Isolated public pool + ERC4626 Adapter + Audit fixes 4 (#127)

* Add PublicLiquidityPool and ERC4626Adapter, wip

* Get fill amount from calldata in Public pool

* Add most of the Public pool tests, wip

* Complete Public Liquidity Pool tests

* Add ERC4626Adapter tests

* Add totalDeposited getter to public pool

* Revert back to FeeConfig in public pool

* Revert back to parsing calldata

This reverts commit 930488f.

* Fix typo

* Add public pool deploy scripts (#128)

* Add deploy scripts

* Update scripts

* Fix chain id in tests

* Audit fixes 4 (#135)

* Apply audit fixes 1

* Add various fixes

* Remove console.log from tests

* Merge main and fix tests

* Make all tests run

* Last part of fixes

* Make public pool maxWithdraw and maxRedeem compliant with the EIP4626

* Fix lint

* Improve ERC4626Adapter withdraw profit safety assertion

Author: lastperson

contracts/ERC4626Adapter.sol

@@ -0,0 +1,130 @@
+// SPDX-License-Identifier: LGPL-3.0-only
+pragma solidity 0.8.28;
+
+import {IERC20} from "@openzeppelin/contracts/token/ERC20/ERC20.sol";
+import {IERC4626} from "@openzeppelin/contracts/token/ERC20/extensions/ERC4626.sol";
+import {AccessControl} from "@openzeppelin/contracts/access/AccessControl.sol";
+import {SafeERC20} from "@openzeppelin/contracts/token/ERC20/utils/SafeERC20.sol";
+import {ILiquidityPoolBase} from "./interfaces/ILiquidityPoolBase.sol";
+
+/// @title A middleware contract that allows Sprinter funds to be rebalanced to/from the underlying ERC4626 vault.
+/// Same as liquidity pools it is admin managed, and profits from underlying vault are accounted for.
+/// @author Oleksii Matiiasevych <oleksii@sprinter.tech>
+contract ERC4626Adapter is ILiquidityPoolBase, AccessControl {
+    using SafeERC20 for IERC20;
+
+    bytes32 private constant LIQUIDITY_ADMIN_ROLE = "LIQUIDITY_ADMIN_ROLE";
+    bytes32 private constant WITHDRAW_PROFIT_ROLE = "WITHDRAW_PROFIT_ROLE";
+    bytes32 private constant PAUSER_ROLE = "PAUSER_ROLE";
+
+    IERC4626 public immutable TARGET_VAULT;
+    IERC20 public immutable ASSETS;
+
+    uint256 public totalDeposited;
+    bool public paused;
+
+    event Deposit(address caller, uint256 amount);
+    event Withdraw(address caller, address to, uint256 amount);
+    event Paused(address account);
+    event Unpaused(address account);
+    event ProfitWithdrawn(address token, address to, uint256 amount);
+
+    error ZeroAddress();
+    error IncompatibleAssets();
+    error InsufficientLiquidity();
+    error EnforcedPause();
+    error ExpectedPause();
+    error NoProfit();
+    error InvalidToken();
+
+    constructor(address assets, address targetVault, address admin) {
+        require(assets != address(0), ZeroAddress());
+        require(targetVault != address(0), ZeroAddress());
+        require(admin != address(0), ZeroAddress());
+        require(assets == IERC4626(targetVault).asset(), IncompatibleAssets());
+        TARGET_VAULT = IERC4626(targetVault);
+        ASSETS = IERC20(assets);
+        _grantRole(DEFAULT_ADMIN_ROLE, admin);
+    }
+
+    modifier whenNotPaused() {
+        require(!paused, EnforcedPause());
+        _;
+    }
+
+    modifier whenPaused() {
+        require(paused, ExpectedPause());
+        _;
+    }
+
+    function deposit(uint256 amount) external override onlyRole(LIQUIDITY_ADMIN_ROLE) whenNotPaused() {
+        _deposit(_msgSender(), amount);
+    }
+
+    function depositWithPull(uint256 amount) external override whenNotPaused() {
+        ASSETS.safeTransferFrom(_msgSender(), address(this), amount);
+        _deposit(_msgSender(), amount);
+    }
+
+    function withdraw(address to, uint256 amount) override
+        external
+        onlyRole(LIQUIDITY_ADMIN_ROLE)
+        whenNotPaused()
+    {
+        require(to != address(0), ZeroAddress());
+        uint256 deposited = totalDeposited;
+        require(deposited >= amount, InsufficientLiquidity());
+        totalDeposited = deposited - amount;
+        TARGET_VAULT.withdraw(amount, to, address(this));
+        emit Withdraw(_msgSender(), to, amount);
+    }
+
+    function withdrawProfit(
+        address[] calldata tokens,
+        address to
+    ) external override onlyRole(WITHDRAW_PROFIT_ROLE) whenNotPaused() {
+        require(to != address(0), ZeroAddress());
+        bool success;
+        for (uint256 i = 0; i < tokens.length; i++) {
+            IERC20 token = IERC20(tokens[i]);
+            uint256 amountToWithdraw = _withdrawProfitLogic(token);
+            if (amountToWithdraw == 0) continue;
+            success = true;
+            token.safeTransfer(to, amountToWithdraw);
+            emit ProfitWithdrawn(address(token), to, amountToWithdraw);
+        }
+        require(success, NoProfit());
+    }
+
+    function pause() external override onlyRole(PAUSER_ROLE) whenNotPaused() {
+        paused = true;
+        emit Paused(_msgSender());
+    }
+
+    function unpause() external override onlyRole(PAUSER_ROLE) whenPaused() {
+        paused = false;
+        emit Unpaused(_msgSender());
+    }
+
+    function _deposit(address caller, uint256 amount) private {
+        ASSETS.forceApprove(address(TARGET_VAULT), amount);
+        TARGET_VAULT.deposit(amount, address(this));
+        totalDeposited += amount;
+        emit Deposit(caller, amount);
+    }
+
+    function _withdrawProfitLogic(IERC20 token) internal returns (uint256) {
+        require(token != IERC20(TARGET_VAULT), InvalidToken());
+        uint256 localBalance = token.balanceOf(address(this));
+        if (token == ASSETS) {
+            uint256 deposited = totalDeposited;
+            uint256 depositedShares = TARGET_VAULT.previewWithdraw(deposited);
+            uint256 totalShares = TARGET_VAULT.balanceOf(address(this));
+            if (totalShares <= depositedShares) return localBalance;
+            uint256 profit = TARGET_VAULT.redeem(totalShares - depositedShares, address(this), address(this));
+            assert(TARGET_VAULT.previewRedeem(depositedShares) >= deposited);
+            return profit + localBalance;
+        }
+        return localBalance;
+    }
+}

contracts/LiquidityPool.sol

@@ -59,11 +59,12 @@ contract LiquidityPool is ILiquidityPool, AccessControl, EIP712, ISigner {
     IERC20 immutable public ASSETS;
 
     BitMaps.BitMap private _usedNonces;
-    uint256 public totalDeposited;
+    uint256 internal _totalDeposited;
 
     bool public paused;
     bool public borrowPaused;
     address public mpcAddress;
+    address public signerAddress;
 
     bytes32 private constant LIQUIDITY_ADMIN_ROLE = "LIQUIDITY_ADMIN_ROLE";
     bytes32 private constant WITHDRAW_PROFIT_ROLE = "WITHDRAW_PROFIT_ROLE";
@@ -72,8 +73,6 @@ contract LiquidityPool is ILiquidityPool, AccessControl, EIP712, ISigner {
     bytes4 constant internal MAGICVALUE = 0x1626ba7e;
     IWrappedNativeToken immutable public WRAPPED_NATIVE_TOKEN;
 
-    address public signerAddress;
-
     error ZeroAddress();
     error InvalidSignature();
     error NotEnoughToDeposit();
@@ -137,14 +136,17 @@ contract LiquidityPool is ILiquidityPool, AccessControl, EIP712, ISigner {
         // Allow native token transfers.
     }
 
-    function deposit(uint256 amount) external override onlyRole(LIQUIDITY_ADMIN_ROLE) {
+    /// @notice The liqudity admin is supposed to call this function after transferring exact amount of assets.
+    /// Supplying amount less than the actual increase will result in the extra funds being treated as profit.
+    /// Supplying amount greater than the actual increase will result in the future profits treated as deposit.
+    function deposit(uint256 amount) external virtual override onlyRole(LIQUIDITY_ADMIN_ROLE) {
         // called after receiving deposit in USDC
         uint256 newBalance = ASSETS.balanceOf(address(this));
         require(newBalance >= amount, NotEnoughToDeposit());
         _deposit(_msgSender(), amount);
     }
 
-    function depositWithPull(uint256 amount) external override {
+    function depositWithPull(uint256 amount) external virtual override {
         // pulls USDC from the sender
         ASSETS.safeTransferFrom(_msgSender(), address(this), amount);
         _deposit(_msgSender(), amount);
@@ -171,6 +173,7 @@ contract LiquidityPool is ILiquidityPool, AccessControl, EIP712, ISigner {
     ) external override whenNotPaused() whenBorrowNotPaused() {
         // - Validate MPC signature
         _validateMPCSignatureWithCaller(borrowToken, amount, target, targetCallData, nonce, deadline, signature);
+        amount = _processBorrowAmount(amount, targetCallData);
         (uint256 nativeValue, address actualBorrowToken, bytes memory context) =
             _borrow(borrowToken, amount, target, NATIVE_ALLOWED, "");
         _afterBorrowLogic(actualBorrowToken, context);
@@ -237,6 +240,7 @@ contract LiquidityPool is ILiquidityPool, AccessControl, EIP712, ISigner {
         bytes calldata signature
     ) external override whenNotPaused() whenBorrowNotPaused() {
         _validateMPCSignatureWithCaller(borrowToken, amount, target, targetCallData, nonce, deadline, signature);
+        amount = _processBorrowAmount(amount, targetCallData);
         // Native borrowing is denied because swap() is not payable.
         (,, bytes memory context) = _borrow(borrowToken, amount, _msgSender(), NATIVE_DENIED, "");
         _afterBorrowLogic(borrowToken, context);
@@ -277,18 +281,19 @@ contract LiquidityPool is ILiquidityPool, AccessControl, EIP712, ISigner {
 
     // Admin functions
 
-    /// @notice Can withdraw a maximum of totalDeposited. If anything is left, it is meant to be withdrawn through
+    /// @notice Can withdraw a maximum of _totalDeposited. If anything is left, it is meant to be withdrawn through
     /// a withdrawProfit().
     function withdraw(address to, uint256 amount)
         external
+        virtual
         override
         onlyRole(LIQUIDITY_ADMIN_ROLE)
         whenNotPaused()
     {
         require(to != address(0), ZeroAddress());
-        uint256 deposited = totalDeposited;
+        uint256 deposited = _totalDeposited;
         require(deposited >= amount, InsufficientLiquidity());
-        totalDeposited = deposited - amount;
+        _totalDeposited = deposited - amount;
         _withdrawLogic(to, amount);
         emit Withdraw(_msgSender(), to, amount);
     }
@@ -313,6 +318,7 @@ contract LiquidityPool is ILiquidityPool, AccessControl, EIP712, ISigner {
     }
 
     function setMPCAddress(address mpcAddress_) external onlyRole(DEFAULT_ADMIN_ROLE) {
+        require(mpcAddress_ != address(0), ZeroAddress());
         address oldMPCAddress = mpcAddress;
         mpcAddress = mpcAddress_;
         emit MPCAddressSet(oldMPCAddress, mpcAddress_);
@@ -359,8 +365,8 @@ contract LiquidityPool is ILiquidityPool, AccessControl, EIP712, ISigner {
     }
 
     function _deposit(address caller, uint256 amount) private {
-        totalDeposited += amount;
-        _depositLogic(caller, amount);
+        _totalDeposited += amount;
+        _depositLogic(amount);
         emit Deposit(caller, amount);
     }
 
@@ -484,7 +490,7 @@ contract LiquidityPool is ILiquidityPool, AccessControl, EIP712, ISigner {
         }
     }
 
-    function _depositLogic(address /*caller*/, uint256 /*amount*/) internal virtual {
+    function _depositLogic(uint256 /*amount*/) internal virtual {
         return;
     }
 
@@ -495,6 +501,13 @@ contract LiquidityPool is ILiquidityPool, AccessControl, EIP712, ISigner {
         return context;
     }
 
+    function _processBorrowAmount(
+        uint256 amount,
+        bytes calldata /*targetCallData*/
+    ) internal virtual returns (uint256) {
+        return amount;
+    }
+
     function _afterBorrowLogic(address /*borrowToken*/, bytes memory /*context*/) internal virtual {
         return;
     }
@@ -511,7 +524,7 @@ contract LiquidityPool is ILiquidityPool, AccessControl, EIP712, ISigner {
     function _withdrawProfitLogic(IERC20 token) internal virtual returns (uint256) {
         uint256 totalBalance = token.balanceOf(address(this));
         if (token == ASSETS) {
-            uint256 deposited = totalDeposited;
+            uint256 deposited = _totalDeposited;
             if (totalBalance < deposited) return 0;
             return totalBalance - deposited;
         }
@@ -529,6 +542,10 @@ contract LiquidityPool is ILiquidityPool, AccessControl, EIP712, ISigner {
 
     // View functions
 
+    function totalDeposited() external view virtual override returns (uint256) {
+        return _totalDeposited;
+    }
+
     function balance(IERC20 token) external view override returns (uint256) {
         if (token == NATIVE_TOKEN) token = WRAPPED_NATIVE_TOKEN;
         return _balance(token);

contracts/LiquidityPoolAave.sol

@@ -43,7 +43,6 @@ contract LiquidityPoolAave is LiquidityPool {
     error NothingToRepay();
     error CollateralNotSupported();
     error CannotWithdrawAToken();
-    error InvalidLength();
 
     event SuppliedToAave(uint256 amount);
     event BorrowTokenLTVSet(address token, uint256 oldLTV, uint256 newLTV);
@@ -70,8 +69,9 @@ contract LiquidityPoolAave is LiquidityPool {
         AaveDataTypes.ReserveData memory collateralData = AAVE_POOL.getReserveData(address(liquidityToken));
         ATOKEN = IERC20(collateralData.aTokenAddress);
         IAavePoolDataProvider poolDataProvider = IAavePoolDataProvider(provider.getPoolDataProvider());
-        (,,,,,bool usageAsCollateralEnabled,,,,) = poolDataProvider.getReserveConfigurationData(liquidityToken);
-        require(usageAsCollateralEnabled, CollateralNotSupported());
+        (,,,,,bool usageAsCollateralEnabled,,,bool isActive, bool isFrozen) =
+            poolDataProvider.getReserveConfigurationData(liquidityToken);
+        require(usageAsCollateralEnabled && isActive && !isFrozen, CollateralNotSupported());
         _setMinHealthFactor(minHealthFactor_);
         _setDefaultLTV(defaultLTV_);
     }
@@ -148,7 +148,7 @@ contract LiquidityPoolAave is LiquidityPool {
         require(currentLtv <= ltv, TokenLtvExceeded());
     }
 
-    function _depositLogic(address /*caller*/, uint256 amount) internal override {
+    function _depositLogic(uint256 amount) internal override {
         ASSETS.forceApprove(address(AAVE_POOL), amount);
         AAVE_POOL.supply(address(ASSETS), amount, address(this), NO_REFERRAL);
         emit SuppliedToAave(amount);
@@ -202,7 +202,7 @@ contract LiquidityPoolAave is LiquidityPool {
         uint256 totalBalance = token.balanceOf(address(this));
         if (token == ASSETS) {
             // Calculate accrued interest from deposits.
-            uint256 interest = ATOKEN.balanceOf(address(this)) - totalDeposited;
+            uint256 interest = ATOKEN.balanceOf(address(this)) - _totalDeposited;
             if (interest > 0) {
                 _withdrawLogic(address(this), interest);
                 totalBalance += interest;

contracts/LiquidityPoolAaveLongTerm.sol

@@ -108,7 +108,7 @@ contract LiquidityPoolAaveLongTerm is LiquidityPoolAave, ILiquidityPoolLongTerm
         uint256 totalBalance = token.balanceOf(address(this));
         if (token == ASSETS) {
             // Calculate accrued interest from deposits.
-            uint256 interest = ATOKEN.balanceOf(address(this)) - totalDeposited;
+            uint256 interest = ATOKEN.balanceOf(address(this)) - _totalDeposited;
             if (interest > 0) {
                 _withdrawLogic(address(this), interest);
                 totalBalance += interest;

contracts/LiquidityPoolStablecoin.sol

@@ -31,7 +31,7 @@ contract LiquidityPoolStablecoin is LiquidityPool {
 
     function _withdrawProfitLogic(IERC20 token) internal view override returns (uint256) {
         uint256 assetBalance = ASSETS.balanceOf(address(this));
-        uint256 deposited = totalDeposited;
+        uint256 deposited = _totalDeposited;
         require(assetBalance >= deposited, WithdrawProfitDenied());
         if (token == ASSETS) return assetBalance - deposited;
         return token.balanceOf(address(this));