 and assertions
ad5df79
@vvalecha519
fix M1, L1, I1
caab8ae
@vvalecha519
do not use rebase create new method
2015451
@seongyun-ko
fix: add staker fee distribution to stETH redemption flow
9ff9264 
- Add feeShareToStakers parameter to _processStETHRedemption
- Call burnEEthShares to distribute fees to stakers in stETH flow
- Update share validation to account for both withdrawal and fee burning
- Ensure consistent fee handling between ETH and stETH redemption flows
- Add InvalidOutputToken error for unsupported output tokens
- Improve function documentation and parameter naming
@vvalecha519
fix test
fc7634e
@vvalecha519
Merge pull request #299 from etherfi-protocol/syko/fix/steth-redempti…
4151ea3 
…on-staker-fees

fix: add fee split to stETH redemption flow
@vvalecha519
add event and test 0 fees
8e78450
@vvalecha519
remove permissions for redemption manager to rebase
2e86eb8
@vvalecha519
Merge pull request #297 from etherfi-protocol/vaibhav/instant-wd-stet…
037da63 
…h-fixes

Vaibhav/instant wd steth fixes
cursor[bot]

This comment was marked as outdated.

Sign in to view

@pankajjagtapp
Implement deployment scripts for stETH withdrawals
8585bb3 
- Added `deploy.s.sol` to handle the deployment of EtherFi contracts including `EtherFiRedemptionManagerTemp`, `EtherFiRestaker`, `EtherFiRedemptionManager`, and `LiquidityPool`.
- Created utility functions in `utils.sol` for deployment and verification processes.
@pankajjagtapp
Refactor stETH withdrawal scripts and add transaction handling
2d85f68 
- Introduced `transactions.s.sol` for managing upgrade and rollback processes for EtherFi contracts.
- Removed unused variables and comments from `deploy.s.sol`.
- Added a new `readme.md` to document deployment and upgrade procedures.
- Updated utility functions in `utils.sol` to include minimum delay constants for timelocks.
@pankajjagtapp
fix: bytecode comparison logic in ContractCodeChecker
e63e5e1
@pankajjagtapp
fix: Enhance stETH withdrawal transaction management and utility func…
4909139 
…tions

- Updated `transactions.s.sol` to include new contract implementations for `EtherFiRedemptionManager`, `EtherFiRedemptionManagerTemp`, `EtherFiRestaker`, and `LiquidityPool`.
- Enhanced utility functions in `utils.sol` to support proxy upgradeability checks and time calculations.
pankajjagtapp and others added 14 commits October 8, 2025 21:44
@pankajjagtapp
refactor: bug fix in LiquidityPool constructor arguments in deploymen…
19cfcb2 
…t script
@pankajjagtapp
feat: Add helper function to verify Create2 address in Utils contract
a8b0728 
- Implemented `verifyCreate2Address` function to compute the predicted address for contracts created with Create2, enhancing deployment verification capabilities.
- Refactored `getImplementation` function to streamline proxy implementation retrieval using `vm.load`.
@pankajjagtapp
fix: Update LiquidityPool implementation address and refine transacti…
0272826 
…on handling in stETH withdrawal script
@pankajjagtapp
feat: Add verification script for stETH withdrawals
b59d34c 
- Introduced `VerifyStETHWithdrawals` contract to validate addresses, bytecode, upgradeability, and new functionality for EtherFi contracts.
@pankajjagtapp
fix: Update exit fee structure in stETH withdrawal transactions to 0
c9b1738
@pankajjagtapp
fix: Adjust bucket capacity and refill rate in stETH withdrawal trans…
829fa6b 
…actions
@seongyun-ko
initialize with stETH instead of weETH as output token
df12790
@pankajjagtapp
fix: Changed output token from eETH to ETH
f531483
@pankajjagtapp
temporary commit
1eb6de6
@pankajjagtapp
feat: Add deployment configurations for EtherFiRedemptionManager, `…
6bcafec 
…EtherFiRedemptionManagerTemp`, `EtherFiRestaker`, and `LiquidityPool
@pankajjagtapp
fix: Updated token address from EETH_PROXY to ETH in `VerifyStETH…
961ecfb 
…Withdrawals`
@pankajjagtapp
feat: Add audit report for stETH withdrawals
bbf937e
@pankajjagtapp
chore: Remove outdated readme for stETH withdrawals
57add77
@pankajjagtapp
Merge pull request #300 from etherfi-protocol/pankaj/operations/deplo…
4645215 
…y-verify-instant_wdrls_for_stETH

Implement deployment and verifications scripts for stETH withdrawals upgrade
cursor[bot]

This comment was marked as outdated.

Sign in to view

cursor[bot]

This comment was marked as outdated.

Sign in to view

cursor[bot]

This comment was marked as outdated.

Sign in to view

@sherlock-ai-beta
Copy link

sherlock-ai-beta bot commented Oct 28, 2025

Sherlock AI Findings

The automated tool identified the following potential security issues in the codebase. Please review the details for each issue in the linked dashboard.

# Title Severity Details
1 Unprotected initializer allows first caller to set zero fees, zero low-watermark, and massive rate limit, then immediately redeem liquidity Medium View Details

Next Steps: Review the linked issues in the dashboard and address high-severity bugs first. Contact the team if you need assistance.

Full report available at: https://ai.sherlock.xyz/runs/45019e86-8db1-4b82-a92a-44df65662d93

@pankajjagtapp
chore: Comment out unused address constants for ETHERFI_OPERATING_ADM…
51cf1fb 
…IN and OPERATING_TIMELOCK in stETH withdrawal scripts
cursor[bot]
cursor bot reviewed Oct 31, 2025
View reviewed changes
src/EtherFiRedemptionManager.sol
exitFeeInBps: _exitFeeInBps[i],
lowWatermarkInBpsOfTvl: _lowWatermarkInBpsOfTvl[i]
});
}
Copy link

@cursor cursor bot Oct 31, 2025

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

Bug: Bug

The initializeTokenParameters function iterates using _exitFeeSplitToTreasuryInBps.length but accesses other input arrays (_tokens, _exitFeeInBps, _lowWatermarkInBpsOfTvl, _bucketCapacity, _bucketRefillRate) without validating their lengths. If any of these arrays are shorter, it results in an out-of-bounds access and transaction revert.

Fix in Cursor Fix in Web

pankajjagtapp
pankajjagtapp approved these changes Nov 3, 2025
View reviewed changes
Copy link
Contributor

@pankajjagtapp pankajjagtapp left a comment

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

Executed the stETH withdrawals upgrade on contracts

@pankajjagtapp pankajjagtapp merged commit 0c6331e into master Nov 5, 2025
1 of 3 checks passed
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment

Reviewers

@cursor cursor[bot] cursor[bot] left review comments

@pankajjagtapp pankajjagtapp pankajjagtapp approved these changes

@shivam-ef shivam-ef shivam-ef approved these changes

Assignees

No one assigned

Labels

None yet

Projects

None yet

Milestone

No milestone

Development

Successfully merging this pull request may close these issues.

5 participants

@vvalecha519 @pankajjagtapp @shivam-ef @seongyun-ko