Component: Protocol Vault
Description
The Protocol Vault manages deposit, withdraw, and claim operations for both liquidity providers (LPs) and strategy providers (SPs). All operations are processed by the Protocol Ledger Vault on the Orderly chain. The Protocol Vault simply sends cross-chain deposit and withdraw messages to the Protocol Ledger Vault using the VaultCrossChainManager contract.
Invariants
Deposit operations
Protocol Vault must verify sufficient token balance and allowance before accepting deposits.
Deposits must exceed the minimum threshold amount for both LP and SP accounts.
Cross-chain message fees must be covered by the depositor.
Withdraw operations
Withdraws initiate a cross-chain message to the Protocol Ledger Vault.
Withdrawn amounts remain frozen until the withdraw process is finished.
Each withdraw must have a unique identifier to prevent double-processing.
Only the account owner can initiate withdraws.
Claim operations
The
userClaimedById
mapping tracks claimable amounts per withdraw ID.Users can only claim the exact amount recorded in
userClaimedById
.Each withdraw can only be claimed once.
Security states
When paused, all deposit, withdraw, and claim operations must be suspended.
Only authorized addresses can pause/unpause the contract.
Cross-chain messages must only be accepted from the designated VaultCrossChainManager.
Test coverage
Key cases covered
Deposit validation
Successfully deposits both LP and SP accounts
Withdraw processing
Successfully withdraws initiation
Rejects withdraws below current balance
Transmits cross-chain messages
Claim verification
Successfully claims after the withdraw process
Attack surface
Cross-chain--message integrity
Messages are protected by the VaultCrossChainManager's security measures.
Message content cannot be manipulated by other users.
There is replay protection through the nonce.