Skip to content

Individual recovery #146

New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom
Merged
aalavandhan merged 5 commits into from
Apr 28, 2023
Merged

Individual recovery #146

aalavandhan merged 5 commits into from
Apr 28, 2023

Conversation

@aalavandhan
Copy link
Member

@aalavandhan aalavandhan commented Apr 18, 2023
edited
Loading

  • Public method to recover individual assets.
  • Cleaned up internal book-keeping of deployed list. Created separate methods to add and remove assets.
  • Using <= 0 instead of == 0
  • Added some unit tests to improve coverage

Though this helps guard against the _deployed list growing indefinitely. It opens up the surface area of attack if we don't restrict the assets which can be recovered. Example, malicious user can transfer a fake tranche into the system and call recover with the fake tranche address. This adds the tranche into the deployed list. Now the malicious user can fudge the vault's valuation function to drain funds.

We should only allow the user to "recover" vault assets which are already in the deployed list, which we can safely assume to be tranches issued by the whitelisted bond issuer.

@aalavandhan aalavandhan added the next-release Changes for upcoming release label Apr 18, 2023
@aalavandhan aalavandhan changed the title Individual redemption Individual recovery Apr 18, 2023
@aalavandhan aalavandhan force-pushed the redeem-flow branch 3 times, most recently from f763082 to 2d03a81 Compare April 19, 2023 15:08
brandoniles
brandoniles reviewed Apr 27, 2023
View reviewed changes
brandoniles
brandoniles approved these changes Apr 28, 2023
View reviewed changes
Copy link
Member

@brandoniles brandoniles left a comment

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

LGTM

@aalavandhan aalavandhan merged commit 084a78f into main Apr 28, 2023
@aalavandhan aalavandhan deleted the redeem-flow branch April 28, 2023 18:00
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment

Reviewers

@brandoniles brandoniles brandoniles approved these changes

@nms-7 nms-7 Awaiting requested review from nms-7

Assignees

No one assigned

Labels

next-release Changes for upcoming release

Projects

None yet

Milestone

No milestone

Development

Successfully merging this pull request may close these issues.

3 participants

@aalavandhan @brandoniles