fix: address slashing commitments informationals from Certora audit #1689
Conversation
This file contains hidden or bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
ypatil12
force-pushed
the
fix/slashing-commitments-informationals
branch
from
1681f10 to
5dbff68
Compare
Comment on lines
+43
to
+48
| /// @notice Delay before allocation delay modifications take effect. | ||
| uint32 public immutable ALLOCATION_CONFIGURATION_DELAY; | ||
|
|
||
| /// @notice Delay before slasher changes take effect. | ||
| /// @dev Currently set to the same value as ALLOCATION_CONFIGURATION_DELAY. | ||
| uint32 public immutable SLASHER_CONFIGURATION_DELAY; |
Member
There was a problem hiding this comment.
Note sure I agree with their solution, strange to have to two constants with the same value but different names, will lead to confusion down the road.
Collaborator
Author
There was a problem hiding this comment.
Mainly just due to separation of concerns - it's not clear that the ALLOCATION_CONFIGURATION_DELAY var should also be used for the slasher delay
0xClandestine
approved these changes
Jan 6, 2026
Member
0xClandestine
left a comment
0xClandestine
left a comment
There was a problem hiding this comment.
one comment, lgtm otherwise
- Fix I-01: Re-proposing same pending slasher is now a no-op (delay countdown not restarted) - Fix I-02: Add NatSpec documentation for getSlasher/getPendingSlasher return values on non-existent operator sets - Fix I-03: Add separate SLASHER_CONFIGURATION_DELAY constant (currently same as ALLOCATION_CONFIGURATION_DELAY) - Fix I-05: Add gas warning documentation for migrateSlashers regarding O(appointees) cost 🤖 Generated with [Claude Code](https://claude.com/claude-code) Co-Authored-By: Claude Opus 4.5 <[email protected]>
ypatil12
force-pushed
the
fix/slashing-commitments-informationals
branch
from
5dbff68 to
d44717b
Compare
ypatil12
merged commit 9959779
into
feat/slashing-improvements-audit-fixes
15 checks passed
ypatil12
added a commit
that referenced
this pull request
Jan 8, 2026
…1689) **Motivation:** Address informational findings from the Certora audit of EigenLayer Slashing UX Improvements (PR-1645/PR-544). These are quality-of-life and documentation improvements that enhance code clarity and prevent potential edge case issues. **Modifications:** 1. **Fix I-01: Re-proposing same pending slasher is now a no-op** - Added check in `_updateSlasher()` to skip processing if the proposed slasher is already pending and hasn't taken effect - Prevents accidentally restarting the delay countdown when re-proposing the same slasher 2. **Fix I-02: Add NatSpec documentation for getSlasher/getPendingSlasher** - Updated interface and implementation NatSpec to document that these functions return `address(0)`/`0` for non-existent operator sets - Helps callers understand expected behavior without validation 3. **Fix I-03: Add separate SLASHER_CONFIGURATION_DELAY constant** - Added new `SLASHER_CONFIGURATION_DELAY` immutable in `AllocationManagerStorage` - Currently set to same value as `ALLOCATION_CONFIGURATION_DELAY` but can be changed independently in future upgrades - Updated `_updateSlasher()` to use the new constant - Added interface getter 4. **Fix I-05: Add gas warning documentation for migrateSlashers** - Added NatSpec warning about O(appointees) gas cost per operator set - `PermissionController.getAppointees()` enumerates full appointee set which can be expensive - Documented that large appointee sets may cause block gas limit issues **Result:** - `updateSlasher` is idempotent when re-proposing the same slasher - Clearer documentation on view function return values - Slasher delay can be configured independently in future upgrades - Users are warned about potential gas issues with `migrateSlashers` 🤖 Generated with [Claude Code](https://claude.com/claude-code) --------- Co-authored-by: Claude Opus 4.5 <[email protected]>
ypatil12
added a commit
that referenced
this pull request
Jan 13, 2026
**Motivation:** Address findings from the Certora audit of EigenLayer Slashing UX Improvements. This branch consolidates fixes for low-severity findings (L-01) and informational findings (I-01 through I-05) across AllocationManager and ProtocolRegistry contracts. **Modifications:** ### AllocationManager Fixes **L-01: State inconsistency fixes** - Update `slasher` field immediately when `instantEffectBlock=true` to prevent stale storage (#1687) - Update `delay` and `isSet` fields immediately for newly registered operators to ensure storage consistency (#1688) **I-01: Re-proposing same pending slasher is now a no-op** (#1689) - Added check in `_updateSlasher()` to skip processing if the proposed slasher is already pending - Prevents accidentally restarting the delay countdown **I-02: Add NatSpec documentation for getSlasher/getPendingSlasher** (#1689) - Document that these functions return `address(0)`/`0` for non-existent operator sets **I-03: Add separate SLASHER_CONFIGURATION_DELAY constant** (#1689) - New immutable allows independent configuration of slasher delay in future upgrades - Currently set to same value as `ALLOCATION_CONFIGURATION_DELAY` **I-05: Add gas warning documentation for migrateSlashers** (#1689) - Document O(appointees) gas cost per operator set - Warn about potential block gas limit issues with large appointee sets ### ProtocolRegistry Fixes **I-01: ship() lacks validation** (#1690) - Added array length validation for addresses, configs, and names - Added zero address validation with new `ArrayLengthMismatch()` and `InputAddressZero()` errors **I-02: Orphaned configs on name overwrite** (#1690) - Delete old address's `DeploymentConfig` when re-shipping a name with a new address - Added `DeploymentConfigDeleted(address)` event **I-03: configure() for unshipped addresses** (#1690) - Updated `configure` to require a name parameter - Added validation that address must be a shipped deployment **I-04: Fix misleading NatSpec** (#1690) - Clarified `ship()` behavior when re-shipping names - Updated `configure()` NatSpec for address requirements **I-05: Document pauseAll blocking** (#1690) - Added warning that `pauseAll()` reverts if ANY pausable deployment fails ### Other Changes - v1.9.0 upgrade script fixes for testnet deploy (#1677) - Added Claude skills for development workflow (#1686) **Result:** - Audit fixes complete
Sign up for free
to join this conversation on GitHub.
Already have an account?
Sign in to comment
Add this suggestion to a batch that can be applied as a single commit.
This suggestion is invalid because no changes were made to the code.
Suggestions cannot be applied while the pull request is closed.
Suggestions cannot be applied while viewing a subset of changes.
Only one suggestion per line can be applied in a batch.
Add this suggestion to a batch that can be applied as a single commit.
Applying suggestions on deleted lines is not supported.
You must change the existing code in this line in order to create a valid suggestion.
Outdated suggestions cannot be applied.
This suggestion has been applied or marked resolved.
Suggestions cannot be applied from pending reviews.
Suggestions cannot be applied on multi-line comments.
Suggestions cannot be applied while the pull request is queued to merge.
Suggestion cannot be applied right now. Please check back later.
Motivation:
Address informational findings from the Certora audit of EigenLayer Slashing UX Improvements (PR-1645/PR-544). These are quality-of-life and documentation improvements that enhance code clarity and prevent potential edge case issues.
Modifications:
Fix I-01: Re-proposing same pending slasher is now a no-op
_updateSlasher()to skip processing if the proposed slasher is already pending and hasn't taken effectFix I-02: Add NatSpec documentation for getSlasher/getPendingSlasher
address(0)/0for non-existent operator setsFix I-03: Add separate SLASHER_CONFIGURATION_DELAY constant
SLASHER_CONFIGURATION_DELAYimmutable inAllocationManagerStorageALLOCATION_CONFIGURATION_DELAYbut can be changed independently in future upgrades_updateSlasher()to use the new constantFix I-05: Add gas warning documentation for migrateSlashers
PermissionController.getAppointees()enumerates full appointee set which can be expensiveResult:
updateSlasheris idempotent when re-proposing the same slashermigrateSlashers🤖 Generated with Claude Code