feat: add m2-mainnet-fixes to m2-mainnet (#409)

* Fix: Update registration documentation & type hash (#383)

* feat: strategy configs (#392)

* Fix: flaky integration tests (#384)

* feat: strat settings

* Fix: flaky integration tests (#384)

* feat: strat settings

* feat: withdrawalDelayBlocks per strategy

* fix: set deprecated storage to private

* fix: pr review changes

* fix: require string

* docs: updated

* refactor: rename creditTransfersDisabled

* fix: doc typos

* docs: add new methods and fix formatting

* fix: nits and getWithdrawals view

* docs: add link

---------

Co-authored-by: Yash Patil <[email protected]>
Co-authored-by: wadealexc <[email protected]>

* fix: update forge CI to include contract size checks (#402)

* fix: add contract size check

* fix: ignore harness build size

* refactor: decouple AVS<>Operator mapping from DelegationManager (#403)

* refactor: initial draft

* fix: revert require chages

* fix: small nits

* fix: operator<>AVS mapping tests (#407)

* test: added back avsRegistration tests

* fix: fuzz runs 4096

* fix: broken fuzz test

* docs: add docs for AVSDirectory (#408)

* Feat: Add events for beacon chain balance updates & move deposit event

* script update (#412)

* fix: middleware script (#414)

* Deneb Mainnet Patch (#395)

* init commit

* updated testFullWithdrawalFlow to deneb spec

* added two proof paths

* added both capella and deneb testS

* added testFullWithdrawalFlowCapellaWithdrawalAgainstDenebRoot

* added event

* fixed storage gap

* uncommented testsg

* fix: remove line

* fixed tesst

* added a setter in the EPM for deneForkTimetamp

* tests still broken

* cleanup

* added modifier

* fixing tests

* tests working

* added tests

* comments

* fixed failing test

* fix flaky test

* removed modifier

---------

Co-authored-by: gpsanant <[email protected]>

* feat: simplify fork timestamp setting logic (#416)

* feat: simplify fork timestamp setting logic

* test: fix tests to account for only setting timestamp once

---------

Co-authored-by: wadealexc <[email protected]>

* Goerli implementation script (#413)

* Create GoerliUpgrade2.s.sol

* preprod deploy

* Update GV2_preprod_deployment_2024_30_1.json

* nit: comments

* avs directory already deployed

* preprod deploy

* chore: fix numerous compiler warnings from script + test files (#419)

warnings were for unused or shadowed variables, or functions that could have stricter mutability

* docs: fixed comment

* Revert "fixed comment"

This reverts commit c3d7bff.

* Fixed comments (#422)

* fix: fixed comment

* fix: removed dead space

* fix: removed extraneous the

* fix: edited another comment

* feat: view func for avssync (#423)

* fix: failing certora-ci (#410)

* fix: try installing solc-select

* fix: addShares selector

* fix: add staker address to DEPOSIT typehash (#424)

This provides additional signature replay protection
for the `StrategyManager.depositIntoStrategyWithSignature` method

Specifically, it addresses the issue outlined in
https://mirror.xyz/curiousapple.eth/pFqAdW2LiJ-6S4sg_u1z08k4vK6BCJ33LcyXpnNb8yU
where some ERC1271 wallets might be vulnerable to "replays" of signatures

While the theoretical "damage" would be ~zero
(allowing someone to deposit and credit the deposit to a user),
adding this field to the typehash seems to be best practice, at least.

* Testnet Deploy (#425)

* fix: updated beacon chain proof docs and correct error message (#427)

* fix: updated doc

* fix: changed more incorrect references fo verifyBalanceUpdates

* fix: changed more incorrect references fo verifyBalanceUpdates

* fix: fixed image

* fix: fixed incorrect comment

* docs: fix formatting

---------

Co-authored-by: wadealexc <[email protected]>

* feat: slight refactor to make better use of strategybase hooks (#428)

* feat: slight refactor to make better use of strategybase hooks

* docs: add clarifying comment

* test: unit tests for strat config (#426)

* fix: use correct license (#431)

this should be MIT licensed; looks like this was missed

* docs: update README to point to deployment info (#432)

* fix: include missing field from TYPEHASH calculation (#435)

`delegationApprover` was missing from the `DELEGATION_APPROVAL_TYPEHASH` definition

* fix: disable initializers in constructor (#436)

* chore: beacon proof constants cleanup (#437)

* fix: removed misc constants

* feat: prevent queuing withdrawals to other addresses (#438)

* fix: add back setMinWithdrawalDelayBlocks (#439)

* fix:add back withdrawal delay

* docs: update docs with new function

---------

Co-authored-by: wadealexc <[email protected]>

* feat: cancel AVS registration salt  (#434)

* feat: cancel salt

* fix: require that salt cannot be cancelled twice

---------

Co-authored-by: wadealexc <[email protected]>

* test: fix borked test after rebase

---------

Co-authored-by: Yash Patil <[email protected]>
Co-authored-by: Michael Sun <[email protected]>
Co-authored-by: quaq <[email protected]>
Co-authored-by: kachapah <[email protected]>
Co-authored-by: gpsanant <[email protected]>
Co-authored-by: ChaoticWalrus <[email protected]>
Co-authored-by: SiddyJ <[email protected]>

.github/workflows/certora-prover.yml

@@ -46,9 +46,8 @@ jobs:
         run: pip install certora-cli
       - name: Install solc
         run: |
-          wget https://github.com/ethereum/solidity/releases/download/v0.8.12/solc-static-linux
-          sudo mv solc-static-linux /usr/local/bin/solc
-          chmod +x /usr/local/bin/solc
+          pip install solc-select
+          solc-select use 0.8.12 --always-install
       - name: Verify rule ${{ matrix.params }}
         run: |
           bash ${{ matrix.params }}

.github/workflows/testinparallel.yml

@@ -37,8 +37,11 @@ jobs:
       with:
         version: nightly
 
-    - name: Install forge dependencies
-      run: forge install
+    - name: Run Forge build
+      run: |
+        forge --version
+        forge build --sizes
+      id: build
 
     - name: Run forge test for the file
       run: forge test --match-path src/test/${{ matrix.file }} --no-match-contract FFI

certora/specs/core/StrategyManager.spec

@@ -20,7 +20,7 @@ methods {
 	// external calls to StrategyManager
     function _.getDeposits(address) external => DISPATCHER(true);
     function _.slasher() external => DISPATCHER(true);
-    function _.addShares(address,address,uint256) external => DISPATCHER(true);
+    function _.addShares(address,address,address,uint256) external => DISPATCHER(true);
     function _.removeShares(address,address,uint256) external => DISPATCHER(true);
     function _.withdrawSharesAsTokens(address, address, uint256, address) external => DISPATCHER(true);
 
@@ -97,7 +97,7 @@ definition methodCanIncreaseShares(method f) returns bool =
     f.selector == sig:depositIntoStrategy(address,address,uint256).selector
     || f.selector == sig:depositIntoStrategyWithSignature(address,address,uint256,address,uint256,bytes).selector
     || f.selector == sig:withdrawSharesAsTokens(address,address,uint256,address).selector
-    || f.selector == sig:addShares(address,address,uint256).selector;
+    || f.selector == sig:addShares(address,address,address,uint256).selector;
 
 /**
 * a staker's amount of shares in a strategy (i.e. `stakerStrategyShares[staker][strategy]`) should only decrease when
@@ -129,7 +129,7 @@ rule newSharesIncreaseTotalShares(address strategy) {
     uint256 stakerStrategySharesBefore = get_stakerStrategyShares(e.msg.sender, strategy);
     uint256 totalSharesBefore = totalShares(strategy);
     if (
-        f.selector == sig:addShares(address, address, uint256).selector
+        f.selector == sig:addShares(address, address, address, uint256).selector
         || f.selector == sig:removeShares(address, address, uint256).selector
     ) {
         uint256 totalSharesAfter = totalShares(strategy);

docs/README.md

@@ -11,6 +11,11 @@ This document provides an overview of system components, contracts, and user rol
 #### Contents
 
 * [System Components](#system-components)
+    * [`EigenPodManager`](#eigenpodmanager)
+    * [`StrategyManager`](#strategymanager)
+    * [`DelegationManager`](#delegationmanager)
+    * [`AVSDirectory`](#avsdirectory)
+    * [`Slasher`](#slasher)
 * [Roles and Actors](#roles-and-actors)
 
 ### System Components
@@ -40,7 +45,7 @@ See full documentation in [`/core/EigenPodManager.md`](./core/EigenPodManager.md
 | [`StrategyBaseTVLLimits.sol`](../src/contracts/strategies/StrategyBaseTVLLimits.sol) | One instance per supported LST | Transparent proxy |
 
 These contracts work together to enable restaking for LSTs:
-* The `StrategyManager` acts as the entry and exit point for LSTs in EigenLayer. It handles deposits into each of the 3 LST-specific strategies, and manages accounting+interactions between users with restaked LSTs and the `DelegationManager`.
+* The `StrategyManager` acts as the entry and exit point for LSTs in EigenLayer. It handles deposits into LST-specific strategies, and manages accounting+interactions between users with restaked LSTs and the `DelegationManager`.
 * `StrategyBaseTVLLimits` is deployed as multiple separate instances, one for each supported LST. When a user deposits into a strategy through the `StrategyManager`, this contract receives the tokens and awards the user with a proportional quantity of shares in the strategy. When a user withdraws, the strategy contract sends the LSTs back to the user.
 
 See full documentation in [`/core/StrategyManager.md`](./core/StrategyManager.md).
@@ -55,6 +60,18 @@ The `DelegationManager` sits between the `EigenPodManager` and `StrategyManager`
 
 See full documentation in [`/core/DelegationManager.md`](./core/DelegationManager.md).
 
+#### AVSDirectory
+
+| File | Type | Proxy |
+| -------- | -------- | -------- |
+| [`AVSDirectory.sol`](../src/contracts/core/AVSDirectory.sol) | Singleton | Transparent proxy |
+
+The `AVSDirectory` handles interactions between AVSs and the EigenLayer core contracts. Once registered as an Operator in EigenLayer core (via the `DelegationManager`), Operators can register with one or more AVSs (via the AVS's contracts) to begin providing services to them offchain. As a part of registering with an AVS, the AVS will record this registration in the core contracts by calling into the `AVSDirectory`.
+
+See full documentation in [`/core/AVSDirectory.md`](./core/AVSDirectory.md).
+
+For more information on AVS contracts, see the [middleware repo][middleware-repo].
+
 #### Slasher
 
 | File | Type | Proxy |

docs/core/AVSDirectory.md

@@ -0,0 +1,80 @@
+[middleware-repo]: https://github.com/Layr-Labs/eigenlayer-middleware/
+
+## AVSDirectory
+
+| File | Type | Proxy |
+| -------- | -------- | -------- |
+| [`AVSDirectory.sol`](../src/contracts/core/AVSDirectory.sol) | Singleton | Transparent proxy |
+
+The `AVSDirectory` handles interactions between AVSs and the EigenLayer core contracts. Once registered as an Operator in EigenLayer core (via the `DelegationManager`), Operators can register with one or more AVSs (via the AVS's contracts) to begin providing services to them offchain. As a part of registering with an AVS, the AVS will record this registration in the core contracts by calling into the `AVSDirectory`.
+
+For more information on AVS contracts, see the [middleware repo][middleware-repo].
+
+Currently, the only interactions between AVSs and the core contracts is to track whether Operators are currently registered for the AVS. This is handled by two methods:
+* [`AVSDirectory.registerOperatorToAVS`](#registeroperatortoavs)
+* [`AVSDirectory.deregisterOperatorFromAVS`](#deregisteroperatorfromavs)
+
+In a future release, this contract will implement additional interactions that relate to (i) paying Operators for the services they provide and (ii) slashing Operators that misbehave. Currently, these features are not implemented.
+
+---
+
+#### `registerOperatorToAVS`
+
+```solidity
+function registerOperatorToAVS(
+    address operator,
+    ISignatureUtils.SignatureWithSaltAndExpiry memory operatorSignature
+) 
+    external 
+    onlyWhenNotPaused(PAUSED_OPERATOR_REGISTER_DEREGISTER_TO_AVS)
+```
+
+Allows the caller (an AVS) to register an `operator` with itself, given the provided signature is valid.
+
+*Effects*:
+* Sets the `operator's` status to `REGISTERED` for the AVS
+
+*Requirements*:
+* Pause status MUST NOT be set: `PAUSED_OPERATOR_REGISTER_DEREGISTER_TO_AVS`
+* `operator` MUST already be a registered Operator (via the `DelegationManager`)
+* `operator` MUST NOT already be registered with the AVS
+* `operatorSignature` must be a valid, unused, unexpired signature from the `operator`. The signature is an ECDSA signature by the operator over the [`OPERATOR_AVS_REGISTRATION_TYPEHASH`](../../src/contracts/core/DelegationManagerStorage.sol). Expiry is a utc timestamp in seconds. Salt is used only once per signature to prevent replay attacks.
+
+*As of M2*:
+* Operator registration/deregistration does not have any sort of consequences for the Operator or its shares. Eventually, this will tie into payments for services and slashing for misbehavior.
+
+#### `deregisterOperatorFromAVS`
+
+```solidity
+function deregisterOperatorFromAVS(
+    address operator
+) 
+    external 
+    onlyWhenNotPaused(PAUSED_OPERATOR_REGISTER_DEREGISTER_TO_AVS)
+```
+
+Allows the caller (an AVS) to deregister an `operator` with itself
+
+*Effects*:
+* Sets the `operator's` status to `UNREGISTERED` for the AVS
+
+*Requirements*:
+* Pause status MUST NOT be set: `PAUSED_OPERATOR_REGISTER_DEREGISTER_TO_AVS`
+* `operator` MUST already be registered with the AVS
+
+*As of M2*:
+* Operator registration/deregistration does not have any sort of consequences for the Operator or its shares. Eventually, this will tie into payments for services and slashing for misbehavior.
+
+#### `cancelSalt`
+
+```solidity
+function cancelSalt(bytes32 salt) external
+```
+
+Allows the caller (an Operator) to cancel a signature salt before it is used to register for an AVS.
+
+*Effects*:
+* Sets `operatorSaltIsSpent[msg.sender][salt]` to `true`
+
+*Requirements*:
+* Salt MUST NOT already be cancelled