Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Ubiquity Pool Security Monitor #959

Draft
wants to merge 26 commits into
base: development
Choose a base branch
from
Draft
Changes from 1 commit
Commits
Show all changes
26 commits
Select commit Hold shift + click to select a range
c9e04d3
feat(pool-monitor): add initial liquidity monitor
alexandr-masl Sep 12, 2024
281ca33
feat(pool-monitor): add immutable for ubiquityPoolFacet
alexandr-masl Sep 12, 2024
32237f5
test(pool-monitor): add pool monitor initial test
alexandr-masl Sep 12, 2024
e691a20
test(pool-monitor): increase test coverage
alexandr-masl Sep 12, 2024
5aa078e
feat(pool-monitor): add pool's initial monitor
alexandr-masl Sep 12, 2024
89505a9
test(pool-monitor): fix monitor parameters
alexandr-masl Sep 13, 2024
c3d3fc6
test(pool-monitor): add pool-monitor to the diamond-test-setup
alexandr-masl Sep 14, 2024
e032f0c
test(pool-monitor): increase pool-monitor test coverage
alexandr-masl Sep 15, 2024
1df5a77
test(pool-monitor): add liquidity drop test
alexandr-masl Sep 15, 2024
dd032cf
feat: remove pool-monitor from the diamond
alexandr-masl Sep 17, 2024
b5dc054
feat: add pause lib-ubiquity-pool logic
alexandr-masl Sep 18, 2024
07fc15d
feat: potential reentrancy fixed
alexandr-masl Sep 19, 2024
3274964
feat: perform act pull_request
alexandr-masl Sep 19, 2024
b2c16f0
feat: add dollar pause method
alexandr-masl Sep 20, 2024
428fb6d
feat: update dollar pause method
alexandr-masl Sep 20, 2024
2ddd382
feat(ubiquity-pool-security-monitor): modularize contract
alexandr-masl Sep 20, 2024
8ee2a93
feat: increase test coverage and add multi-collateral tests
alexandr-masl Sep 21, 2024
9e865ce
test: add events testing
alexandr-masl Sep 24, 2024
3ee67de
test: increase test coverage
alexandr-masl Sep 25, 2024
aca3438
chore: modifying tests configuration
alexandr-masl Sep 25, 2024
8fabd03
docs: add ubiquitypoolsecuritymonitor off-chain part setup readme
alexandr-masl Sep 29, 2024
a5a1532
fix: kebab-case
alexandr-masl Sep 29, 2024
e024fa0
fix: kebab-case
alexandr-masl Sep 29, 2024
9e89435
fix: diagram path for ubiquity-pool-security-monitor
alexandr-masl Sep 29, 2024
2669987
docs: add docs to pool contract, update readme
alexandr-masl Sep 30, 2024
b67985e
docs: add docs to security monitor tests
alexandr-masl Oct 1, 2024
File filter

Filter by extension

Filter by extension

Conversations
Failed to load comments.
Loading
Jump to
Jump to file
Failed to load files.
Loading
Diff view
Diff view
Prev Previous commit
Next Next commit
docs: add ubiquitypoolsecuritymonitor off-chain part setup readme
alexandr-masl committed Sep 29, 2024

Verified

This commit was signed with the committer’s verified signature.
tyranron Kai Ren
commit 8fabd03de053efc55e14202790058bb3f470dcd3
Original file line number Diff line number Diff line change
@@ -0,0 +1,50 @@
# UbiquityPoolSecurityMonitor Off-Chain part

A crucial component of the `UbiquityPoolSecurityMonitor` contract workflow is its off-chain integration. The `checkLiquidityVertex()` function must be periodically triggered by OpenZeppelin Defender to ensure continuous liquidity monitoring and security assessments.

The workflow consists of four key components:

1. **[OpenZeppelin Actions](https://docs.openzeppelin.com/defender/module/actions)**: Executes a cron job that triggers the Relayer to call the `checkLiquidityVertex()` function.
2. **[OpenZeppelin Relayer](https://docs.openzeppelin.com/defender/module/relayers)**: Performs the transaction that invokes the `checkLiquidityVertex()` function.
3. **UbiquityPoolSecurityMonitor Contract**: Conducts the on-chain liquidity check, takes necessary actions if an incident occurs, and emits the `MonitorPaused` event.
4. **[OpenZeppelin Monitor](https://docs.openzeppelin.com/defender/module/monitor)**: Listens for the `MonitorPaused` event and sends alerts via email or other designated channels.

### Workflow diagram
![Workflow Diagram](../../../../../utils/UbiquityPoolSecurityMonitorWorkflow.drawio.png)


### OpenZeppelin Defender Setup

To integrate OpenZeppelin Defender with the `UbiquityPoolSecurityMonitor`, follow the steps below:

#### 1. Relayer Setup

Complete only **Part 1** of the [OpenZeppelin Defender Relayer tutorial](https://docs.openzeppelin.com/defender/tutorial/relayer). This will configure the Relayer to handle transactions for calling the `checkLiquidityVertex()` function.

#### 2. Actions Setup

Follow the [OpenZeppelin Defender Actions tutorial](https://docs.openzeppelin.com/defender/tutorial/actions) to set up Actions. While configuring your Action, choose the Relayer you set up in step 1, and use the following script for your newly created Action:

```javascript
const { Defender } = require('@openzeppelin/defender-sdk');

exports.handler = async function (credentials) {
const client = new Defender(credentials);

const txRes = await client.relaySigner.sendTransaction({
to: '0xb60ce3bf27B86d3099F48dbcDB52F5538402EF7B', // Address of UbiquityPoolSecurityMonitor contract
speed: 'fast',
data: '0x9ba8a26c', // Encoded function signature for checkLiquidityVertex() of the UbiquityPoolSecurityMonitor
gasLimit: '80000',
});

return txRes.hash;
};
```

#### 3. Monitor Setup

Follow the [OpenZeppelin Defender Monitor tutorial](https://docs.openzeppelin.com/defender/tutorial/monitor) to configure a Monitor that listens for the MonitorPaused event emitted by the UbiquityPoolSecurityMonitor contract. Set up your alerts using the desired source (e.g., email or other alerting mechanisms).



Original file line number Diff line number Diff line change
@@ -22,9 +22,9 @@ contract UbiquityPoolSecurityMonitor is Initializable, UUPSUpgradeable {
bool public monitorPaused;
uint256 public thresholdPercentage;

event LiquidityVertexUpdated(uint256 collateralLiquidity);
event LiquidityVertexUpdated(uint256 liquidityVertex);
event LiquidityVertexDropped(uint256 liquidityVertex);
event MonitorPaused(uint256 collateralLiquidity, uint256 diffPercentage);
event VertexDropped();
event PausedToggled(bool paused);

modifier onlyDefender() {
@@ -95,19 +95,20 @@ contract UbiquityPoolSecurityMonitor is Initializable, UUPSUpgradeable {

liquidityVertex = currentCollateralLiquidity;

emit VertexDropped();
emit LiquidityVertexDropped(liquidityVertex);
}

function checkLiquidityVertex() external onlyDefender {
require(!monitorPaused, "Monitor paused");

uint256 currentCollateralLiquidity = ubiquityPoolFacet
.collateralUsdBalance();

require(currentCollateralLiquidity > 0, "Insufficient liquidity");
require(!monitorPaused, "Monitor paused");

if (currentCollateralLiquidity > liquidityVertex) {
_updateLiquidityVertex(currentCollateralLiquidity);
} else {
} else if (currentCollateralLiquidity < liquidityVertex) {
_checkThresholdPercentage(currentCollateralLiquidity);
}
}
15 changes: 13 additions & 2 deletions packages/contracts/test/dollar/core/PoolLiquidityMonitorTest.t.sol
Original file line number Diff line number Diff line change
@@ -39,7 +39,7 @@ contract PoolLiquidityMonitorTest is DiamondTestSetup {
address user = address(1);

event MonitorPaused(uint256 collateralLiquidity, uint256 diffPercentage);
event VertexDropped();
event LiquidityVertexDropped(uint256 liquidityVertex);
event PausedToggled(bool paused);
event LiquidityVertexUpdated(uint256 collateralLiquidity);

@@ -259,8 +259,11 @@ contract PoolLiquidityMonitorTest is DiamondTestSetup {
}

function testDropLiquidityVertex() public {
uint256 currentCollateralLiquidity = ubiquityPoolFacet
.collateralUsdBalance();

vm.expectEmit(true, true, true, false);
emit VertexDropped();
emit LiquidityVertexDropped(currentCollateralLiquidity);

vm.prank(admin);
monitor.dropLiquidityVertex();
@@ -408,6 +411,14 @@ contract PoolLiquidityMonitorTest is DiamondTestSetup {
monitorPaused,
"Monitor should be paused after liquidity drop, and any prior manipulation of collateral does not interfere with the ongoing incident management process."
);

address[] memory allCollaterals = ubiquityPoolFacet.allCollaterals();
for (uint256 i = 0; i < allCollaterals.length; i++) {
vm.expectRevert("Invalid collateral");

vm.prank(user);
ubiquityPoolFacet.collateralInformation(allCollaterals[i]);
}
}

function testLiquidityDropDoesNotPauseMonitorWhenCollateralToggled()
Loading
Sorry, something went wrong. Reload?
Sorry, we cannot display this file.
Sorry, this file is invalid so it cannot be displayed.