This PR #41 brought in old files.

strategy doesn't register itself as a voter in ygov, so strategy.voteFor() and strategy.voteAgainst() have no effect.

to fix this strategy should call ygov.register() to be able to vote.

the original idea was for it to be an emergency quorum trigger, only callable by governance.

this issue can probably be marked as wontfix, since we are redoing governance anyway.

strategy = 0x395F93350D5102B6139Abfc84a7D6ee70488797C
ygov = 0xBa37B002AbaFDd8E89a1995dA52740bbC013D992

What's your issue about?

I recently tried to connect my wallet on to yearn and found out the Portis option is not working. Luckily V1 is still up and works! Just a heads-up!

Vault.sol is missing an earn
method that is common in all Vault implementations

What's your issue about?

Current deployed code for these strategies needs syncing on master branch:

• StrategyCurve3CrvVoterProxy
• StrategyCurveYVoterProxy
• StrategyCurveBTCVoterProxy
• StrategyCurveBUSDVoterProxy

Reference: https://feel-the-yearn.app/vaults

How can it be fixed?

Update all current deployed code in a branch and send a PR for merging to develop->master

Security

N/A

See https://github.com/crytic/slither

HouseKeeping add crvPBTC strategy latest update from this address:
0x123964EbE096A920dae00Fb795FFBfA0c9Ff4675

Should follow similar housekeeping PRs including:

• Refactoring interfaces
• Update calls in code to use interfaces
• CI should be green before merging

Example PRs to follow
https://github.com/iearn-finance/yearn-protocol/pull/89/files

After this one it merged #5.

            token.safeApprove(addr, 0);
            token.safeApprove(addr, uint256(-1));

why first safeApprove(0), then safeApprove(amount)?

Hi,

There's currently a typo in the homepage interface in yearn.finance, in the hover-over of the vault section; it currently reads as follows:

Vaults follow a unique strategy that are designed to maximize the yield of the deposited asset and minimize risk.

The "are" is misplaced as it ought to refer to strategy. It should either be:

Vaults follow a unique strategy that is designed to maximize...

Or:

Vaults follow unique strategies that are designed to maximize..

Thank you!

What's your issue about?

The vault that is used to create a new release using YRegistry.newRelease(0x...) is automatically endorsed and shown on Yearn's main site in the production tab.

Steps to reproduce
Create a new release using YRegistry.newRelease(0x...) with any vault.

What is expected to happen.
It's expected to create a new release and add the vault to the registry.

What actually happens.
It creates a new release, adds the vault to the registry, and endorses it automatically.

Notes
It's not always that the first vault of a new release is production-ready. So we need a way to create a new release, add a vault, and test it accordingly.

Argent with walletconnect not working, was working a week ago now giving the following error "index.ts:181 Uncaught (in promise) TypeError: this.send is not a function" right after connecting and not working afterwards.

Currently we use abridged interfaces which doesn't include functions besides those used in the contract.

Full interfaces might be useful for tests and interactive sessions, and they don't affect the resulting compiler output size, so no real downsides.

Hi, while auditing some of the risks of depositing to yearn vaults, I noticed that the 6/9 quorum multisig can update the controller (strategy) contract instantaneously.

I'm wondering what the security advantage of this compared to having it go with a week 'cooldown'/announcement period (eg. you can only actually activate the new strategy after 7 days).

The main objection about this is "but what if the current strategy turns out to have a bug?": But I feel like a panic() method that pauses the current strategy and moves all funds to the vault would be sufficient?

A test was added for BTCOSMedianizer, so should probably make one for ETH as well

HouseKeeping add crvOBTC strategy latest update from this address:
0x7F83935EcFe4729c4Ea592Ab2bC1A32588409797

Should follow similar housekeeping PRs including:

• Refactoring interfaces
• Update calls in code to use interfaces
• CI should be green before merging

Example PRs to follow
https://github.com/iearn-finance/yearn-protocol/pull/89/files

Adding isolation to test drastically speeds up CI: https://eth-brownie.readthedocs.io/en/stable/tests-pytest-intro.html#pytest-fixtures-isolation

Create two new fields to be standard in strategy contracts.

1. Add a boolean field that indicates whether a strategy is delegating its funds to another strategy, which would greatly simplify TVL calculations. Currently, calculations for TVL to avoid double-counting need to be curated manually. Addition of a simple boolean field to indicate whether the strategy were delegating its funds could move all of these calculations on-chain, which some services (such as DeFi Pulse) strongly prefer.

Conceptually, the calculation could work as: all added strategies -> update migrations -> filter out non-TVL -> perform estimated asset count

As a name for this boolean field, I was thinking isDelegated, but if that would lead to confusion with the "Delegated Vaults" then we could just call it includeInTVL.

2. Add a boolean field to signify whether a strategy is active or not, isActive. This would essentially allow "hiding" deprecated or inactive strategies without having to actually remove them from vaults.

If desired, this could also be automated with some kind of check on value locked in the strategy.

HouseKeeping add crvEUR strategy latest update from this address:
0x83e7399113561ae691c413ed334137D3839e2302

Should follow similar house keeping PRs including:

• refactoring interfaces
• update calls in code to use interfaces
• CI should be green before merging

Example PRs to follow
https://github.com/iearn-finance/yearn-protocol/pull/89/files

This is part of CI that's occasionally hanging: https://github.com/iearn-finance/yearn-protocol/blob/22a0fecec787fa9ed972298b7e26aa3639838c6e/.github/workflows/test.yaml#L66-L67

ref: logs

HouseKeeping add crvTBTC strategy latest update from this address:
0x07FB4756f67bD46B748b16119E802F1f880fb2CC

Should follow similar housekeeping PRs including:

• Refactoring interfaces
• Update calls in code to use interfaces
• CI should be green before merging

Example PRs to follow
https://github.com/iearn-finance/yearn-protocol/pull/89/files

I think it would make sense to add vault addresses to getVaultsInfo() in the next iteration of registry so it returns complete information. It also might be better to return an array of structs as opposed to unzipped arrays of different params.

Consider this example.

$ brownie console --network mainnet
Brownie v1.11.5 - Python development framework for Ethereum

No project was loaded.
Brownie environment is ready.
>>> registry = Contract.from_explorer('registry.ychad.eth')
Fetching source of 0x3eE41C098f9666ed2eA246f4D2558010e59d63A0 from api.etherscan.io...
>>> registry.getVaultsInfo()
(('0x2be5D998C95DE70D9A38b3d78e49751F10F9E88b', '0x2be5D998C95DE70D9A38b3d78e49751F10F9E88b', '0x9E65Ad11b299CA0Abefc2799dDB6314Ef2d91080', '0x9E65Ad11b299CA0Abefc2799dDB6314Ef2d91080', '0x9E65Ad11b299CA0Abefc2799dDB6314Ef2d91080', '0x9E65Ad11b299CA0Abefc2799dDB6314Ef2d91080', '0x9E65Ad11b299CA0Abefc2799dDB6314Ef2d91080', '0x9E65Ad11b299CA0Abefc2799dDB6314Ef2d91080', '0x9E65Ad11b299CA0Abefc2799dDB6314Ef2d91080', '0x9E65Ad11b299CA0Abefc2799dDB6314Ef2d91080', '0x9E65Ad11b299CA0Abefc2799dDB6314Ef2d91080'), ('0xA64BD6C70Cb9051F6A9ba1F163Fdc07E0DfB5F84', '0x514910771AF9Ca656af840dff83E8264EcF986CA', '0xA0b86991c6218b36c1d19D4a2e9Eb0cE3606eB48', '0xdF5e0e81Dff6FAF3A7e52BA697820c5e32D806A8', '0x0000000000085d4780B73119b644AE5ecd22b376', '0x6B175474E89094C44Da98b954EedeAC495271d0F', '0xdAC17F958D2ee523a2206206994597C13D831ec7', '0x0bc529c00C6401aEF6D220BE8C6Ea1667F6Ad93e', '0x3B3Ac5386837Dc563660FB6a0937DFAa5924333B', '0x075b1bb99792c9E1041bA13afEf80C91a1e70fB3', '0xC02aaA39b223FE8D0A0e5C4F27eAD9083C756Cc2'), ('0x25fAcA21dd2Ad7eDB3a027d543e617496820d8d6', '0x25fAcA21dd2Ad7eDB3a027d543e617496820d8d6', '0xA30d1D98C502378ad61Fe71BcDc3a808CF60b897', '0xc999fb87AcA383A63D804A575396F65A55aa5aC8', '0x1d91E3F77271ed069618b4BA06d19821BC2ed8b0', '0xAa880345A3147a1fC6889080401C791813ed08Dc', '0x787C771035bDE631391ced5C083db424A4A64bD8', '0x40BD98e3ccE4F34c087a73DD3d05558733549afB', '0x2EE856843bB65c244F527ad302d6d2853921727e', '0x4FEeaecED575239b46d70b50E13532ECB62e4ea8', '0x932fc4fd0eEe66F22f1E23fBA74D7058391c0b15'), (False, True, False, False, False, False, False, False, False, False, False), (True, True, False, False, False, False, False, False, False, False, False))
>>> registry.getVaults()
("0x29E240CFD7946BA20895a7a02eDb25C210f9f324", "0x881b06da56BB5675c54E4Ed311c21E54C5025298", "0x597aD1e0c13Bfe8025993D9e79C69E1c0233522e", "0x5dbcF33D8c2E976c6b560249878e6F1491Bca25c", "0x37d19d1c4E1fa9DC47bD1eA12f742a0887eDa74a", "0xACd43E627e64355f1861cEC6d3a6688B31a6F952", "0x2f08119C6f07c006695E079AAFc638b8789FAf18", "0xBA2E7Fed597fd0E3e70f5130BcDbbFE06bB94fe1", "0x2994529C0652D127b7842094103715ec5299bBed", "0x7Ff566E1d69DEfF32a7b244aE7276b9f90e9D0f6", "0xe1237aA7f535b0CC33Fd973D66cBf830354D16c7")
>>> fields = ['vault', 'controller', 'token', 'strategy', 'is_wrapped', 'is_delegated']
>>> [dict(zip(fields, values)) for values in zip(registry.getVaults(), *registry.getVaultsInfo())]
[
    {
        'controller': "0x2be5D998C95DE70D9A38b3d78e49751F10F9E88b",
        'is_delegated': True,
        'is_wrapped': False,
        'strategy': "0x25fAcA21dd2Ad7eDB3a027d543e617496820d8d6",
        'token': "0xA64BD6C70Cb9051F6A9ba1F163Fdc07E0DfB5F84",
        'vault': "0x29E240CFD7946BA20895a7a02eDb25C210f9f324"
    },
…
    {
        'controller': "0x9E65Ad11b299CA0Abefc2799dDB6314Ef2d91080",
        'is_delegated': False,
        'is_wrapped': False,
        'strategy': "0x932fc4fd0eEe66F22f1E23fBA74D7058391c0b15",
        'token': "0xC02aaA39b223FE8D0A0e5C4F27eAD9083C756Cc2",
        'vault': "0xe1237aA7f535b0CC33Fd973D66cBf830354D16c7"
    }
]

With the proposed changes it would be as simple as:

>>> registry = Contract.from_explorer('registry.ychad.eth')
>>> fields = ['vault', 'controller', 'token', 'strategy', 'is_wrapped', 'is_delegated']
>>> [dict(zip(fields, values)) for values in registry.getVaultsInfo()]

StrategyCurvesUSDVoterProxy

StrategyCurveTBTCVoterProxy

StrategyCurvePBTCVoterProxy

StrategyCurveOBTCVoterProxy

TODO: housekeeping

At least include:

• description
• how-to run/test

ref: #27 (comment)

Work on PR #56 or directly on YRegistryV2.sol after PR is merged.

The idea is to merge addVault(address _vault) , addWrappedVault(address _vault) and addDelegatedVault(address _vault) into a single addVault(address _vault, string _type).

Where _type will be mapped to an external contract that will have all specifics on how to handle that type of vault/strategy.

We'd also need to add addType(string _type, address _wrapper) governance function.

IRegistryVault will need to have:

• getVaultInfo
• validateVault
• no state nor tokens.

We might also want to create an abstract RegistryVault for v2 design so new vaults would implement this directly without the need for a wrapper.

Plus, we should talk with all contracts/backend/frontend teams to define what getVaultInfo should return :)

Hello
Please help me get back my tokens that I sent by mistake to hold liquidity 26.14 WBNB & 14,314.328390163716407215 SISHI Back to my wallet 0x261DF701BC42dED68A367B0bC74D3C67BfD3C642
And this is my proof 0xb2bb4af51713470677b52c78bf345d0388b87685d7d8120fc1eba4dde8885501
0xd5b59ced3676c10dc7020062140e11db033449fc0c872318feaa3ad7ea0214a0
please help me
Transaction done on the blockchain can be reversed Please send it to me again
I sendet to this Contract 0xf0A9Af2aEF77d903fc86D3B08BdFCf87f0088A8E

Hi I want to know how can I calculate this APY displayed at above screenshot.
I'd be appreciate if u could show me on BUSD

https://github.com/iearn-finance/yearn-protocol/blob/e602e66f18875edf192f0f2a65aac4d2453470a3/contracts/Vault.vy#L167

This is just a suggestion. It might be good to add safety checks on the approve method to mitigate the problem described here
https://github.com/OpenZeppelin/openzeppelin-contracts/blob/master/contracts/token/ERC20/IERC20.sol#L42

This safety check is present in curve.fi ERC20 token
https://github.com/curvefi/curve-contract/blob/master/contracts/tokens/CurveTokenV2.vy

Here
https://github.com/iearn-finance/yearn-protocol/blob/81d5ce24cb3fb276d00bf9144fe27644d45c707e/interfaces/yearn/IController.sol#L12

The documented interface shows a want public field which i believe is actually from the strategy.

Seeing the implementation Controller.sol, there is no want field.

HouseKeeping add crvsUSD strategy latest update from this address:
0x5533ed0a3b83F70c3c4a1f69Ef5546D3D4713E44

Should follow similar housekeeping PRs including:

• Refactoring interfaces
• Update calls in code to use interfaces
• CI should be green before merging

Example PRs to follow
https://github.com/iearn-finance/yearn-protocol/pull/89/files

Can we do a simple step-by-step deployment guide for newbies to play around yearn protocol and learn around yearn smart contracts on practice?

Would be helpful to learn about vaults on mainnet by having a full guide on deploying vaults and adding new vaults to yearn protocol.