yearn / yearn-protocol Goto Github PK
View Code? Open in Web Editor NEWYearn smart contracts
Home Page: https://yearn.finance
License: GNU Affero General Public License v3.0
Yearn smart contracts
Home Page: https://yearn.finance
License: GNU Affero General Public License v3.0
Vault.sol is missing an earn
method that is common in all Vault implementations
A test was added for BTCOSMedianizer, so should probably make one for ETH as well
Adding isolation to test drastically speeds up CI: https://eth-brownie.readthedocs.io/en/stable/tests-pytest-intro.html#pytest-fixtures-isolation
HouseKeeping add crvTBTC strategy latest update from this address:
0x07FB4756f67bD46B748b16119E802F1f880fb2CC
Should follow similar housekeeping PRs including:
Example PRs to follow
https://github.com/iearn-finance/yearn-protocol/pull/89/files
The documented interface shows a want
public field which i believe is actually from the strategy.
Seeing the implementation Controller.sol, there is no want
field.
This PR #41 brought in old files.
HouseKeeping add crvOBTC strategy latest update from this address:
0x7F83935EcFe4729c4Ea592Ab2bC1A32588409797
Should follow similar housekeeping PRs including:
Example PRs to follow
https://github.com/iearn-finance/yearn-protocol/pull/89/files
HouseKeeping add crvEUR strategy latest update from this address:
0x83e7399113561ae691c413ed334137D3839e2302
Should follow similar house keeping PRs including:
Example PRs to follow
https://github.com/iearn-finance/yearn-protocol/pull/89/files
strategy
doesn't register itself as a voter in ygov
, so strategy.voteFor()
and strategy.voteAgainst()
have no effect.
to fix this strategy
should call ygov.register()
to be able to vote.
the original idea was for it to be an emergency quorum trigger, only callable by governance
.
this issue can probably be marked as wontfix, since we are redoing governance anyway.
strategy = 0x395F93350D5102B6139Abfc84a7D6ee70488797C
ygov = 0xBa37B002AbaFDd8E89a1995dA52740bbC013D992
Hi, while auditing some of the risks of depositing to yearn vaults, I noticed that the 6/9 quorum multisig can update the controller (strategy) contract instantaneously.
I'm wondering what the security advantage of this compared to having it go with a week 'cooldown'/announcement period (eg. you can only actually activate the new strategy after 7 days).
The main objection about this is "but what if the current strategy turns out to have a bug?": But I feel like a panic()
method that pauses the current strategy and moves all funds to the vault would be sufficient?
This is just a suggestion. It might be good to add safety checks on the approve
method to mitigate the problem described here
https://github.com/OpenZeppelin/openzeppelin-contracts/blob/master/contracts/token/ERC20/IERC20.sol#L42
This safety check is present in curve.fi ERC20 token
https://github.com/curvefi/curve-contract/blob/master/contracts/tokens/CurveTokenV2.vy
Work on PR #56 or directly on
YRegistryV2.sol
after PR is merged.
The idea is to merge addVault(address _vault) , addWrappedVault(address _vault) and addDelegatedVault(address _vault)
into a single addVault(address _vault, string _type)
.
Where _type
will be mapped to an external contract that will have all specifics on how to handle that type of vault/strategy.
We'd also need to add addType(string _type, address _wrapper)
governance function.
IRegistryVault
will need to have:
getVaultInfo
validateVault
We might also want to create an abstract RegistryVault
for v2 design so new vaults would implement this directly without the need for a wrapper.
Plus, we should talk with all contracts/backend/frontend teams to define what getVaultInfo
should return :)
Currently we use abridged interfaces which doesn't include functions besides those used in the contract.
Full interfaces might be useful for tests and interactive sessions, and they don't affect the resulting compiler output size, so no real downsides.
This is part of CI that's occasionally hanging: https://github.com/iearn-finance/yearn-protocol/blob/22a0fecec787fa9ed972298b7e26aa3639838c6e/.github/workflows/test.yaml#L66-L67
ref: logs
Current deployed code for these strategies needs syncing on master branch:
Reference: https://feel-the-yearn.app/vaults
Update all current deployed code in a branch and send a PR for merging to develop->master
N/A
Can we do a simple step-by-step deployment guide for newbies to play around yearn protocol and learn around yearn smart contracts on practice?
Would be helpful to learn about vaults on mainnet by having a full guide on deploying vaults and adding new vaults to yearn protocol.
I think it would make sense to add vault addresses to getVaultsInfo()
in the next iteration of registry so it returns complete information. It also might be better to return an array of structs as opposed to unzipped arrays of different params.
Consider this example.
$ brownie console --network mainnet
Brownie v1.11.5 - Python development framework for Ethereum
No project was loaded.
Brownie environment is ready.
>>> registry = Contract.from_explorer('registry.ychad.eth')
Fetching source of 0x3eE41C098f9666ed2eA246f4D2558010e59d63A0 from api.etherscan.io...
>>> registry.getVaultsInfo()
(('0x2be5D998C95DE70D9A38b3d78e49751F10F9E88b', '0x2be5D998C95DE70D9A38b3d78e49751F10F9E88b', '0x9E65Ad11b299CA0Abefc2799dDB6314Ef2d91080', '0x9E65Ad11b299CA0Abefc2799dDB6314Ef2d91080', '0x9E65Ad11b299CA0Abefc2799dDB6314Ef2d91080', '0x9E65Ad11b299CA0Abefc2799dDB6314Ef2d91080', '0x9E65Ad11b299CA0Abefc2799dDB6314Ef2d91080', '0x9E65Ad11b299CA0Abefc2799dDB6314Ef2d91080', '0x9E65Ad11b299CA0Abefc2799dDB6314Ef2d91080', '0x9E65Ad11b299CA0Abefc2799dDB6314Ef2d91080', '0x9E65Ad11b299CA0Abefc2799dDB6314Ef2d91080'), ('0xA64BD6C70Cb9051F6A9ba1F163Fdc07E0DfB5F84', '0x514910771AF9Ca656af840dff83E8264EcF986CA', '0xA0b86991c6218b36c1d19D4a2e9Eb0cE3606eB48', '0xdF5e0e81Dff6FAF3A7e52BA697820c5e32D806A8', '0x0000000000085d4780B73119b644AE5ecd22b376', '0x6B175474E89094C44Da98b954EedeAC495271d0F', '0xdAC17F958D2ee523a2206206994597C13D831ec7', '0x0bc529c00C6401aEF6D220BE8C6Ea1667F6Ad93e', '0x3B3Ac5386837Dc563660FB6a0937DFAa5924333B', '0x075b1bb99792c9E1041bA13afEf80C91a1e70fB3', '0xC02aaA39b223FE8D0A0e5C4F27eAD9083C756Cc2'), ('0x25fAcA21dd2Ad7eDB3a027d543e617496820d8d6', '0x25fAcA21dd2Ad7eDB3a027d543e617496820d8d6', '0xA30d1D98C502378ad61Fe71BcDc3a808CF60b897', '0xc999fb87AcA383A63D804A575396F65A55aa5aC8', '0x1d91E3F77271ed069618b4BA06d19821BC2ed8b0', '0xAa880345A3147a1fC6889080401C791813ed08Dc', '0x787C771035bDE631391ced5C083db424A4A64bD8', '0x40BD98e3ccE4F34c087a73DD3d05558733549afB', '0x2EE856843bB65c244F527ad302d6d2853921727e', '0x4FEeaecED575239b46d70b50E13532ECB62e4ea8', '0x932fc4fd0eEe66F22f1E23fBA74D7058391c0b15'), (False, True, False, False, False, False, False, False, False, False, False), (True, True, False, False, False, False, False, False, False, False, False))
>>> registry.getVaults()
("0x29E240CFD7946BA20895a7a02eDb25C210f9f324", "0x881b06da56BB5675c54E4Ed311c21E54C5025298", "0x597aD1e0c13Bfe8025993D9e79C69E1c0233522e", "0x5dbcF33D8c2E976c6b560249878e6F1491Bca25c", "0x37d19d1c4E1fa9DC47bD1eA12f742a0887eDa74a", "0xACd43E627e64355f1861cEC6d3a6688B31a6F952", "0x2f08119C6f07c006695E079AAFc638b8789FAf18", "0xBA2E7Fed597fd0E3e70f5130BcDbbFE06bB94fe1", "0x2994529C0652D127b7842094103715ec5299bBed", "0x7Ff566E1d69DEfF32a7b244aE7276b9f90e9D0f6", "0xe1237aA7f535b0CC33Fd973D66cBf830354D16c7")
>>> fields = ['vault', 'controller', 'token', 'strategy', 'is_wrapped', 'is_delegated']
>>> [dict(zip(fields, values)) for values in zip(registry.getVaults(), *registry.getVaultsInfo())]
[
{
'controller': "0x2be5D998C95DE70D9A38b3d78e49751F10F9E88b",
'is_delegated': True,
'is_wrapped': False,
'strategy': "0x25fAcA21dd2Ad7eDB3a027d543e617496820d8d6",
'token': "0xA64BD6C70Cb9051F6A9ba1F163Fdc07E0DfB5F84",
'vault': "0x29E240CFD7946BA20895a7a02eDb25C210f9f324"
},
…
{
'controller': "0x9E65Ad11b299CA0Abefc2799dDB6314Ef2d91080",
'is_delegated': False,
'is_wrapped': False,
'strategy': "0x932fc4fd0eEe66F22f1E23fBA74D7058391c0b15",
'token': "0xC02aaA39b223FE8D0A0e5C4F27eAD9083C756Cc2",
'vault': "0xe1237aA7f535b0CC33Fd973D66cBf830354D16c7"
}
]
With the proposed changes it would be as simple as:
>>> registry = Contract.from_explorer('registry.ychad.eth')
>>> fields = ['vault', 'controller', 'token', 'strategy', 'is_wrapped', 'is_delegated']
>>> [dict(zip(fields, values)) for values in registry.getVaultsInfo()]
HouseKeeping add crvPBTC strategy latest update from this address:
0x123964EbE096A920dae00Fb795FFBfA0c9Ff4675
Should follow similar housekeeping PRs including:
Example PRs to follow
https://github.com/iearn-finance/yearn-protocol/pull/89/files
Hi,
There's currently a typo in the homepage interface in yearn.finance, in the hover-over of the vault section; it currently reads as follows:
Vaults follow a unique strategy that are designed to maximize the yield of the deposited asset and minimize risk.
The "are" is misplaced as it ought to refer to strategy. It should either be:
Vaults follow a unique strategy that is designed to maximize...
Or:
Vaults follow unique strategies that are designed to maximize..
Thank you!
HouseKeeping add crvsUSD strategy latest update from this address:
0x5533ed0a3b83F70c3c4a1f69Ef5546D3D4713E44
Should follow similar housekeeping PRs including:
Example PRs to follow
https://github.com/iearn-finance/yearn-protocol/pull/89/files
The vault that is used to create a new release using YRegistry.newRelease(0x...) is automatically endorsed and shown on Yearn's main site in the production tab.
Steps to reproduce
Create a new release using YRegistry.newRelease(0x...) with any vault.
What is expected to happen.
It's expected to create a new release and add the vault to the registry.
What actually happens.
It creates a new release, adds the vault to the registry, and endorses it automatically.
Notes
It's not always that the first vault of a new release is production-ready. So we need a way to create a new release, add a vault, and test it accordingly.
I recently tried to connect my wallet on to yearn and found out the Portis option is not working. Luckily V1 is still up and works! Just a heads-up!
Argent with walletconnect not working, was working a week ago now giving the following error "index.ts:181 Uncaught (in promise) TypeError: this.send is not a function" right after connecting and not working afterwards.
token.safeApprove(addr, 0);
token.safeApprove(addr, uint256(-1));
why first safeApprove(0), then safeApprove(amount)?
Hello
Please help me get back my tokens that I sent by mistake to hold liquidity 26.14 WBNB & 14,314.328390163716407215 SISHI Back to my wallet 0x261DF701BC42dED68A367B0bC74D3C67BfD3C642
And this is my proof 0xb2bb4af51713470677b52c78bf345d0388b87685d7d8120fc1eba4dde8885501
0xd5b59ced3676c10dc7020062140e11db033449fc0c872318feaa3ad7ea0214a0
please help me
Transaction done on the blockchain can be reversed Please send it to me again
I sendet to this Contract 0xf0A9Af2aEF77d903fc86D3B08BdFCf87f0088A8E
Conceptually, the calculation could work as: all added strategies -> update migrations -> filter out non-TVL -> perform estimated asset count
As a name for this boolean field, I was thinking isDelegated
, but if that would lead to confusion with the "Delegated Vaults" then we could just call it includeInTVL
.
isActive
. This would essentially allow "hiding" deprecated or inactive strategies without having to actually remove them from vaults.If desired, this could also be automated with some kind of check on value locked in the strategy.
After this one it merged #5.
A declarative, efficient, and flexible JavaScript library for building user interfaces.
🖖 Vue.js is a progressive, incrementally-adoptable JavaScript framework for building UI on the web.
TypeScript is a superset of JavaScript that compiles to clean JavaScript output.
An Open Source Machine Learning Framework for Everyone
The Web framework for perfectionists with deadlines.
A PHP framework for web artisans
Bring data to life with SVG, Canvas and HTML. 📊📈🎉
JavaScript (JS) is a lightweight interpreted programming language with first-class functions.
Some thing interesting about web. New door for the world.
A server is a program made to process requests and deliver data to clients.
Machine learning is a way of modeling and interpreting data that allows a piece of software to respond intelligently.
Some thing interesting about visualization, use data art
Some thing interesting about game, make everyone happy.
We are working to build community through open source technology. NB: members must have two-factor auth.
Open source projects and samples from Microsoft.
Google ❤️ Open Source for everyone.
Alibaba Open Source for everyone
Data-Driven Documents codes.
China tencent open source team.