Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom

Mainnet spell 2024-09-13 #426

Merged
merged 39 commits into from
Sep 16, 2024
Merged

Mainnet spell 2024-09-13 #426

merged 39 commits into from
Sep 16, 2024

Conversation

amusingaxl
Copy link
Contributor

@amusingaxl amusingaxl commented Sep 6, 2024
edited
Loading

Description

Contribution Checklist

  • PR title starts with (PE-<TICKET_NUMBER>)
  • Code approved
  • Tests approved
  • CI Tests pass

Checklist

  • Every contract variable/method declared as public/external private/internal
  • Consider if this PR needs the officeHours modifier override
  • Verify expiration (30 days unless otherwise specified)
  • Verify hash in the description matches here
  • Validate all addresses used are in changelog or known
  • Notify any external teams affected by the spell so they have the opportunity to review
  • Deploy spell ETH_GAS_LIMIT="XXX" ETH_GAS_PRICE="YYY" make deploy
  • Verify mainnet contract on etherscan
  • Change test to use mainnet spell address and deploy timestamp
  • Run make archive-spell or make date="YYYY-MM-DD" archive-spell to make an archive directory and copy DssSpell.sol, DssSpell.t.sol, DssSpell.t.base.sol, and DssSpellCollateralOnboarding.sol
  • squash and merge this PR

SidestreamColdMelon
SidestreamColdMelon reviewed Sep 7, 2024
View reviewed changes
src/DssSpell.sol Outdated Show resolved Hide resolved
src/DssSpell.sol Outdated Show resolved Hide resolved
src/DssSpell.sol Outdated Show resolved Hide resolved
src/DssSpell.sol Outdated Show resolved Hide resolved
SidestreamColdMelon
SidestreamColdMelon reviewed Sep 9, 2024
View reviewed changes
src/DssSpell.sol Outdated Show resolved Hide resolved
src/DssSpell.sol Outdated Show resolved Hide resolved
src/DssSpell.sol Show resolved Hide resolved
src/DssSpell.t.sol Show resolved Hide resolved
SidestreamColdMelon
SidestreamColdMelon reviewed Sep 9, 2024
View reviewed changes
src/DssSpell.sol Show resolved Hide resolved
src/DssSpell.sol Show resolved Hide resolved
src/DssSpell.sol Outdated Show resolved Hide resolved
src/test/addresses_mainnet.sol Outdated Show resolved Hide resolved
SidestreamColdMelon
SidestreamColdMelon reviewed Sep 10, 2024
View reviewed changes
src/DssSpell.t.sol Show resolved Hide resolved
src/dependencies/06-farm/phase-1b/UsdsSkyFarmingInit.sol Outdated Show resolved Hide resolved
src/dependencies/06-farm/phase-1b/Usds01PreFarmingInit.sol Outdated Show resolved Hide resolved
src/dependencies/06-farm/VestInit.sol Outdated Show resolved Hide resolved
SidestreamColdMelon
SidestreamColdMelon reviewed Sep 10, 2024
View reviewed changes
src/DssSpell.t.base.sol Outdated Show resolved Hide resolved
src/DssSpell.t.base.sol Show resolved Hide resolved
SidestreamColdMelon
SidestreamColdMelon reviewed Sep 12, 2024
View reviewed changes
src/DssSpell.sol Show resolved Hide resolved
src/DssSpell.sol Outdated Show resolved Hide resolved
src/DssSpell.sol Outdated Show resolved Hide resolved
@SidestreamColdMelon
Copy link
Contributor

TLDR: Good to deploy

Development Stage

  • Preparation
    • Exec Sheet for the specified date is found in the "Executive Vote Implementation Process" google sheet
      Insert URL to the specific sheet here
      https://docs.google.com/spreadsheets/d/1w_z5WpqxzwreCcaveB2Ye1PP5B8QAHDglzyxKHG3CHw/edit?gid=1165645248#gid=1165645248
    • Using Exec Sheet URL from the above, read spell instructions from the Exec Sheet and list them below
      List all instructions announced in the Exec Sheet
      • Repeating Checklist Item
        • Office Hours No
        • Global Line Modifier No
        • Order of Operations Issues Yes
        • Total Amount of DAI Transfers 0
        • Total Amount of MKR Transfers 0
      • Set earliest execution date September 17, 12:00 UTC
      • Do not authorize ESM in any new contracts
      • New Tokens Init
        • Init USDS by calling UsdsInit.init with the following parameters:
          • Init USDS with usds parameter being 0xdC035D45d973E3EC169d2276DDab16f1e407384F
          • Init USDS with usdsImp parameter being 0x1923DfeE706A8E78157416C29cBCCFDe7cdF4102
          • Init USDS with UsdsJoin parameter being 0x3C0f895007CA717Aa01c8693e59DF1e8C3777FEB
          • Init USDS with DaiUsds parameter being 0x3225737a9Bbb6473CB4a45b7244ACa2BeFdB276A
          • Add usds to chainlog with key "USDS" via the UsdsInit.init function
          • Add usdsImp to chainlog under the key "USDS_IMP" via the UsdsInit.init function
          • Add UsdsJoin to chainlog under the key "USDS_JOIN" via the UsdsInit.init function
          • Add DaiUsds to chainlog under the key "DAI_USDS" via the UsdsInit.init function
          • The usdsJoin Adapter will be authorized in the usds contract by calling rely via the UsdsInit.init function
        • Init sUSDS by calling SUsdsInit.init with the following parameters:
          • Init sUSDS with sUsds parameter being 0xa3931d71877C0E7a3148CB7Eb4463524FEc27fbD
          • Init sUSDS with sUsdsImp parameter being 0x4e7991e5C547ce825BdEb665EE14a3274f9F61e0
          • Init sUSDS with usdsJoin parameter being 0x3C0f895007CA717Aa01c8693e59DF1e8C3777FEB
          • Init sUSDS with usds parameter being 0xdC035D45d973E3EC169d2276DDab16f1e407384F
          • Init sUSDS with ssr parameter being 6.25%
          • Add sUsds to chainlog under the key "SUSDS" via the SUsdsInit.init function
          • Add sUsdsImp to chainlog under the key "SUSDS_IMP" via the SUsdsInit.init function
          • sUSDS will be authorized to access the vat by calling rely via the SUsdsInit.init function
        • Init SKY by calling SkyInit.init with the following parameters:
          • Init SKY with sky parameter being 0x56072C95FAA701256059aa122697B133aDEd9279
          • Init SKY with mkrSky parameter being 0xBDcFCA946b6CDd965f99a839e4435Bcdc1bc470B
          • Init SKY with rate parameter being 24,000
          • Add sky to chainlog under the key "SKY" via the SkyInit.init function
          • Add mkrSky to chainlog under the key "MKR_SKY" via the SkyInit.init function
          • The mkrSky contract will be authorized in the sky contract by calling rely via the SkyInit.init function
          • The mkrSky contract will be authorized in the MkrAuthority contract by calling rely via the SkyInit.init function
      • Pool Migration and Flapper Init
        • Migrate full DAI/MKR UniswapV2 liquidity into USDS/SKY by calling UniV2PoolMigratorInit.init with the following parameters:
          • Migrate liquidity to the new pool with pairDaiMkr parameter being 0x517F9dD285e75b599234F7221227339478d0FcC8
          • Migrate liquidity to the new pool with pairUsdsSky parameter being 0x2621CC0B3F3c079c1Db0E80794AA24976F0b9e3c
        • Init Splitter by calling FlapperInit.initSplitter with the following parameters:
          • Init Splitter with splitter parameter being 0xBF7111F13386d23cb2Fba5A538107A73f6872bCF
          • Init Splitter with mom parameter being 0xF51a075d468dE7dE3599C1Dc47F5C42d02C9230e
          • Init Splitter with hump parameter being 55M DAI
          • Init Splitter with bump parameter being 65,000 DAI/USDS
          • Init Splitter with hop parameter being 10,249 seconds
          • Init Splitter with burn parameter being 100% (1 * WAD)
          • Init Splitter with usdsJoin parameter being 0x3C0f895007CA717Aa01c8693e59DF1e8C3777FEB
          • Init Splitter with splitterChainlogKey parameter being MCD_SPLIT
          • Init Splitter with prevMomChainlogKey parameter being FLAPPER_MOM
          • Init Splitter with momChainlogKey parameter being SPLITTER_MOM
          • The flapper variable in the vow will be changed by the splitter address by calling file via the initSplitter function
        • Init new Flapper by calling FlapperInit.initFlapperUniV2 with the following parameters:
          • Init new Flapper with flapper_ parameter being 0xc5A9CaeBA70D6974cBDFb28120C3611Dd9910355
          • Init new Flapper with want parameter being 98% (98 * WAD / 100)
          • Init new Flapper with pip parameter being 0x38e8c1D443f546Dc014D7756ec63116161CB7B25
          • Init new Flapper with pair parameter being 0x2621CC0B3F3c079c1Db0E80794AA24976F0b9e3c
          • Init new Flapper with usds parameter being 0xdC035D45d973E3EC169d2276DDab16f1e407384F
          • Init new Flapper with splitter parameter being 0xBF7111F13386d23cb2Fba5A538107A73f6872bCF
          • Init new Flapper with prevChainlogKey parameter being MCD_FLAP
          • Init new Flapper with chainlogKey parameter being MCD_FLAP
        • Init new Oracle by calling FlapperInit.initOracleWrapper with the following parameters:
          • Init new Oracle with wrapper_ parameter being 0x38e8c1D443f546Dc014D7756ec63116161CB7B25
          • Init new Oracle with divisor parameter being 24,000
          • Init new Oracle with clKey parameter being FLAP_SKY_ORACLE
          • Authorize wrapper to read MKR oracle price
      • Setup DssVestMintable for SKY
        • Authorize DssVestMintable on SKY by calling DssExecLib.authorize with the following parameters:
          • Authorize DssVestMintable on SKY with _base parameter being 0x56072C95FAA701256059aa122697B133aDEd9279
          • Authorize DssVestMintable on SKY with _ward parameter being 0xB313Eab3FdE99B2bB4bA9750C2DDFBe2729d1cE9
        • Set DssVestMintable max rate (cap) by calling DssExecLib.setValue with the following parameters:
          • Set DssVestMintable max rate (cap) with _base parameter being 0xB313Eab3FdE99B2bB4bA9750C2DDFBe2729d1cE9
          • Set DssVestMintable max rate (cap) with _what parameter being "cap"
          • Set DssVestMintable max rate (cap) with _amt parameter being 799,999,999.999999999985808000 Sky per year (800M * WAD / 365 days )
        • Add DssVestMintable to Chainlog by calling DssExecLib.setChangelogAddress with the following parameters:
          • Add DssVestMintable to Chainlog with _key parameter being MCD_VEST_SKY
          • Add DssVestMintable to Chainlog with _val parameter being 0xB313Eab3FdE99B2bB4bA9750C2DDFBe2729d1cE9
      • USDS => SKY Farm Setup
        • Init USDS -> SKY rewards by calling UsdsSkyFarmingInit.init with the following parameters:
          • Init USDS -> SKY rewards with usds parameter being 0xdC035D45d973E3EC169d2276DDab16f1e407384F
          • Init USDS -> SKY rewards with sky parameter being 0x56072C95FAA701256059aa122697B133aDEd9279
          • Init USDS -> SKY rewards with rewards parameter being 0x0650CAF159C5A49f711e8169D4336ECB9b950275
          • Init USDS -> SKY rewards with rewardsKey parameter being REWARDS_USDS_SKY
          • Init USDS -> SKY rewards with dist parameter being 0x2F0C88e935Db5A60DDA73b0B4EAEef55883896d9
          • Init USDS -> SKY rewards with distKey parameter being REWARDS_DIST_USDS_SKY
          • Init USDS -> SKY rewards with vest parameter being 0xB313Eab3FdE99B2bB4bA9750C2DDFBe2729d1cE9
          • Init USDS -> SKY rewards with vestTot parameter being 600M * WAD
          • Init USDS -> SKY rewards with vestBgn parameter being block.timestamp - 7 days
          • Init USDS -> SKY rewards with vestTau parameter being 365 days - 1
          • Call distribute() in VestedRewardsDistribution contract in the spell execution
          • SKY Vesting Stream | from 'block.timestamp - 7 days' for '365 days - 1' | 600M * WAD SKY | 0x2F0C88e935Db5A60DDA73b0B4EAEef55883896d9
        • Initialize the new cron job by calling VestedRewardsDistributionJobInit.init with the following parameters:
          • Initialize cron job with job parameter being 0x6464C34A02DD155dd0c630CE233DD6e21C24F9A5
          • Initialize cron job with cfg.jobKey parameter being CRON_REWARDS_DIST_JOB
        • Add VestedRewardsDistribution to the new cron job by calling VestedRewardsDistributionJobInit.setDist with the following parameters:
          • Add VestedRewardsDistribution to the new cron job with job parameter being 0x6464C34A02DD155dd0c630CE233DD6e21C24F9A5
          • Add VestedRewardsDistribution to the new cron job with cfg.dist parameter being 0x2F0C88e935Db5A60DDA73b0B4EAEef55883896d9
          • Add VestedRewardsDistribution to the new cron job with cfg.interval parameter being 7 days - 1 hours
      • USDS => 01 Farm Setup
        • Init Rewards-01 by calling Usds01PreFarmingInit.init with the following parameters:
          • Init Rewards-01 with usds parameter being 0xdC035D45d973E3EC169d2276DDab16f1e407384F
          • Init Rewards-01 with rewards parameter being 0x10ab606B067C9C461d8893c47C7512472E19e2Ce
          • Init Rewards-01 with rewardsKey parameter being REWARDS_USDS_01
      • MISC
        • Add LitePsmWrapper to the Chainlog by calling DssExecLib.setChangelogAddress with the following parameters:
          • Add LitePsmWrapper to the Chainlog with _key parameter being WRAPPER_USDS_LITE_PSM_USDC_A
          • Add LitePsmWrapper to the Chainlog with _val parameter being 0xA188EEC8F81263234dA3622A406892F3D630f98c
        • Update GSM Delay
          • Reduce GSM Delay by 14 hours, from 30 hours to 16 hours by calling MCD_PAUSE.setDelay
  • Base checks
    • Current solc version 0.8.16
    • Office hours is true IF spell introduces a major change that can affect external parties (e.g.: keepers are affected in case of collateral offboarding) OTHERWISE explicitly set to false
      ℹ️ Although the spell introduces major changes, instead of using office hours it redefines schedule() method to set "earliest execution date" (per Executive Doc). This ensures affected parties are aware of the execution time
    • Office hours value matches the Exec Sheet
    • 30 days spell expiry set in the constructor (block.timestamp + 30 days)
  • Spell description
    • Description follows the format TARGET_DATE MakerDAO Executive Spell | Hash: EXEC_DOC_HASH
    • TARGET_DATE in the description matches the target date
    • Accompanying comment above spell description follows the format // Hash: cast keccak -- "$(wget 'EXEC_DOC_URL' -q -O - 2>/dev/null)"
  • Comments inside the spell
    • Every Section text from the Exec Sheet is copied to the spell code as a comment surrounded by the set of dashes (E.g. // ----- Section text -----)
    • Every Instruction text from the Exec Sheet is copied to the spell code as // Instruction text
    • Every Instruction text have newline above it
      ⚠️ This is not always followed, but is a good compromize for readability
    • IF an instruction can not be taken, it should have explanation under the instruction prefixed with // Note: (e.g.: // Note: Payments are skipped on goerli)
    • IF action in the spell doesn't have relevant instruction (e.g.: chainlog version bump), the necessity of it is explained in the comment above prefixed with // Note:
    • Every proof url from the Exec Sheet, such as Reasoning URL and Authority URL is present in the spell code under relevant section or instruction (depending on which row the url is present)
    • Every proof url from the Exec Sheet, such as Reasoning URL and Authority URL have prefix derived from the url itself
      • // Executive Vote: if URL starts with https://vote.makerdao.com/executive/
      • // Poll: if URL starts with https://vote.makerdao.com/polling/
      • // Forum: if URL starts with https://forum.makerdao.com/t/
      • // MIP: if URL starts with https://mips.makerdao.com/mips/details/
  • Dependency checks
    • Update Foundry by running foundryup
      ℹ️ Updated versions 
      foundryup: installed - forge 0.2.0 (be451fb 2024-09-11T00:20:08.082212000Z)
foundryup: installed - cast 0.2.0 (be451fb 2024-09-11T00:20:08.053769000Z)
foundryup: installed - anvil 0.2.0 (be451fb 2024-09-11T00:20:08.111672000Z)
foundryup: installed - chisel 0.2.0 (be451fb 2024-09-11T00:20:08.098655000Z)
    • Reinstall libraries by running rm -rf ./lib && git submodule update --init --recursive 
      Insert checked out submodule paths here
Submodule path 'lib/dss-exec-lib': checked out '69b658f35d8618272cd139dfc18c5713caf6b96b'
Submodule path 'lib/dss-test': checked out '36ff4adbcb35760614e0d2df864026991c23d028'
    • IF submodule upgrades are present, make sure dss-exec-lib is synced as well
    • git submodule hash of dss-exec-lib (run git submodule status) matches the latest release version or newer
    • dss-interfaces library used inside lib/dss-exec-lib matches submodule used inside lib/dss-test
  • IF interfaces are present in the spell
    • Interfaces imported from dss-interfaces
      • No unused dss-interfaces
      • Only single import layout is used (e.g. import "dss-interfaces/dss/VatAbstract.sol";)
    • Static Interfaces
      • No unused static interfaces
      • Declared static interface not present in the dss-interfaces, OTHERWISE should be imported from there
        ⚠️ DSPauseAbstract and ChainlogAbstract are present in dss-interfaces, but they contain unused methods. Therefore it's acceptable to statically redeclare them
      • Interface matches deployed contract using cast interface <contract_address> command
      • Interface naming style should match with Like suffix (e.g. VatLike)
      • Each static interface declare only functions actually used in the spell code
  • IF variable declarations are present in the spell
    • IF precision units are present
      • Precision units used in the spell match their defined values:
        • WAD = 10 ** 18
        • RAY = 10 ** 27
        • RAD = 10 ** 45
      • Precision units match with Numerical Ranges
      • Each variable visibility is declared as internal
      • Each variable state mutability is declared as constant
    • IF math units are present
      • Match their defined values:
        • HUNDRED = 10 ** 2
        • THOUSAND = 10 ** 3
        • MILLION = 10 ** 6
        • BILLION = 10 ** 9
      • Match with config
      • Each variable visibility is declared as internal
      • Each variable state mutability is declared as constant
    • IF rates are present
      • Rates match generated locally via make rates pct=<pct> (e.g. pct=0.75, for 0.75%)
      • Rates match IPFS document
      • Rate variable name conforms to X_PT_Y_Z_PCT_RATE (e.g. ZERO_PT_SEVEN_FIVE_PCT_RATE for 0.75%)
      • Rate variable visibility declared as internal
      • Rate variable state mutability declared as constant
    • IF timestamps are present
      • Comment above timestamp states full date including UTC timezone
      • Timestamp converts back to the correct date
      • Timestamp converts back to the UTC timezone
      • Variable naming matches MMM_DD_YYYY (e.g. JAN_01_2023 for 2023-01-01)
        ℹ️ Variable name also contains time and timezone
      • Time of day makes logical sense in the context of timestamp usage (i.e. 23:59:59 UTC for the final day of something, 00:00:00 UTC for the first day of something)
      • Each variable visibility is declared as internal
      • Each variable state mutability is declared as constant
  • IF new contract is present in the spell (not yet on chainlog or new to chainlog)
    • 0xdC035D45d973E3EC169d2276DDab16f1e407384F named as USDS in the spell
      • Source code is verified on etherscan
      • Compilation optimizations match deployment settings defined in the source code repo
        ℹ️ Found here
      • GNU AGPLv3 license
        ⚠️ The contracts are ERC1967 implementation developed by Openzeppelin, so we have no contol over the license. This is expected / not a blocker
      • Every maker-related constructor argument matches chainlog (e.g. vat, dai, dog, ...)
        ℹ️ Constructor arguments:
        • implementation (address): 0x1923DfeE706A8E78157416C29cBCCFDe7cdF4102
          • ✅ Matches USDS_IMP address below
        • _data (bytes): 0x8129fc1c
          • ✅ Matches initialize() function signature found in USDS_IMP
      • IF new contract have concept of wards or access control
        ℹ️ While the contract itself have no wards, it keeps state for the implementation contract (called via delegatecall, as per EIP1967 spec). Upgradability is also being controlled by the implementation contract (see _authorizeUpgrade)
        • Ensure PAUSE_PROXY address was relied (wards(PAUSE_PROXY) is 1)
        • Ensure that contract deployer address was denied (wards(deployer) is 0)
        • Ensure MCD_ESM address is already relied OR being relied (wards(MCD_ESM) is 1) in this spell (as approved by Governance Facilitators, in order to allow de-authing the pause proxy during Emergency Shutdown, via denyProxy)
          ⚠️ This is overwritten by the specific instruction Do not authorize ESM in any new contracts
        • Ensure that there are no other Rely events except for PAUSE_PROXY and MCD_ESM (using a block explorer like etherscan)
      • Source code matches corresponding github source code (e.g. diffcheck via vscode code --diff etherscan.sol github.sol)
      • Deployer address is included into addresses_deployers.sol
    • 0x1923DfeE706A8E78157416C29cBCCFDe7cdF4102 named as USDS_IMP in the spell
      • Source code is verified on etherscan
      • Compilation optimizations match deployment settings defined in the source code repo
        ℹ️ Found here
      • GNU AGPLv3 license
      • Every maker-related constructor argument matches chainlog (e.g. vat, dai, dog, ...)
        ℹ️ It has no constructor arguments
      • IF new contract have concept of wards or access control
        ℹ️ It technically has wards, but sice it's implementation contract and only called via delegatecall, its state is stored in the parent proxy contract, therefore its own state is irrelevant
        • Ensure PAUSE_PROXY address was relied (wards(PAUSE_PROXY) is 1)
        • Ensure that contract deployer address was denied (wards(deployer) is 0)
        • Ensure MCD_ESM address is already relied OR being relied (wards(MCD_ESM) is 1) in this spell (as approved by Governance Facilitators, in order to allow de-authing the pause proxy during Emergency Shutdown, via denyProxy)
        • Ensure that there are no other Rely events except for PAUSE_PROXY and MCD_ESM (using a block explorer like etherscan)
      • Source code matches corresponding github source code (e.g. diffcheck via vscode code --diff etherscan.sol github.sol)
      • Deployer address is included into addresses_deployers.sol
    • 0x3C0f895007CA717Aa01c8693e59DF1e8C3777FEB named as USDS_JOIN in the spell
      • Source code is verified on etherscan
      • Compilation optimizations match deployment settings defined in the source code repo
        ℹ️ Found here
      • GNU AGPLv3 license
      • Every maker-related constructor argument matches chainlog (e.g. vat, dai, dog, ...)
        ℹ️ Constructor arguments
        • vat_ (address): 0x35D1b3F3D7966A1DFe207aa4514C12a259A0492B
          • ✅ Matches MCD_VAT found in chainlog
        • usds_ (address): 0xdC035D45d973E3EC169d2276DDab16f1e407384F
          • ✅ Matches USDS address checked above
      • IF new contract have concept of wards or access control
        • Ensure PAUSE_PROXY address was relied (wards(PAUSE_PROXY) is 1)
        • Ensure that contract deployer address was denied (wards(deployer) is 0)
        • Ensure MCD_ESM address is already relied OR being relied (wards(MCD_ESM) is 1) in this spell (as approved by Governance Facilitators, in order to allow de-authing the pause proxy during Emergency Shutdown, via denyProxy)
        • Ensure that there are no other Rely events except for PAUSE_PROXY and MCD_ESM (using a block explorer like etherscan)
      • Source code matches corresponding github source code (e.g. diffcheck via vscode code --diff etherscan.sol github.sol)
      • Deployer address is included into addresses_deployers.sol
    • 0x3225737a9Bbb6473CB4a45b7244ACa2BeFdB276A named as DAI_USDS in the spell
      • Source code is verified on etherscan
      • Compilation optimizations match deployment settings defined in the source code repo
        ℹ️ Found here
      • GNU AGPLv3 license
      • Every maker-related constructor argument matches chainlog (e.g. vat, dai, dog, ...)
        ℹ️ Constructor arguments
        • daiJoin_ (address): 0x9759A6Ac90977b93B58547b4A71c78317f391A28
          • ✅ Matches MCD_JOIN_DAI found in chainlog
        • usdsJoin_ (address): 0x3C0f895007CA717Aa01c8693e59DF1e8C3777FEB
          • ✅ Matches USDS_JOIN address checked above
      • IF new contract have concept of wards or access control
        • Ensure PAUSE_PROXY address was relied (wards(PAUSE_PROXY) is 1)
        • Ensure that contract deployer address was denied (wards(deployer) is 0)
        • Ensure MCD_ESM address is already relied OR being relied (wards(MCD_ESM) is 1) in this spell (as approved by Governance Facilitators, in order to allow de-authing the pause proxy during Emergency Shutdown, via denyProxy)
        • Ensure that there are no other Rely events except for PAUSE_PROXY and MCD_ESM (using a block explorer like etherscan)
      • Source code matches corresponding github source code (e.g. diffcheck via vscode code --diff etherscan.sol github.sol)
      • Deployer address is included into addresses_deployers.sol
    • 0xa3931d71877C0E7a3148CB7Eb4463524FEc27fbD named as SUSDS in the spell
      • Source code is verified on etherscan
      • Compilation optimizations match deployment settings defined in the source code repo
        ℹ️ Found here
      • GNU AGPLv3 license
        ⚠️ The contracts are Openzeppelin-authored ERC1967 implementation, so we have no contol over the licence. This is expected / not a blocker
      • Every maker-related constructor argument matches chainlog (e.g. vat, dai, dog, ...)
        ℹ️ Constructor arguments
        • implementation (address): 0x4e7991e5C547ce825BdEb665EE14a3274f9F61e0
          • ✅ Matches SUSDS_IMP address checked below
        • _data (bytes): 0x8129fc1c
          • ✅ Matches initialize() function signature found in SUSDS_IMP
      • IF new contract have concept of wards or access control
        ℹ️ While the contract itself have no wards, it keeps state for the implementation contract (called via delegatecall, as per EIP1967 spec). Upgradability is also being controlled by the implementation contract (see _authorizeUpgrade)
        • Ensure PAUSE_PROXY address was relied (wards(PAUSE_PROXY) is 1)
        • Ensure that contract deployer address was denied (wards(deployer) is 0)
        • Ensure MCD_ESM address is already relied OR being relied (wards(MCD_ESM) is 1) in this spell (as approved by Governance Facilitators, in order to allow de-authing the pause proxy during Emergency Shutdown, via denyProxy)
          ⚠️ This is overwritten by the specific instruction Do not authorize ESM in any new contracts
        • Ensure that there are no other Rely events except for PAUSE_PROXY and MCD_ESM (using a block explorer like etherscan)
      • Source code matches corresponding github source code (e.g. diffcheck via vscode code --diff etherscan.sol github.sol)
      • Deployer address is included into addresses_deployers.sol
    • 0x4e7991e5C547ce825BdEb665EE14a3274f9F61e0 named as SUSDS_IMP in the spell
      • Source code is verified on etherscan
      • Compilation optimizations match deployment settings defined in the source code repo
        ℹ️ Found here
      • GNU AGPLv3 license
      • Every maker-related constructor argument matches chainlog (e.g. vat, dai, dog, ...)
        ℹ️ Constructor arguments
        • usdsJoin_ (address): 0x3C0f895007CA717Aa01c8693e59DF1e8C3777FEB
          • ✅ Matches USDS_JOIN address checked above
        • vow_ (address): 0xA950524441892A31ebddF91d3cEEFa04Bf454466
          • ✅ Matches MCD_VOW found in chainlog
      • IF new contract have concept of wards or access control
        ℹ️ It technically has wards, but sice it's implementation contract and only called via delegatecall, its state is stored in the parent proxy contract, therefore its own state is irrelevant
        • Ensure PAUSE_PROXY address was relied (wards(PAUSE_PROXY) is 1)
        • Ensure that contract deployer address was denied (wards(deployer) is 0)
        • Ensure MCD_ESM address is already relied OR being relied (wards(MCD_ESM) is 1) in this spell (as approved by Governance Facilitators, in order to allow de-authing the pause proxy during Emergency Shutdown, via denyProxy)
        • Ensure that there are no other Rely events except for PAUSE_PROXY and MCD_ESM (using a block explorer like etherscan)
      • Source code matches corresponding github source code (e.g. diffcheck via vscode code --diff etherscan.sol github.sol)
      • Deployer address is included into addresses_deployers.sol
    • 0x56072C95FAA701256059aa122697B133aDEd9279 named as SKY in the spell
      • Source code is verified on etherscan
      • Compilation optimizations match deployment settings defined in the source code repo
        ℹ️ Found here
      • GNU AGPLv3 license
      • Every maker-related constructor argument matches chainlog (e.g. vat, dai, dog, ...)
        ℹ️ Constructor has no arguments
      • IF new contract have concept of wards or access control
        • Ensure PAUSE_PROXY address was relied (wards(PAUSE_PROXY) is 1)
        • Ensure that contract deployer address was denied (wards(deployer) is 0)
        • Ensure MCD_ESM address is already relied OR being relied (wards(MCD_ESM) is 1) in this spell (as approved by Governance Facilitators, in order to allow de-authing the pause proxy during Emergency Shutdown, via denyProxy)
          ⚠️ This is overwritten by the specific instruction Do not authorize ESM in any new contracts
        • Ensure that there are no other Rely events except for PAUSE_PROXY and MCD_ESM (using a block explorer like etherscan)
      • Source code matches corresponding github source code (e.g. diffcheck via vscode code --diff etherscan.sol github.sol)
      • Deployer address is included into addresses_deployers.sol
    • 0xBDcFCA946b6CDd965f99a839e4435Bcdc1bc470B named as MKR_SKY in the spell
      • Source code is verified on etherscan
      • Compilation optimizations match deployment settings defined in the source code repo
        ℹ️ Found here
      • GNU AGPLv3 license
      • Every maker-related constructor argument matches chainlog (e.g. vat, dai, dog, ...)
        ℹ️ Constructor arguments
        • mkr_ (address): 0x9f8F72aA9304c8B593d555F12eF6589cC3A579A2
          • ✅ Matches MCD_GOV found in chainlog (MKR token)
        • sky_ (address): 0x56072C95FAA701256059aa122697B133aDEd9279
          • ✅ Matches SKY address checked above
        • rate_ (uint256): 24000
          • ✅ Matches Init SKY with rate parameter being 24,000 instruction
      • IF new contract have concept of wards or access control
        • Ensure PAUSE_PROXY address was relied (wards(PAUSE_PROXY) is 1)
        • Ensure that contract deployer address was denied (wards(deployer) is 0)
        • Ensure MCD_ESM address is already relied OR being relied (wards(MCD_ESM) is 1) in this spell (as approved by Governance Facilitators, in order to allow de-authing the pause proxy during Emergency Shutdown, via denyProxy)
        • Ensure that there are no other Rely events except for PAUSE_PROXY and MCD_ESM (using a block explorer like etherscan)
      • Source code matches corresponding github source code (e.g. diffcheck via vscode code --diff etherscan.sol github.sol)
      • Deployer address is included into addresses_deployers.sol
    • 0x517F9dD285e75b599234F7221227339478d0FcC8 named as UNIV2DAIMKR in the spell
      ℹ️ The contract is a Uniswap V2 pair retrievable from the official Uniswap V2 Factory on mainnet using getPair method with MCD_DAI and MCD_GOV addresses from chainlog as parameters. As the contract is deployed by the official Uniswap V2 Factory, maker-specific checks do not apply here
      • Source code is verified on etherscan
      • Compilation optimizations match deployment settings defined in the source code repo
      • GNU AGPLv3 license
      • Every maker-related constructor argument matches chainlog (e.g. vat, dai, dog, ...)
      • IF new contract have concept of wards or access control
        • Ensure PAUSE_PROXY address was relied (wards(PAUSE_PROXY) is 1)
        • Ensure that contract deployer address was denied (wards(deployer) is 0)
        • Ensure MCD_ESM address is already relied OR being relied (wards(MCD_ESM) is 1) in this spell (as approved by Governance Facilitators, in order to allow de-authing the pause proxy during Emergency Shutdown, via denyProxy)
        • Ensure that there are no other Rely events except for PAUSE_PROXY and MCD_ESM (using a block explorer like etherscan)
      • Source code matches corresponding github source code (e.g. diffcheck via vscode code --diff etherscan.sol github.sol)
      • Deployer address is included into addresses_deployers.sol
    • 0x2621CC0B3F3c079c1Db0E80794AA24976F0b9e3c named as UNIV2USDSSKY in the spell
      ℹ️ Same as above. The contract is a Uniswap V2 pair retrievable from the official Uniswap V2 Factory on mainnet using getPair method with USDS and SKY addresses as parameters. As the contract is deployed by the official Uniswap V2 Factory, maker-specific checks do not apply here
      • Source code is verified on etherscan
      • Compilation optimizations match deployment settings defined in the source code repo
      • GNU AGPLv3 license
      • Every maker-related constructor argument matches chainlog (e.g. vat, dai, dog, ...)
      • IF new contract have concept of wards or access control
        • Ensure PAUSE_PROXY address was relied (wards(PAUSE_PROXY) is 1)
        • Ensure that contract deployer address was denied (wards(deployer) is 0)
        • Ensure MCD_ESM address is already relied OR being relied (wards(MCD_ESM) is 1) in this spell (as approved by Governance Facilitators, in order to allow de-authing the pause proxy during Emergency Shutdown, via denyProxy)
        • Ensure that there are no other Rely events except for PAUSE_PROXY and MCD_ESM (using a block explorer like etherscan)
      • Source code matches corresponding github source code (e.g. diffcheck via vscode code --diff etherscan.sol github.sol)
      • Deployer address is included into addresses_deployers.sol
    • 0xBF7111F13386d23cb2Fba5A538107A73f6872bCF named as MCD_SPLIT in the spell
      • Source code is verified on etherscan
      • Compilation optimizations match deployment settings defined in the source code repo
        ℹ️ Found here
      • GNU AGPLv3 license
      • Every maker-related constructor argument matches chainlog (e.g. vat, dai, dog, ...)
        ℹ️ Constructor arguments
        • _usdsJoin (address): 0x3C0f895007CA717Aa01c8693e59DF1e8C3777FEB
          • ✅ Matches USDS_JOIN address checked above
      • IF new contract have concept of wards or access control
        • Ensure PAUSE_PROXY address was relied (wards(PAUSE_PROXY) is 1)
        • Ensure that contract deployer address was denied (wards(deployer) is 0)
        • Ensure MCD_ESM address is already relied OR being relied (wards(MCD_ESM) is 1) in this spell (as approved by Governance Facilitators, in order to allow de-authing the pause proxy during Emergency Shutdown, via denyProxy)
          ⚠️ This is overwritten by the specific instruction Do not authorize ESM in any new contracts
        • Ensure that there are no other Rely events except for PAUSE_PROXY and MCD_ESM (using a block explorer like etherscan)
      • Source code matches corresponding github source code (e.g. diffcheck via vscode code --diff etherscan.sol github.sol)
      • Deployer address is included into addresses_deployers.sol
    • 0xF51a075d468dE7dE3599C1Dc47F5C42d02C9230e named as SPLITTER_MOM in the spell
      • Source code is verified on etherscan
      • Compilation optimizations match deployment settings defined in the source code repo
        ℹ️ Found here
      • GNU AGPLv3 license
      • Every maker-related constructor argument matches chainlog (e.g. vat, dai, dog, ...)
        ℹ️ Constructor arguments
        • _splitter (address): 0xBF7111F13386d23cb2Fba5A538107A73f6872bCF
          • ✅ Matches MCD_SPLIT address checked above
      • IF new contract have concept of wards or access control
        • Ensure PAUSE_PROXY address was relied (wards(PAUSE_PROXY) is 1)
          ℹ️ MCD_PAUSE_PROXY is the only owner
        • Ensure that contract deployer address was denied (wards(deployer) is 0)
        • Ensure MCD_ESM address is already relied OR being relied (wards(MCD_ESM) is 1) in this spell (as approved by Governance Facilitators, in order to allow de-authing the pause proxy during Emergency Shutdown, via denyProxy)
        • Ensure that there are no other Rely events except for PAUSE_PROXY and MCD_ESM (using a block explorer like etherscan)
      • Source code matches corresponding github source code (e.g. diffcheck via vscode code --diff etherscan.sol github.sol)
      • Deployer address is included into addresses_deployers.sol
    • 0xc5A9CaeBA70D6974cBDFb28120C3611Dd9910355 named as MCD_FLAP in the spell
      • Source code is verified on etherscan
      • Compilation optimizations match deployment settings defined in the source code repo
        ℹ️ Found here
      • GNU AGPLv3 license
      • Every maker-related constructor argument matches chainlog (e.g. vat, dai, dog, ...)
        ℹ️ Constructor arguments
        • _spotter (address): 0x65C79fcB50Ca1594B025960e539eD7A9a6D434A3
          • ✅ Matches MCD_SPOT found in chainlog
        • _usds (address): 0xdC035D45d973E3EC169d2276DDab16f1e407384F
          • ✅ Matches USDS address checked above
        • _gem (address): 0x56072C95FAA701256059aa122697B133aDEd9279
          • ✅ Matches SKY address checked above
        • _pair (address): 0x2621CC0B3F3c079c1Db0E80794AA24976F0b9e3c
          • ✅ Matches UNIV2USDSSKY address checked above
        • _receiver (address): 0xBE8E3e3618f7474F8cB1d074A26afFef007E98FB
          • ✅ Matches MCD_PAUSE_PROXY found in chainlog
      • IF new contract have concept of wards or access control
        • Ensure PAUSE_PROXY address was relied (wards(PAUSE_PROXY) is 1)
        • Ensure that contract deployer address was denied (wards(deployer) is 0)
        • Ensure MCD_ESM address is already relied OR being relied (wards(MCD_ESM) is 1) in this spell (as approved by Governance Facilitators, in order to allow de-authing the pause proxy during Emergency Shutdown, via denyProxy)
          ⚠️ This is overwritten by the specific instruction Do not authorize ESM in any new contracts
        • Ensure that there are no other Rely events except for PAUSE_PROXY and MCD_ESM (using a block explorer like etherscan)
      • Source code matches corresponding github source code (e.g. diffcheck via vscode code --diff etherscan.sol github.sol)
      • Deployer address is included into addresses_deployers.sol
    • 0x38e8c1D443f546Dc014D7756ec63116161CB7B25 named as FLAP_SKY_ORACLE in the spell
      • Source code is verified on etherscan
      • Compilation optimizations match deployment settings defined in the source code repo
        ℹ️ Found here
      • GNU AGPLv3 license
      • Every maker-related constructor argument matches chainlog (e.g. vat, dai, dog, ...)
        ℹ️ Constructor arguments
        • _pip (address): 0xdbBe5e9B1dAa91430cF0772fCEbe53F6c6f137DF
          • ✅ Matches PIP_MKR found in chainlog
        • _flapper (address): 0xc5A9CaeBA70D6974cBDFb28120C3611Dd9910355
          • ✅ Matches MCD_FLAP address checked above
        • _divisor (uint256): 24000
          • ✅ Matches Init new Oracle with divisor parameter being 24,000 instruction
      • IF new contract have concept of wards or access control
        • Ensure PAUSE_PROXY address was relied (wards(PAUSE_PROXY) is 1)
        • Ensure that contract deployer address was denied (wards(deployer) is 0)
        • Ensure MCD_ESM address is already relied OR being relied (wards(MCD_ESM) is 1) in this spell (as approved by Governance Facilitators, in order to allow de-authing the pause proxy during Emergency Shutdown, via denyProxy)
        • Ensure that there are no other Rely events except for PAUSE_PROXY and MCD_ESM (using a block explorer like etherscan)
      • Source code matches corresponding github source code (e.g. diffcheck via vscode code --diff etherscan.sol github.sol)
      • Deployer address is included into addresses_deployers.sol
    • 0xB313Eab3FdE99B2bB4bA9750C2DDFBe2729d1cE9 named as MCD_VEST_SKY in the spell
      • ℹ️
        • Audit not found (due to being an old contract)
        • Closest source code found in the official repository
        • Closest deployed contract in use is MCD_VEST_MKR (DssVestMintable)
      • Source code is verified on etherscan
      • Compilation optimizations match deployment settings defined in the source code repo
        ℹ️ Found here
      • GNU AGPLv3 license
      • Every maker-related constructor argument matches chainlog (e.g. vat, dai, dog, ...)
        ℹ️ Constructor arguments
        • _gem (address): 0x56072C95FAA701256059aa122697B133aDEd9279
          • ✅ Matches SKY address checked above
      • IF new contract have concept of wards or access control
        • Ensure PAUSE_PROXY address was relied (wards(PAUSE_PROXY) is 1)
        • Ensure that contract deployer address was denied (wards(deployer) is 0)
        • Ensure MCD_ESM address is already relied OR being relied (wards(MCD_ESM) is 1) in this spell (as approved by Governance Facilitators, in order to allow de-authing the pause proxy during Emergency Shutdown, via denyProxy)
          ⚠️ This is overwritten by the specific instruction Do not authorize ESM in any new contracts
        • Ensure that there are no other Rely events except for PAUSE_PROXY and MCD_ESM (using a block explorer like etherscan)
      • Source code matches corresponding github source code (e.g. diffcheck via vscode code --diff etherscan.sol github.sol)
        ⚠️ There are differences between verified code and the one found on github, but they are minor / have no implications on the actual execution of the contract
      • Deployer address is included into addresses_deployers.sol
    • 0x0650CAF159C5A49f711e8169D4336ECB9b950275 named as REWARDS_USDS_SKY in the spell
      • Source code is verified on etherscan
      • Compilation optimizations match deployment settings defined in the source code repo
        ℹ️ Found here
      • GNU AGPLv3 license
        ⚠️ This contract was developed by Synthetix and therefore we have no control over its license. This is expected / not a blocker
      • Every maker-related constructor argument matches chainlog (e.g. vat, dai, dog, ...)
        ℹ️ Constructor arguments
        • _owner (address): 0xBE8E3e3618f7474F8cB1d074A26afFef007E98FB
          • ✅ Matches MCD_PAUSE_PROXY found in chainlog
        • _rewardsDistribution (address): 0x0000000000000000000000000000000000000000
          • ✅ This address is set later, via UsdsSkyFarmingInit.init call
        • _rewardsToken (address): 0x56072C95FAA701256059aa122697B133aDEd9279
          • ✅ Matches SKY address checked above
        • _stakingToken (address): 0xdC035D45d973E3EC169d2276DDab16f1e407384F
          • ✅ Matches USDS address checked above
      • IF new contract have concept of wards or access control
        • Ensure PAUSE_PROXY address was relied (wards(PAUSE_PROXY) is 1)
          ℹ️ MCD_PAUSE_PROXY is the only owner
        • Ensure that contract deployer address was denied (wards(deployer) is 0)
        • Ensure MCD_ESM address is already relied OR being relied (wards(MCD_ESM) is 1) in this spell (as approved by Governance Facilitators, in order to allow de-authing the pause proxy during Emergency Shutdown, via denyProxy)
        • Ensure that there are no other Rely events except for PAUSE_PROXY and MCD_ESM (using a block explorer like etherscan)
      • Source code matches corresponding github source code (e.g. diffcheck via vscode code --diff etherscan.sol github.sol)
      • Deployer address is included into addresses_deployers.sol
    • 0x2F0C88e935Db5A60DDA73b0B4EAEef55883896d9 named as REWARDS_DIST_USDS_SKY in the spell
      • Source code is verified on etherscan
      • Compilation optimizations match deployment settings defined in the source code repo
        ℹ️ Found here
      • GNU AGPLv3 license
      • Every maker-related constructor argument matches chainlog (e.g. vat, dai, dog, ...)
        ℹ️ Constructor arguments
        • _dssVest (address): 0xB313Eab3FdE99B2bB4bA9750C2DDFBe2729d1cE9
          • ✅ Matches MCD_VEST_SKY address checked above
        • _stakingRewards (address): 0x0650CAF159C5A49f711e8169D4336ECB9b950275
          • ✅ Matches REWARDS_USDS_SKY address checked above
      • IF new contract have concept of wards or access control
        • Ensure PAUSE_PROXY address was relied (wards(PAUSE_PROXY) is 1)
        • Ensure that contract deployer address was denied (wards(deployer) is 0)
        • Ensure MCD_ESM address is already relied OR being relied (wards(MCD_ESM) is 1) in this spell (as approved by Governance Facilitators, in order to allow de-authing the pause proxy during Emergency Shutdown, via denyProxy)
          ⚠️ This is overwritten by the specific instruction Do not authorize ESM in any new contracts
        • Ensure that there are no other Rely events except for PAUSE_PROXY and MCD_ESM (using a block explorer like etherscan)
      • Source code matches corresponding github source code (e.g. diffcheck via vscode code --diff etherscan.sol github.sol)
      • Deployer address is included into addresses_deployers.sol
    • 0x10ab606B067C9C461d8893c47C7512472E19e2Ce named as REWARDS_USDS_01 in the spell
      • Source code is verified on etherscan
      • Compilation optimizations match deployment settings defined in the source code repo
        ℹ️ Found here
      • GNU AGPLv3 license
        ⚠️ This contract was developed by Synthetix and therefore we have no control over its license. This is expected / not a blocker
      • Every maker-related constructor argument matches chainlog (e.g. vat, dai, dog, ...)
        ℹ️ Constructor arguments
        • _owner (address): 0xBE8E3e3618f7474F8cB1d074A26afFef007E98FB
          • ✅ Matches MCD_PAUSE_PROXY found in chainlog
        • _rewardsDistribution (address): 0x0000000000000000000000000000000000000000
          • ✅ This is expected, as distribution will happen offchain
        • _rewardsToken (address): 0x0000000000000000000000000000000000000000
          • ✅ This is expected, as distribution will happen offchain
        • _stakingToken (address): 0xdC035D45d973E3EC169d2276DDab16f1e407384F
          • ✅ Matches USDS address checked above
      • IF new contract have concept of wards or access control
        • Ensure PAUSE_PROXY address was relied (wards(PAUSE_PROXY) is 1)
          ℹ️ MCD_PAUSE_PROXY is the only owner
        • Ensure that contract deployer address was denied (wards(deployer) is 0)
        • Ensure MCD_ESM address is already relied OR being relied (wards(MCD_ESM) is 1) in this spell (as approved by Governance Facilitators, in order to allow de-authing the pause proxy during Emergency Shutdown, via denyProxy)
        • Ensure that there are no other Rely events except for PAUSE_PROXY and MCD_ESM (using a block explorer like etherscan)
      • Source code matches corresponding github source code (e.g. diffcheck via vscode code --diff etherscan.sol github.sol)
      • Deployer address is included into addresses_deployers.sol
    • 0x6464C34A02DD155dd0c630CE233DD6e21C24F9A5 named as CRON_REWARDS_DIST_JOB in the spell
      • ℹ️
        • Not audited (which is expected for a cron job)
        • Source code
      • Source code is verified on etherscan
      • Compilation optimizations match deployment settings defined in the source code repo
        ⚠️ Compilation optimizations settings are not found in the repository, but match default foundry settings (Yes with 200 runs)
      • GNU AGPLv3 license
      • Every maker-related constructor argument matches chainlog (e.g. vat, dai, dog, ...)
        ℹ️ Constructor arguments
        • _sequencer (address): 0x238b4E35dAed6100C6162fAE4510261f88996EC9
          • ✅ Matches CRON_SEQUENCER found in chainlog
      • IF new contract have concept of wards or access control
        • Ensure PAUSE_PROXY address was relied (wards(PAUSE_PROXY) is 1)
        • Ensure that contract deployer address was denied (wards(deployer) is 0)
        • Ensure MCD_ESM address is already relied OR being relied (wards(MCD_ESM) is 1) in this spell (as approved by Governance Facilitators, in order to allow de-authing the pause proxy during Emergency Shutdown, via denyProxy)
          ⚠️ This is overwritten by the specific instruction Do not authorize ESM in any new contracts
        • Ensure that there are no other Rely events except for PAUSE_PROXY and MCD_ESM (using a block explorer like etherscan)
      • Source code matches corresponding github source code (e.g. diffcheck via vscode code --diff etherscan.sol github.sol)
      • Deployer address is included into addresses_deployers.sol
    • 0xA188EEC8F81263234dA3622A406892F3D630f98c named as WRAPPER_USDS_LITE_PSM_USDC_A in the spell
      • Source code is verified on etherscan
      • Compilation optimizations match deployment settings defined in the source code repo
        ℹ️ Found here
      • GNU AGPLv3 license
      • Every maker-related constructor argument matches chainlog (e.g. vat, dai, dog, ...)
        ℹ️ Constructor arguments
        • psm_ (address): 0xf6e72Db5454dd049d0788e411b06CfAF16853042
          • ✅ Matches MCD_LITE_PSM_USDC_A found in chainlog
        • usdsJoin_ (address): 0x3C0f895007CA717Aa01c8693e59DF1e8C3777FEB
          • ✅ Matches USDS_JOIN address checked above
      • IF new contract have concept of wards or access control
        • Ensure PAUSE_PROXY address was relied (wards(PAUSE_PROXY) is 1)
        • Ensure that contract deployer address was denied (wards(deployer) is 0)
        • Ensure MCD_ESM address is already relied OR being relied (wards(MCD_ESM) is 1) in this spell (as approved by Governance Facilitators, in order to allow de-authing the pause proxy during Emergency Shutdown, via denyProxy)
        • Ensure that there are no other Rely events except for PAUSE_PROXY and MCD_ESM (using a block explorer like etherscan)
      • Source code matches corresponding github source code (e.g. diffcheck via vscode code --diff etherscan.sol github.sol)
      • Deployer address is included into addresses_deployers.sol
  • IF core system parameter changes are present in the instructions
    ℹ️ Although not being listed here, MCD_PAUSE.delay is changed within the spell via low level .setDelay(uint256) call, matches the archive pattern
  • IF debt ceiling changes are present in the instructions
  • IF additional dependencies (i.e. ./src/dependencies/ directory) are present:
    • 01-usds/*
      • IF the dependencies contracts/libraries have been audited
        ℹ️
        • Each contract/library exactly matches (i.e. diff check) the source code of the latest audited version
          ℹ️
      • OTHERWISE obtain the permalink to the relevant repository from a trusted party (i.e. Gov Facilitators)
        • Each contract/library exactly matches (i.e. diff check) the source code from the permalink
    • 02-susds/*
      • IF the dependencies contracts/libraries have been audited
        ℹ️
        • Each contract/library exactly matches (i.e. diff check) the source code of the latest audited version
          ℹ️
      • OTHERWISE obtain the permalink to the relevant repository from a trusted party (i.e. Gov Facilitators)
        • Each contract/library exactly matches (i.e. diff check) the source code from the permalink
    • 03-sky/*
      • IF the dependencies contracts/libraries have been audited
        ℹ️
        • Each contract/library exactly matches (i.e. diff check) the source code of the latest audited version
          ℹ️
      • OTHERWISE obtain the permalink to the relevant repository from a trusted party (i.e. Gov Facilitators)
        • Each contract/library exactly matches (i.e. diff check) the source code from the permalink
    • 04-univ2-pool-migrator/*
      • IF the dependencies contracts/libraries have been audited
        ℹ️
        • Each contract/library exactly matches (i.e. diff check) the source code of the latest audited version
          ℹ️
          • 04-univ2-pool-migrator/UniV2PoolMigratorInit.sol exactly matches audited original
      • OTHERWISE obtain the permalink to the relevant repository from a trusted party (i.e. Gov Facilitators)
        • Each contract/library exactly matches (i.e. diff check) the source code from the permalink
    • 05-flapper/*
      • IF the dependencies contracts/libraries have been audited
        ℹ️
        • Each contract/library exactly matches (i.e. diff check) the source code of the latest audited version
          ℹ️
      • OTHERWISE obtain the permalink to the relevant repository from a trusted party (i.e. Gov Facilitators)
        • Each contract/library exactly matches (i.e. diff check) the source code from the permalink
    • 06-farm/*
      • IF the dependencies contracts/libraries have been audited
        ℹ️
        • Each contract/library exactly matches (i.e. diff check) the source code of the latest audited version
          ℹ️
      • OTHERWISE obtain the permalink to the relevant repository from a trusted party (i.e. Gov Facilitators)
        • Each contract/library exactly matches (i.e. diff check) the source code from the permalink
    • 07-cron/*
      • IF the dependencies contracts/libraries have been audited
        • Each contract/library exactly matches (i.e. diff check) the source code of the latest audited version
      • OTHERWISE obtain the permalink to the relevant repository from a trusted party (i.e. Gov Facilitators)
        ℹ️ Source code is found at makerdao/dss-cron repo
        • Each contract/library exactly matches (i.e. diff check) the source code from the permalink
          ⚠️ 07-cron/VestedRewardsDistributionJobInit.sol almost matches source code. The difference is only affecting solidity version number (0.8.13 -> ^0.8.13). The change is required to make contract compilable with the 0.8.16 version set in the spell. As version change is minor, this difference is neglectable. Both functions used in the spell (init and setDist) are reviewed as if they are part of the spell itself
  • IF onboarding is present
  • IF PSM migration, onboarding or offboarding is present:
    ℹ️ Only PSM wrapper around existing LITE_PSM_USDC_A is added in this spell, no new PSM
  • IF collateral offboarding is present in the spell
    • 1st stage collateral offboarding
      • Collateral type (ilk) is removed from AutoLine (MCD_IAM_AUTO_LINE) IF currently enabled
      • Collateral debt ceiling (vat.ilk.line) is set to 0
      • Global debt ceiling (vat.Line) decreased by the total amount of offboarded ilks
    • 2nd stage collateral offboarding
      • All actions from the 1st stage offboarding are previously taken (EITHER in the current or past spells – check the archive)
      • Collateral liquidation penalty (chop) is set to 0 IF requested by governance
      • Flat keeper incentive (tip) is set to 0 IF requested by governance
      • Relative keeper incentive (chip) is set to 0 IF requested by governance
      • Max liquidation amount (hole) is adjusted via DssExecLib.setIlkMaxLiquidationAmount(ilk, amount) IF requested by governance
      • Relevant clipper contract (MCD_CLIP_) is active (i.e. stopped is 0)
      • Liquidations are triggered via (depending on governance instruction):
        • EITHER liquidation ratio (spotter.ilk.mat) being set very high in the spell (using DssExecLib.setValue(DssExecLib.spotter(), ilk, "mat", ratio))
        • OR via enabling linear interpolation (DssExecLib.linearInterpolation(name, target, ilk, what, startTime, start, end, duration))
          • Ensure name format matches "XXX-X Offboarding"
          • Ensure target matches DssExecLib.spotter() address
          • Ensure ilk format matches collateral type (ilk) name ("XXX-X")
          • Ensure what matches string "mat"
          • Ensure startTime matches block.timestamp
          • Ensure start uses variable CURRENT_XXX_A_MAT
          • Ensure start matches current spotter.ilk.mat value
          • Ensure end uses variable TARGET_XXX_A_MAT
          • Ensure end value matches the instruction
          • Ensure end allows liquidation of all remaining vaults (end is bigger than collateral_type_collateralization_ratio * risk_multiplier_factor)
          • Ensure duration matches the instruction
      • Spotter price is updated via DssExecLib.updateCollateralPrice(ilk) IF collateral have no running oracle (i.e. relevant PIP_ contract have outdated zzz value)
      • Spotter price is updated after all other actions
      • Offboarding is tested at least via _checkIlkClipper helper
  • IF RWA updates are present
    • IF doc is updated
      • _updateDoc helper is copied one-to-one from the archive and defined above actions
      • _updateDoc(ilk, doc) is called in the spell
    • IF debt ceiling is updated
      • IF AutoLine update is requested by the Exec Sheet
      • IF regular debt ceiling (vat.ilk.line) update is requested by the Exec Sheet
      • Liquidation oracle price is bumped via RwaLiquidationOracleLike(MIP21_LIQUIDATION_ORACLE).bump(ilk, val) pattern
        • Comment above bump explains val computation via // Note: the formula is: "debt_ceiling * [ (1 + rwa_stability_fee ) ^ (minimum_deal_duration_in_years) ] * liquidation_ratio"
        • Comment above bump provides locally executable formula (e.g. // bc -l <<< 'scale=18; 50000000 * e(l(1.07) * (3342/365)) * 1.00' | cast --to-wei)
          • The formula matches the example provided above
          • debt_ceiling in the executable formula matches new debt ceiling set in the spell or the maximum possible debt ceiling in case of the enabled AutoLine
          • rwa_stability_fee in the executable formula matches stability fee of the specified RWA found on chain
          • minimum_deal_duration_in_years in the executable formula matches number found in the Exec Sheet of the spell containing relevant RWA onboarding
          • liquidation_ratio in the executable formula matches liquidation ratio of the specified RWA found on chain
          • Executing formula locally provides integer number that matches the val in the spell
        • val makes sense in context of the rate mechanism
      • IF multiple RWA ilks are being combined into one, val calculation is done once per ilk and added to make the total, with separate executable formulas provided in comments. The existing val value can be retrieved by calling read() on PIP_RWAXX and converting the result into decimal
      • Oracle price is updated via DssExecLib.updateCollateralPrice(ilk)
      • IF soft liquidation explicitly requested to be triggered (via .tell(ilk)) AND debt ceiling is 0 (OR is being set to 0 in the current spell)
        • RwaLiquidationOracle.tell(ilk) call is present
        • IF RWAXX_A_INPUT_CONDUIT is an instance of TinlakeMgr (it is a Centrifuge integration), additional TinlakeMgr.tell() call is present (in order to prevent further TIN redemptions in the Centrifuge pool)
  • IF payments are present in the spell
    • IF MKR transfers are present
      • Recipient address in the instruction is in the checksummed format
      • Recipient address matches Exec Sheet
      • Recipient address variable name matches one found in addresses_wallets.sol
      • Transfer amount matches Exec Sheet
      • Transfer amount is specified with (at least) 2 decimals using ether keyword
      • IF ether keyword is used, comment is present on the same line // Note: ether is a keyword helper, only MKR is transferred here
      • The transfers are tested via testMKRPayments test
      • Sum of all MKR transfers tested in testMKRPayments matches number in the Exec Sheet
    • IF DAI surplus buffer transfers are present
      • Recipient address in the instruction is in the checksummed format
      • Recipient address matches Exec Sheet
      • Recipient address variable name matches one found in addresses_wallets.sol
      • Transfer amount matches Exec Sheet
      • The transfers are tested via testDAIPayments test
      • Sum of all DAI transfers tested in testDAIPayments matches number in the Exec Sheet
    • IF MKR or DAI streams (DssVest) are created
      ℹ️ New SKY stream is created in the spell via audited UsdsSkyFarmingInit.init call
      • VestAbstract interface is imported from dss-interfaces/dss/VestAbstract.sol
        ⚠️ DssVestLike is defined statically inside dependencies/06-farm/VestInit.sol, but matches interface of the vault (acceptable since only few methods are being used)
      • restrict is used for each stream, UNLESS otherwise explicitly stated in the Exec Sheet
      • usr (Vest recipient address) matches Exec Sheet
      • usr address in the instruction is in the checksummed format
      • usr address variable name match one found in addresses_wallets.sol
        ⚠️ The address is not present in the file with wallets since it's not a wallet, but a REWARDS_DIST_USDS_SKY contract added to chainlog via this spell
      • tot (Total stream amount) matches Exec Sheet
      • IF ether keyword is used, comment is present on the same line // Note: ether is a keyword helper, only MKR is transferred here
      • IF vest amount is expressed in 'per year' or similar in the Exec Sheet, account for leap days
      • bgn (Vest start timestamp) matches Exec Sheet
      • tau is expressed as bgn - fin (i.e. MONTH_DD_YYYY - MONTH_DD_YYYY)
        ⚠️ It's expressed as duration. As start date is based on the timestamp this rule is impossible to fulfill (which is not a problem)
      • fin (Vest end timestamp) matches Exec Sheet
      • eta (Vest cliff duration) matches the following logic
        • IF eta is explicitly specified in the Exec Sheet, then the values match
        • IF eta and clf (Cliff end timestamp) are not specified in the Exec Sheet, then eta is 0
        • IF clf is specified, but clf <= bgn, then eta is 0
        • IF clf is specified and clf > bgn, eta is expressed as clf - bgn (i.e. MONTH_DD_YYYY - MONTH_DD_YYYY)
      • IF mgr (Vest manager address) is specified in the Exec Sheet, matches the value, OTHERWISE matches address(0)
      • Ensure that max vesting rate (cap) is enough for the new streams
        • The maximum vesting rate (tot divided by tau) <= the maximum vest streaming rate (cap)
        • The maximum vesting rate (tot divided by tau) > the maximum vest streaming rate (cap)
        • Calculate new cap value equal to 10% greater than the new maximum vesting rate, then round new cap up with 2 significant figure precision (i.e. 2446 becomes 2500)
      • IF max vesting rate (cap) is changed in the spell
        • Governance facilitators were notified
        • Exec Sheet contain explicit instruction
        • Exec Doc contain explicit instruction
      • IF MKR stream (DssVestTransferrable) is present
        • Vest contract's MKR allowance increased by the cumulative total (the sum of all tot values)
        • Ensure allowance increase follows archive patterns
      • Tested via testVestDAI or testVestMKR
        ℹ️ Tested via new testVestSKY test
    • IF MKR or DAI vest termination (Yank) is present
      • Yanked stream ID matches Exec Sheet
      • MCD_VEST_MKR_TREASURY chainlog address is used for MKR stream yank
      • MCD_VEST_DAI chainlog address is used for DAI stream yank
      • Tested via testYankDAI or testYankMKR
  • IF SubDAO-related content is present
    • IF SubDAO provides SubProxy spell address
      • SubDAO spell address matches Exec Sheet
      • Executed via ProxyLike(SUBDAO_PROXY).exec(SUBDAO_SPELL, abi.encodeWithSignature("execute()"));
      • Execution is NOT delegate call
      • IF SubDAO spell deployer is a smart contract (e.g. multisig or factory), ensure the deployer address is in addresses_deployers.sol as an entry
      • Ensure that SubDAO spell have enough gas and does not revert with "out of gas" error inside simulation. Note: low level call gas estimation is not done by our scripts
    • IF SubDAO provides instructions to be executed by the main spell (i.e. that will operate within Pause Proxy DelegateCall context)
      • No SubDAO contract being interacted with is authed on a core contract like vat, etc. (Check comprehensively where the risk is high)
      • SubDAO contract licensing and optimizations generally do not matter (except where they pose a security risk)
      • SubDAO contracts and all libraries / dependencies have verified source code (Blocking)
      • Upgradable SubDAO contracts
        • Upgradable contracts have the PAUSE_PROXY as their admin (i.e. the party that can upgrade)
        • Any upgradable SubDAO contracts with an admin that is not PAUSE_PROXY are not authed on any core contracts (Blocking)
      • All SubDAO content addresses (i.e. provided contract addresses or EOAs) present in the Maker Core spell are present in the Exec Sheet and are correct. SubDAO addresses being authed or given any permissions MUST be in the Exec Sheet. SubDAO addresses being called must be confirmed by the SubDAO spell team.
      • IF addresses not PR'ed in by the SubDAO team (use git blame for example), SubDAO content addresses all have inline comment for provenance or source being OKed by SubDAO
      • SubDAO actions match Exec Sheet (only where inline with main spell code) and do not affect core contracts
      • Core contract knock-on actions (such as offboarding or setting DC to 0) are present in the exec and match the code
      • External calls for SubDAO content are NOT delegate call
      • Code does not have untoward behavior within the scope of Maker Core Contracts (e.g. up to the SubDAO proxy)
  • IF external contracts calls are present (Not SubDAOs, e.g. Starknet)
    ℹ️ We only communicate with maker-specific contracts (and Uniswap v2 pools) using audited code
    • Target Contract doesn't block spell execution
    • External call is NOT delegatecall
    • Target Contract doesn't have permissions on the Vat
    • Target Contract doesn't do anything untoward (e.g. interacting with unsafe contracts)
    • Contracts deployed via CREATE2 (e.g. if it looks like a vanity address) do not have selfdestruct in their code
    • MCD Pause Proxy doesn't give any approvals
    • All possible actions of the Target Contract are documented
    • Target contract is not upgradable
    • Target Contract is included in the ChainLog
    • Test Coverage is comprehensive
  • IF spell interacts with ChainLog
    • ChainLog version is incremented based on update type
      • Major -> New Vat (++.0.0)
      • Minor -> Core Module (DSS) Update (e.g. Flapper) (0.++.0)
      • Patch -> Collateral addition or addition/modification (0.0.++)
    • New addresses are added to the addresses_mainnet.sol
    • Changes are tested via testChainlogIntegrity and testChainlogValues
  • Ensure every spell variable is declared as public/internal
  • Ensure immutable visibility is only used when fetching addresses from the ChainLog via DssExecLib.getChangelogAddress(key) and constant is used instead for static addresses
    • Fetch addresses as type address and wrap with Like suffix interfaces inline (when making calls), UNLESS archive patterns permit otherwise (Such as MKR)
    • Use the DssExecLib Core Address Helpers where possible (e.g. DssExecLib.vat())
    • Where addresses are fetched from the ChainLog, the variable name must match the value of the ChainLog key for that address (e.g. MCD_VAT rather than vat), except where the archive pattern differs from this pattern (e.g. MKR)
  • Tests
    • Ensure that the DssExecLib.address file is not being modified by the spell PR
    • Check all CI tests are passing as at the latest commit
      Insert most recent commit hash where CI was passing
      057f402
    • Ensure every test function is declared as public
      • IF the test needs to run, it MUST NOT have the skipped modifier; OTHERWISE, it MUST have the skipped modifier
    • Ensure each spell action has sufficient test coverage
      List actions for which coverage was checked here
      • Set earliest execution date September 17, 12:00 UTC
        • ✅ Tested via testNextCastTimeMinEta
      • Do not authorize ESM in any new contracts
        • ℹ️ Tested manually in every new contract
      • Init USDS by calling UsdsInit.init
        • ✅ End-to-end tested via testSystemTokens
        • UsdsLike(instance.usds).rely(instance.usdsJoin);
          • ✅ Tested via testNewAuthorizations
        • dss.chainlog.setAddress("USDS", instance.usds);
          • ✅ Tested via testChainlogIntegrity and testChainlogValues
        • dss.chainlog.setAddress("USDS_IMP", instance.usdsImp);
          • ✅ Tested via testChainlogIntegrity and testChainlogValues
        • dss.chainlog.setAddress("USDS_JOIN", instance.usdsJoin);
          • ✅ Tested via testChainlogIntegrity and testChainlogValues
        • dss.chainlog.setAddress("DAI_USDS", instance.daiUsds);
          • ✅ Tested via testChainlogIntegrity and testChainlogValues
      • Init sUSDS by calling SUsdsInit.init
        • ✅ End-to-end tested via testSystemTokens
        • dss.vat.rely(instance.sUsds);
          • ✅ Tested via testNewAuthorizations
        • SUsdsLike(instance.sUsds).drip();
          • This is just a sanity action, as ssr is set to 0% atm, and there are no token holders
        • SUsdsLike(instance.sUsds).file("ssr", cfg.ssr);
          • ✅ Tested via testGeneral (using susds_ssr in _checkSystemValues base test)
        • dss.chainlog.setAddress("SUSDS", instance.sUsds);
          • ✅ Tested via testChainlogIntegrity and testChainlogValues
        • dss.chainlog.setAddress("SUSDS_IMP", instance.sUsdsImp);
          • ✅ Tested via testChainlogIntegrity and testChainlogValues
      • Init SKY by calling SkyInit.init
        • ✅ End-to-end tested via testSystemTokens
        • SkyLike(instance.sky).rely(instance.mkrSky);
          • ✅ Tested via testNewAuthorizations
        • MkrAuthorityLike(MkrLike(mkr).authority()).rely(instance.mkrSky);
          • ✅ Tested via testNewAuthorizations
        • dss.chainlog.setAddress("SKY", instance.sky);
          • ✅ Tested via testChainlogIntegrity and testChainlogValues
        • dss.chainlog.setAddress("MKR_SKY", instance.mkrSky);
          • ✅ Tested via testChainlogIntegrity and testChainlogValues
      • Migrate full DAI/MKR UniswapV2 liquidity into USDS/SKY by calling UniV2PoolMigratorInit.init
        • daiUsds.daiToUsds(pairUsdsSky, daiAmt);
          • ✅ Tested via testUniV2PoolMigration and testSystemTokens
        • mkrSky.mkrToSky(pairUsdsSky, mkrAmt);
          • ✅ Tested via testUniV2PoolMigration and testSystemTokens
        • PoolLike(pairUsdsSky).mint(pProxy);
          • ✅ Tested via testUniV2PoolMigration
      • Init Splitter by calling FlapperInit.initSplitter
        • splitter.file("hop", cfg.hop);
          • ✅ Tested via testGeneral (using split_hop in _checkSystemValues base test)
        • splitter.file("burn", cfg.burn);
          • ✅ Tested via testGeneral (using split_burn in _checkSystemValues base test)
        • splitter.rely(address(mom));
          • ✅ Tested via testSplitter and testNewAuthorizations
        • splitter.rely(address(dss.vow));
          • ✅ Tested via testSplitter and testNewAuthorizations
        • dss.vow.file("flapper", splitterInstance.splitter);
          • ✅ Tested via testSplitter
        • dss.vow.file("hump", cfg.hump);
          • ✅ Tested via testGeneral (using vow_hump_* in _checkSystemValues base test)
        • dss.vow.file("bump", cfg.bump);
          • ✅ Tested via testGeneral (using vow_bump in _checkSystemValues base test)
        • mom.setAuthority(dss.chainlog.getAddress("MCD_ADM"));
          • ✅ Tested via testGeneral (using splitter_mom_authority in _checkSystemValues base test)
        • dss.chainlog.setAddress(cfg.splitterChainlogKey, splitterInstance.splitter);
          • ✅ Tested via testChainlogIntegrity and testChainlogValues
        • if (cfg.prevMomChainlogKey != bytes32(0)) dss.chainlog.removeAddress(cfg.prevMomChainlogKey);
          • ✅ Tested via testRemoveChainlogValues (removal of FLAPPER_MOM)
        • dss.chainlog.setAddress(cfg.momChainlogKey, address(mom));
          • ✅ Tested via testChainlogIntegrity and testChainlogValues
      • Init new Flapper by calling FlapperInit.initFlapperUniV2
        • flapper.file("want", cfg.want);
          • ✅ Tested via testGeneral (using flap_want in _checkSystemValues base test)
        • flapper.file("pip", cfg.pip);
          • ✅ Tested via testSplitter
        • flapper.rely(cfg.splitter);
          • ✅ Tested via testSplitter and testNewAuthorizations
        • SplitterLike(cfg.splitter).file("flapper", flapper_);
          • ✅ Tested via testSplitter
        • if (cfg.prevChainlogKey != bytes32(0)) dss.chainlog.removeAddress(cfg.prevChainlogKey);
          • ℹ️ Have no effect, since the key is the same
        • dss.chainlog.setAddress(cfg.chainlogKey, flapper_);
          • ℹ️ Have no effect, since the key is the same
      • Init new Oracle by calling FlapperInit.initOracleWrapper
        • PipLike(wrapper.pip()).kiss(wrapper_);
          • ✅ Tested via testSplitter
        • dss.chainlog.setAddress(clKey, wrapper_);
          • ✅ Tested via testChainlogIntegrity and testChainlogValues
      • Setup DssVestMintable for SKY
        • DssExecLib.authorize(SKY, MCD_VEST_SKY);
          • ✅ Tested via testNewAuthorizations
        • DssExecLib.setValue(MCD_VEST_SKY, "cap", 800 * MILLION * WAD / 365 days);
          • ✅ Tested via testGeneral (using vest_sky_cap in _checkSystemValues base test)
        • DssExecLib.setChangelogAddress("MCD_VEST_SKY", MCD_VEST_SKY);
          • ✅ Tested via testChainlogIntegrity and testChainlogValues
      • Init USDS -> SKY rewards by calling UsdsSkyFarmingInit.init
        • ✅ End-to-end tested via testUsdsSkyRewards
        • StakingRewardsLike(rewards).setRewardsDistribution(p.dist);
          • ✅ Tested via testUsdsSkyRewards
        • DssVestLike(vest).create(p.usr, p.tot, p.bgn, p.tau, p.eta, address(0));
          • ✅ Tested via testVestSKY
        • DssVestLike(vest).restrict(vestId);
          • ✅ Tested via testVestSKY
        • VestedRewardsDistributionLike(dist).file("vestId", p.vestId);
          • ✅ Tested via testUsdsSkyRewards
        • chainlog.setAddress(p.rewardsKey, p.rewards);
          • ✅ Tested via testChainlogIntegrity and testChainlogValues
        • chainlog.setAddress(p.distKey, p.dist);
          • ✅ Tested via testChainlogIntegrity and testChainlogValues
      • Call distribute() in VestedRewardsDistribution contract
        • VestedRewardsDistributionLike(REWARDS_DIST_USDS_SKY).distribute();
          • ✅ Tested via testUsdsSkyRewards (by checking lastDistributedAt)
      • Initialize the new cron job by calling VestedRewardsDistributionJobInit.init
        • sequencer.addJob(job);
          • ✅ Tested via testNewCronJobs
        • chainlog.setAddress(cfg.jobKey, job);
          • ✅ Tested via testChainlogIntegrity and testChainlogValues
      • Add VestedRewardsDistribution to the new cron job by calling VestedRewardsDistributionJobInit.setDist
        • VestedRewardsDistributionJobLike(job).set(cfg.dist, cfg.interval);
          • ✅ Tested via testVestedRewardsDistributionJob
      • Init Rewards-01 by calling Usds01PreFarmingInit.init
        • End-to-end tested via testUsds01Rewards
        • chainlog.setAddress(p.rewardsKey, p.rewards);
          • ✅ Tested via testChainlogIntegrity and testChainlogValues
      • Add LitePsmWrapper to the Chainlog
        • ✅ End-to-end tested via testUsdsPsmWrapper
        • DssExecLib.setChangelogAddress("WRAPPER_USDS_LITE_PSM_USDC_A", WRAPPER_USDS_LITE_PSM_USDC_A);
          • ✅ Tested via testChainlogIntegrity and testChainlogValues
      • Update GSM Delay
        • PauseLike(MCD_PAUSE).setDelay(16 hours);
          • ✅ Tested via testGeneral (using pause_delay in _checkSystemValues base test)
      • Bump chainlog
        • DssExecLib.setChangelogVersion("1.18.0");
          • ✅ Tested via testChainlogValues (using chainlog_version in _testChainlogValues base test)
    • Ensure that any other env variable does not affect execution of the tests (for example, by inspecting the output of printenv | grep "FOUNDRY_\|DAPP_")
    • Check all tests are passing locally using make test
      • Ensure every test listed in the coverage item above is present in the logs and with the [PASS] prefix.
        ℹ️ Unique test functions listed in the coverage item above:
        • testNextCastTimeMinEta
        • testSystemTokens
        • testNewAuthorizations
        • testChainlogIntegrity
        • testChainlogValues
        • testGeneral
        • testUniV2PoolMigration
        • testSplitter
        • testRemoveChainlogValues
        • testUsdsSkyRewards
        • testVestSKY
        • testNewCronJobs
        • testVestedRewardsDistributionJob
        • testUsds01Rewards
        • testUsdsPsmWrapper
_Insert your local test logs here_
./scripts/test-dssspell-forge.sh no-match="" match="" block=""
Using DssExecLib at: 0x8De6DDbCd5053d32292AAA0D2105A32d108484a6
[⠊] Compiling...
[⠒] Compiling 4 files with Solc 0.8.16
[⠆] Solc 0.8.16 finished in 12.54s
Compiler run successful!

Ran 2 tests for src/test/starknet.t.sol:StarknetTests
[PASS] testStarknet() (gas: 3272751)
[PASS] testStarknetSpell() (gas: 2309)
Suite result: ok. 2 passed; 0 failed; 0 skipped; finished in 12.99s (12.03s CPU time)

Ran 45 tests for src/DssSpell.t.sol:DssSpellTest
[SKIP] testBytecodeMatches() (gas: 0)
[PASS] testCastCost() (gas: 3149889)
[PASS] testCastOnTime() (gas: 3146919)
[PASS] testChainlogIntegrity() (gas: 8821248)
[PASS] testChainlogValues() (gas: 10398867)
[SKIP] testCollateralIntegrations() (gas: 0)
[PASS] testContractSize() (gas: 10909)
[SKIP] testDAIPayments() (gas: 0)
[SKIP] testDaoResolutions() (gas: 0)
[PASS] testDeployCost() (gas: 5315800)
[SKIP] testEsmAuth() (gas: 0)
[PASS] testGeneral() (gas: 28883707)
[SKIP] testIlkClipper() (gas: 0)
[SKIP] testL2ArbitrumSpell() (gas: 0)
[SKIP] testL2OptimismSpell() (gas: 0)
[SKIP] testLerpSurplusBuffer() (gas: 0)
[PASS] testLitePSMs() (gas: 4023792)
[SKIP] testMKRPayments() (gas: 0)
[SKIP] testMedianizers() (gas: 0)
[PASS] testNewAuthorizations() (gas: 3208391)
[PASS] testNewCronJobs() (gas: 3155704)
[SKIP] testNewIlkRegistryValues() (gas: 0)
[SKIP] testNextCastTime() (gas: 0)
[PASS] testNextCastTimeMinEta() (gas: 684024)
[SKIP] testOSMs() (gas: 0)
[SKIP] testOffboardings() (gas: 0)
[PASS] testOfficeHours() (gas: 12233)
[SKIP] testOracleList() (gas: 0)
[PASS] testPSMs() (gas: 4334093)
[PASS] testRemoveChainlogValues() (gas: 3153480)
[PASS] testRevertIfNotScheduled() (gas: 16808)
[SKIP] testSparkSpellIsExecuted() (gas: 0)
[PASS] testSplitter() (gas: 3498496)
[PASS] testSystemTokens() (gas: 3862547)
[PASS] testUniV2PoolMigration() (gas: 3172918)
[PASS] testUsds01Rewards() (gas: 3255353)
[PASS] testUsdsPsmWrapper() (gas: 3516106)
[PASS] testUsdsSkyRewards() (gas: 3359247)
[PASS] testUseEta() (gas: 341839)
[SKIP] testVestDAI() (gas: 0)
[SKIP] testVestMKR() (gas: 0)
[PASS] testVestSKY() (gas: 3553767)
[PASS] testVestedRewardsDistributionJob() (gas: 3294637)
[SKIP] testYankDAI() (gas: 0)
[SKIP] testYankMKR() (gas: 0)
Suite result: ok. 24 passed; 0 failed; 21 skipped; finished in 104.01s (231.92s CPU time)

Ran 2 test suites in 104.50s (117.00s CPU time): 26 tests passed, 0 failed, 21 skipped (47 total tests)

Pre-Deployment Stage

  • Wait till the Exec Doc is merged
  • Exec Doc checks
    • Exec Doc for the specified date is found in the makerdao/community GitHub repo
      ℹ️ https://github.com/makerdao/community/blob/master/governance/votes/Executive%20vote%20-%20September%2013%2C%202024.md
    • Exec Doc file name follows the format Executive vote - Month DD, YYYY.md
    • Extract permanent URL to the raw markdown file and paste it below
      Insert your Raw Exec Doc URL here
      https://raw.githubusercontent.com/makerdao/community/4911c55070a1f40998da1caba08bda37d6c615bb/governance/votes/Executive%20vote%20-%20September%2013%2C%202024.md
    • Ensure the URL uses commit hash that introduced last change to the Exec Doc, NOT merge commit
      • IF there is no local copy of makerdao/community GitHub repo), run: 
        git clone https://github.com/makerdao/community
      • OTHERWISE, ensure it is pointing to the latest commit on master: 
        git switch master && git pull origin master
      • Get the latest commit hash for the exec doc: 
        git log --pretty=oneline -1 -- "governance/votes/Executive vote - September 13, 2024.md"
    • Using Exec Doc URL from the above and the TARGET_DATE, generate Exec Doc Hash via make exec-hash date=$TARGET_DATE $URL
      Insert your Exec Doc Hash here
      ⚠️ The script doesn't work as in many previous spells. There is a PR waiting to be merged after this spell that fixes it. The hash is checked manually below
    • Using Exec Doc URL from the above, generate Exec Doc Hash via cast keccak -- "$(curl '$URL' -o - 2>/dev/null)"
      Insert your Exec Doc Hash here
      0xdf8af8066b5e0a90668ab343a1244624c58a30b568ff9113dbc82a22a77d0cf6
    • Make sure that hash above doesn't match keccak hash of the empty string (0xc5d2460186f7233c927e7db2dcc703c0e500b653ca82273b7bfad8045d85a470)
    • Using Exec Doc URL from the above, read spell instructions from the Exec Doc and list them below
      List all instructions announced in the Exec Doc
      • Execution date restriction
        • This executive proposal has its earliest execution date set to September 17, 2024 at 12:00 UTC
      • New Contract ESM Exclusion
        • The Emergency Shutdown Module (ESM) will not be authorized in any new contracts deployed for this proposal.
      • USDS, sUSDS, and SKY Tokens Initialization
        • Initialize USDS by calling UsdsInit.Init with the following parameters:
          • usds: 0xdC035D45d973E3EC169d2276DDab16f1e407384F
          • usdsImp: 0x1923DfeE706A8E78157416C29cBCCFDe7cdF4102
          • UsdsJoin: 0x3C0f895007CA717Aa01c8693e59DF1e8C3777FEB
          • DaiUsds: 0x3225737a9Bbb6473CB4a45b7244ACa2BeFdB276A
        • Initialize sUSDS by calling sUsdsInit.Init with the following parameters:
          • susds: 0xa3931d71877C0E7a3148CB7Eb4463524FEc27fbD
          • sUsdsImp: 0x4e7991e5C547ce825BdEb665EE14a3274f9F61e0
          • UsdsJoin: 0x3C0f895007CA717Aa01c8693e59DF1e8C3777FEB
          • usds: 0xdC035D45d973E3EC169d2276DDab16f1e407384F
          • ssr: 6.25%
        • Initialize SKY by calling SkyInit.Init with the following parameters:
          • sky 0x56072C95FAA701256059aa122697B133aDEd9279
          • mkrSky 0xBDcFCA946b6CDd965f99a839e4435Bcdc1bc470B
          • rate: 24,000
        • These functions will also add the following elements to the chainlog:
          • 0xdC035D45d973E3EC169d2276DDab16f1e407384F USDS
          • 0x1923DfeE706A8E78157416C29cBCCFDe7cdF4102 USDS_IMP
          • 0x3C0f895007CA717Aa01c8693e59DF1e8C3777FEB USDS_JOIN
          • 0x3225737a9Bbb6473CB4a45b7244ACa2BeFdB276A DAI_USDS
          • 0xa3931d71877C0E7a3148CB7Eb4463524FEc27fbD SUSDS
          • 0x4e7991e5C547ce825BdEb665EE14a3274f9F61e0 SUSDS_IMP
          • 0x56072C95FAA701256059aa122697B133aDEd9279 SKY
          • 0xBDcFCA946b6CDd965f99a839e4435Bcdc1bc470B MKR_SKY
        • The following permissions will be granted by the functions mentioned above:
          • The usdsJoin Adapter will be authorized in the usds contract
          • The sUSDS contract will be authorized to access the vat
          • The mkrSky contract will be authorized in the sky contract
          • The mkrSky contract will be authorized in the MkrAuthority contract
        • Smart Burn Engine (SBE) Upgrade
          • UniV2 Pool Migration
            • The DAI/MKR UniV2 pool funds will be migrated to the USDS/SKY UniV2 pool by executing the UniV2 Pool Migrator script with the following parameters:
              • pairDaiMkr: 0x517F9dD285e75b599234F7221227339478d0FcC8
              • pairUsdsSky: 0x2621CC0B3F3c079c1Db0E80794AA24976F0b9e3c
          • The Splitter will be initialized by calling the FlapperInit.initSplitter function with the following parameters:
            • splitter: 0xBF7111F13386d23cb2Fba5A538107A73f6872bCF
            • mom: 0xF51a075d468dE7dE3599C1Dc47F5C42d02C9230e
            • hump: 55 million DAI
            • bump: 65,000 DAI
            • hop: 10,249 seconds
            • burn: 100% (1 * WAD)
            • usdsJoin: 0x3C0f895007CA717Aa01c8693e59DF1e8C3777FEB
            • splitterChainlogKey: MCD_SPLIT
            • prevMomChainlogKey: FLAPPER_MOM
            • momChainlogKey: SPLITTER_MOM
          • The state variable flapper in the vow will be changed to the splitter address by calling file through the FlapperInit.initSplitter function.
          • The Flapper will be initialized by calling the FlapperInit.initFlapperUniV2 function with the following parameters:
            • flapper_: 0xc5A9CaeBA70D6974cBDFb28120C3611Dd9910355
            • want: 98% (98 * WAD / 100)
            • pip: 0x38e8c1D443f546Dc014D7756ec63116161CB7B25
            • pair: 0x2621CC0B3F3c079c1Db0E80794AA24976F0b9e3c
            • usds: 0xdC035D45d973E3EC169d2276DDab16f1e407384F
            • splitter: 0xBF7111F13386d23cb2Fba5A538107A73f6872bCF
            • prevChainlogKey: MCD_FLAP
            • chainlogKey: MCD_FLAP
          • The Oracle will be initialized by calling the FlapperInit.initOracleWrapper function with the following parameters:
            • wrapper_: 0x38e8c1D443f546Dc014D7756ec63116161CB7B25
            • divisor: 24,000
            • clKey: FLAP_SKY_ORACLE
          • Wrapper will be authorized to read the MKR oracle price through the FlapperInit.initOracleWrapper function.
        • SKY DssVestMintable Setup
          • Authorize DssVestMintable on SKY by calling DssExecLib.authorize with the following parameters:
            • _base: 0x56072C95FAA701256059aa122697B133aDEd9279
            • _ward: 0xB313Eab3FdE99B2bB4bA9750C2DDFBe2729d1cE9
          • Set DssVestMintable max rate (cap) by calling DssExecLib.setValue with the following parameters:
            • _base: 0xB313Eab3FdE99B2bB4bA9750C2DDFBe2729d1cE9
            • _what: "cap"
            • _amt: 799,999,999.999999999985808000 SKY per year (800M * WAD / 365 days )
          • Add DssVestMintable to Chainlog by calling DssExecLib.setChangelogAddress with the following parameters:
            • _key: MCD_VEST_SKY
            • _val: 0xB313Eab3FdE99B2bB4bA9750C2DDFBe2729d1cE9
        • USDS->SKY Farming Setup
          • Initialize USDS->SKY Token Rewards (STR) by calling UsdsSkyFarmingInit.init with the following parameters:
            • usds: 0xdC035D45d973E3EC169d2276DDab16f1e407384F
            • sky: 0x56072C95FAA701256059aa122697B133aDEd9279
            • rewards: 0x0650CAF159C5A49f711e8169D4336ECB9b950275
            • rewardsKey: REWARDS_USDS_SKY
            • dist: 0x2F0C88e935Db5A60DDA73b0B4EAEef55883896d9
            • distKey: REWARDS_DIST_USDS_SKY
            • vest: 0xB313Eab3FdE99B2bB4bA9750C2DDFBe2729d1cE9
            • vestTot: 600M * WAD
            • vestBgn: block.timestamp - 7 days
            • vestTau: 365 days - 1
            • Call distribute() in VestedRewardsDistribution contract in the spell execution.
          • The following SKY vesting stream will be created for rewards distribution through the UsdsSkyFarmingInit.init function:
            • SKY Vesting Stream | from 'block.timestamp - 7 days' for '365 days - 1' | 600M * WAD SKY | 0x2F0C88e935Db5A60DDA73b0B4EAEef55883896d9
          • Initialize the new cron job by calling VestedRewardsDistributionJobInit.init with the following parameters:
            • job: 0x6464C34A02DD155dd0c630CE233DD6e21C24F9A5
            • cfg.jobKey: CRON_REWARDS_DIST_JOB
          • Add VestedRewardsDistribution to the new cron job by calling VestedRewardsDistributionJobInit.setDist with the following parameters:
            • job: 0x6464C34A02DD155dd0c630CE233DD6e21C24F9A5
            • cfg.dist: 0x2F0C88e935Db5A60DDA73b0B4EAEef55883896d9
            • cfg.interval: 7 days - 1 hours
        • USDS->01 Farming Setup
          • Initialize STR 01 Rewards by calling Usds01PreFarmingInit.init with the following parameters:
            • usds: 0xdC035D45d973E3EC169d2276DDab16f1e407384F
            • rewards: 0x10ab606B067C9C461d8893c47C7512472E19e2Ce
            • rewardsKey: REWARDS_USDS_01
        • LitePsmWrapper Addition to the Chainlog
          • Add LitePsmWrapper to the Chainlog by calling DssExecLib.setChangelogAddress with the following parameters:
            • _key: WRAPPER_USDS_LITE_PSM_USDC_A
            • _val: 0xA188EEC8F81263234dA3622A406892F3D630f98c
        • GSM Pause Delay Update
          • GSM Pause Delay will be decreased by 14 hours, from 30 hours to 16 hours
    • Office hours value in the Exec Doc matches the spell
      ⚠️ Office hours are not mentioned in the Exec Doc, which implies they are not set. They are also explicitely set to No in the Exec Sheet
    • Sum of all payments in the Exec Doc matches the tests
    • Exec Doc URL in the spell comment matches your Raw Exec Doc URL above
    • Exec Doc URL in the spell comment refers to the https://github.com/makerdao/community repository
    • Every action present in the spell code is present in the Exec Doc
    • Every action in the Exec Doc is present in the spell code
  • IF new commits are present in the spell
    • Copy relevant checklist items from the above and redo them
    • Ensure newly added code is covered by tests
    • Check if chainlog needs to be updated
    • Copy over and redo "Tests" section from the above
  • IF all checks pass, make sure to include explicit "Good to deploy" comment

@0xdecr1pto
Copy link
Contributor

Good to deploy!

Development Stage

  • Preparation

    • Exec Sheet for the specified date is found in the "Executive Vote Implementation Process" google sheet
      https://docs.google.com/spreadsheets/d/1w_z5WpqxzwreCcaveB2Ye1PP5B8QAHDglzyxKHG3CHw/edit?gid=1165645248#gid=1165645248
    • Using Exec Sheet URL from the above, read spell instructions from the Exec Sheet and list them below
      • Set earliest execution date September 17, 12:00 UTC
      • Do not authorize ESM in any new contracts
      • New Tokens Init
        • Init USDS by calling UsdsInit.init with the following parameters:
          • Init USDS with usds parameter being 0xdC035D45d973E3EC169d2276DDab16f1e407384F
          • Init USDS with usdsImp parameter being 0x1923DfeE706A8E78157416C29cBCCFDe7cdF4102
          • Init USDS with UsdsJoin parameter being 0x3C0f895007CA717Aa01c8693e59DF1e8C3777FEB
          • Init USDS with DaiUsds parameter being 0x3225737a9Bbb6473CB4a45b7244ACa2BeFdB276A
          • Add usds to chainlog with key "USDS" via the UsdsInit.init function
          • Add usdsImp to chainlog under the key "USDS_IMP" via the UsdsInit.init function
          • Add UsdsJoin to chainlog under the key "USDS_JOIN" via the UsdsInit.init function
          • Add DaiUsds to chainlog under the key "DAI_USDS" via the UsdsInit.init function
          • The usdsJoin Adapter will be authorized in the usds contract by calling rely via the UsdsInit.init function
        • Init sUSDS by calling SUsdsInit.init with the following parameters:
          • Init sUSDS with sUsds parameter being 0xa3931d71877C0E7a3148CB7Eb4463524FEc27fbD
          • Init sUSDS with sUsdsImp parameter being 0x4e7991e5C547ce825BdEb665EE14a3274f9F61e0
          • Init sUSDS with usdsJoin parameter being 0x3C0f895007CA717Aa01c8693e59DF1e8C3777FEB
          • Init sUSDS with usds parameter being 0xdC035D45d973E3EC169d2276DDab16f1e407384F
          • Init sUSDS with ssr parameter being 6.25%
          • Add sUsds to chainlog under the key "SUSDS" via the SUsdsInit.init function
          • Add sUsdsImp to chainlog under the key "SUSDS_IMP" via the SUsdsInit.init function
          • sUSDS will be authorized to access the vat by calling rely via the SUsdsInit.init function
        • Init SKY by calling SkyInit.init with the following parameters:
          • Init SKY with sky parameter being 0x56072C95FAA701256059aa122697B133aDEd9279
          • Init SKY with mkrSky parameter being 0xBDcFCA946b6CDd965f99a839e4435Bcdc1bc470B
          • Init SKY with rate parameter being 24,000
          • Add sky to chainlog under the key "SKY" via the SkyInit.init function
          • Add mkrSky to chainlog under the key "MKR_SKY" via the SkyInit.init function
          • The mkrSky contract will be authorized in the sky contract by calling rely via the SkyInit.init function
          • The mkrSky contract will be authorized in the MkrAuthority contract by calling rely via the SkyInit.init function
      • Pool Migration and Flapper Init
        • Migrate full DAI/MKR UniswapV2 liquidity into USDS/SKY by calling UniV2PoolMigratorInit.init with the following parameters:
          • Migrate liquidity to the new pool with pairDaiMkr parameter being 0x517F9dD285e75b599234F7221227339478d0FcC8
          • Migrate liquidity to the new pool with pairUsdsSky parameter being 0x2621CC0B3F3c079c1Db0E80794AA24976F0b9e3c
        • Init Splitter by calling FlapperInit.initSplitter with the following parameters:
          • Init Splitter with splitter parameter being 0xBF7111F13386d23cb2Fba5A538107A73f6872bCF
          • Init Splitter with mom parameter being 0xF51a075d468dE7dE3599C1Dc47F5C42d02C9230e
          • Init Splitter with hump parameter being 55M DAI
          • Init Splitter with bump parameter being 65,000 DAI/USDS
          • Init Splitter with hop parameter being 10,249 seconds
          • Init Splitter with burn parameter being 100% (1 * WAD)
          • Init Splitter with usdsJoin parameter being 0x3C0f895007CA717Aa01c8693e59DF1e8C3777FEB
          • Init Splitter with splitterChainlogKey parameter being MCD_SPLIT
          • Init Splitter with prevMomChainlogKey parameter being FLAPPER_MOM
          • Init Splitter with momChainlogKey parameter being SPLITTER_MOM
          • The flapper variable in the vow will be changed by the splitter address by calling file via the initSplitter function
        • Init new Flapper by calling FlapperInit.initFlapperUniV2 with the following parameters:
          • Init new Flapper with flapper_ parameter being 0xc5A9CaeBA70D6974cBDFb28120C3611Dd9910355
          • Init new Flapper with want parameter being 98% (98 * WAD / 100)
          • Init new Flapper with pip parameter being 0x38e8c1D443f546Dc014D7756ec63116161CB7B25
          • Init new Flapper with pair parameter being 0x2621CC0B3F3c079c1Db0E80794AA24976F0b9e3c
          • Init new Flapper with usds parameter being 0xdC035D45d973E3EC169d2276DDab16f1e407384F
          • Init new Flapper with splitter parameter being 0xBF7111F13386d23cb2Fba5A538107A73f6872bCF
          • Init new Flapper with prevChainlogKey parameter being MCD_FLAP
          • Init new Flapper with chainlogKey parameter being MCD_FLAP
        • Init new Oracle by calling FlapperInit.initOracleWrapper with the following parameters:
          • Init new Oracle with wrapper_ parameter being 0x38e8c1D443f546Dc014D7756ec63116161CB7B25
          • Init new Oracle with divisor parameter being 24,000
          • Init new Oracle with clKey parameter being FLAP_SKY_ORACLE
          • Authorize wrapper to read MKR oracle price
      • Setup DssVestMintable for SKY
        • Authorize DssVestMintable on SKY by calling DssExecLib.authorize with the following parameters:
          • Authorize DssVestMintable on SKY with _base parameter being 0x56072C95FAA701256059aa122697B133aDEd9279
          • Authorize DssVestMintable on SKY with _ward parameter being 0xB313Eab3FdE99B2bB4bA9750C2DDFBe2729d1cE9
        • Set DssVestMintable max rate (cap) by calling DssExecLib.setValue with the following parameters:
          • Set DssVestMintable max rate (cap) with _base parameter being 0xB313Eab3FdE99B2bB4bA9750C2DDFBe2729d1cE9
          • Set DssVestMintable max rate (cap) with _what parameter being "cap"
          • Set DssVestMintable max rate (cap) with _amt parameter being 799,999,999.999999999985808000 Sky per year (800M * WAD / 365 days )
        • Add DssVestMintable to Chainlog by calling DssExecLib.setChangelogAddress with the following parameters:
          • Add DssVestMintable to Chainlog with _key parameter being MCD_VEST_SKY
          • Add DssVestMintable to Chainlog with _val parameter being 0xB313Eab3FdE99B2bB4bA9750C2DDFBe2729d1cE9
      • USDS => SKY Farm Setup
        • Init USDS -> SKY rewards by calling UsdsSkyFarmingInit.init with the following parameters:
          • Init USDS -> SKY rewards with usds parameter being 0xdC035D45d973E3EC169d2276DDab16f1e407384F
          • Init USDS -> SKY rewards with sky parameter being 0x56072C95FAA701256059aa122697B133aDEd9279
          • Init USDS -> SKY rewards with rewards parameter being 0x0650CAF159C5A49f711e8169D4336ECB9b950275
          • Init USDS -> SKY rewards with rewardsKey parameter being REWARDS_USDS_SKY
          • Init USDS -> SKY rewards with dist parameter being 0x2F0C88e935Db5A60DDA73b0B4EAEef55883896d9
          • Init USDS -> SKY rewards with distKey parameter being REWARDS_DIST_USDS_SKY
          • Init USDS -> SKY rewards with vest parameter being 0xB313Eab3FdE99B2bB4bA9750C2DDFBe2729d1cE9
          • Init USDS -> SKY rewards with vestTot parameter being 600M * WAD
          • Init USDS -> SKY rewards with vestBgn parameter being block.timestamp - 7 days
          • Init USDS -> SKY rewards with vestTau parameter being 365 days - 1
          • Call distribute() in VestedRewardsDistribution contract in the spell execution
          • SKY Vesting Stream | from 'block.timestamp - 7 days' for '365 days - 1' | 600M * WAD SKY | 0x2F0C88e935Db5A60DDA73b0B4EAEef55883896d9
        • Initialize the new cron job by calling VestedRewardsDistributionJobInit.init with the following parameters:
          • Initialize cron job with job parameter being 0x6464C34A02DD155dd0c630CE233DD6e21C24F9A5
          • Initialize cron job with cfg.jobKey parameter being CRON_REWARDS_DIST_JOB
        • Add VestedRewardsDistribution to the new cron job by calling VestedRewardsDistributionJobInit.setDist with the following parameters:
          • Add VestedRewardsDistribution to the new cron job with job parameter being 0x6464C34A02DD155dd0c630CE233DD6e21C24F9A5
          • Add VestedRewardsDistribution to the new cron job with cfg.dist parameter being 0x2F0C88e935Db5A60DDA73b0B4EAEef55883896d9
          • Add VestedRewardsDistribution to the new cron job with cfg.interval parameter being 7 days - 1 hours
      • USDS => 01 Farm Setup
        • Init Rewards-01 by calling Usds01PreFarmingInit.init with the following parameters:
          • Init Rewards-01 with usds parameter being 0xdC035D45d973E3EC169d2276DDab16f1e407384F
          • Init Rewards-01 with rewards parameter being 0x10ab606B067C9C461d8893c47C7512472E19e2Ce
          • Init Rewards-01 with rewardsKey parameter being REWARDS_USDS_01
      • MISC
        • Add LitePsmWrapper to the Chainlog by calling DssExecLib.setChangelogAddress with the following parameters:
          • Add LitePsmWrapper to the Chainlog with _key parameter being WRAPPER_USDS_LITE_PSM_USDC_A
          • Add LitePsmWrapper to the Chainlog with _val parameter being 0xA188EEC8F81263234dA3622A406892F3D630f98c
        • Update GSM Delay
          • Reduce GSM Delay by 14 hours, from 30 hours to 16 hours by calling MCD_PAUSE.setDelay

  • Base checks

    • Current solc version 0.8.16
    • Office hours is true IF spell introduces a major change that can affect external parties (e.g.: keepers are affected in case of collateral offboarding) OTHERWISE explicitly set to false
    • Office hours value matches the Exec Sheet
    • 30 days spell expiry set in the constructor (block.timestamp + 30 days)

  • Spell description

    • Description follows the format TARGET_DATE MakerDAO Executive Spell | Hash: EXEC_DOC_HASH
    • TARGET_DATE in the description matches the target date
    • Accompanying comment above spell description follows the format // Hash: cast keccak -- "$(wget 'EXEC_DOC_URL' -q -O - 2>/dev/null)"

  • Comments inside the spell

    • Every Section text from the Exec Sheet is copied to the spell code as a comment surrounded by the set of dashes (E.g. // ----- Section text -----)
    • Every Instruction text from the Exec Sheet is copied to the spell code as // Instruction text
    • Every Instruction text have newline above it
      Not fully followed, but not blocking
    • IF an instruction can not be taken, it should have explanation under the instruction prefixed with // Note: (e.g.: // Note: Payments are skipped on goerli)
    • IF action in the spell doesn't have relevant instruction (e.g.: chainlog version bump), the necessity of it is explained in the comment above prefixed with // Note:
    • Every proof url from the Exec Sheet, such as Reasoning URL and Authority URL is present in the spell code under relevant section or instruction (depending on which row the url is present)
    • Every proof url from the Exec Sheet, such as Reasoning URL and Authority URL have prefix derived from the url itself
      • // Poll: if URL starts with https://vote.makerdao.com/polling/
      • // Forum: if URL starts with https://forum.makerdao.com/t/

  • Dependency checks

    • Update Foundry by running foundryup
    • Reinstall libraries by running rm -rf ./lib && git submodule update --init --recursive 
      Submodule path 'lib/dss-exec-lib': checked out '69b658f35d8618272cd139dfc18c5713caf6b96b'
Submodule path 'lib/dss-exec-lib/lib/dss-interfaces': checked out '9bfd7afadd1f8c217ef05850b2555691786286cb'
Submodule path 'lib/dss-exec-lib/lib/forge-std': checked out '0aa99eb8456693c015350c5e6c4f442ebe912f77'
Submodule path 'lib/dss-exec-lib/lib/forge-std/lib/ds-test': checked out 'cd98eff28324bfac652e63a239a60632a761790b'
Submodule path 'lib/dss-test': checked out '36ff4adbcb35760614e0d2df864026991c23d028'
Submodule path 'lib/dss-test/lib/dss-interfaces': checked out '9bfd7afadd1f8c217ef05850b2555691786286cb'
Submodule path 'lib/dss-test/lib/forge-std': checked out '155d547c449afa8715f538d69454b83944117811'
Submodule path 'lib/dss-test/lib/forge-std/lib/ds-test': checked out 'e282159d5170298eb2455a6c05280ab5a73a4ef0'
    • git submodule hash of dss-exec-lib (run git submodule status) matches the latest release version or newer
    • dss-interfaces library used inside lib/dss-exec-lib matches submodule used inside lib/dss-test

  • IF interfaces are present in the spell

    • Static Interfaces
      • No unused static interfaces
      • Declared static interface not present in the dss-interfaces, OTHERWISE should be imported from there
        Some of interfaces from dss-interfaces declared because of unused functions
      • Interface matches deployed contract using cast interface <contract_address> command
      • Interface naming style should match with Like suffix (e.g. VatLike)
      • Each static interface declare only functions actually used in the spell code

  • IF variable declarations are present in the spell

    • IF precision units are present
      • Precision units used in the spell match their defined values:
        • WAD = 10 ** 18
        • RAD = 10 ** 45
      • Precision units match with Numerical Ranges
      • Each variable visibility is declared as internal
      • Each variable state mutability is declared as constant
    • IF math units are present
      • Match their defined values:
        • THOUSAND = 10 ** 3
        • MILLION = 10 ** 6
      • Match with config
      • Each variable visibility is declared as internal
      • Each variable state mutability is declared as constant
    • IF rates are present
      • Rates match generated locally via make rates pct=<pct> (e.g. pct=0.75, for 0.75%)
      • Rates match IPFS document
      • Rate variable name conforms to X_PT_Y_Z_PCT_RATE (e.g. ZERO_PT_SEVEN_FIVE_PCT_RATE for 0.75%)
      • Rate variable visibility declared as internal
      • Rate variable state mutability declared as constant
    • IF timestamps are present
      • Comment above timestamp states full date including UTC timezone
      • Timestamp converts back to the correct date
      • Timestamp converts back to the UTC timezone
      • Variable naming matches MMM_DD_YYYY (e.g. JAN_01_2023 for 2023-01-01)
        SEP_17_2024_NOON_UTC variable also contain time & timezone
      • Time of day makes logical sense in the context of timestamp usage (i.e. 23:59:59 UTC for the final day of something, 00:00:00 UTC for the first day of something)
      • Each variable visibility is declared as internal
        MIN_ETA declared as public
      • Each variable state mutability is declared as constant

  • IF new contract is present in the spell (not yet on chainlog or new to chainlog)
    All contracts source code checked against audited commit source

    • Source code is verified on etherscan
    • Compilation optimizations match deployment settings defined in the source code rep
    • GNU AGPLv3 license
      Expected and not a blocker
    • Every maker-related constructor argument matches chainlog (e.g. vat, dai, dog, ...)
    • IF new contract have concept of wards or access control
      • Ensure PAUSE_PROXY address was relied (wards(PAUSE_PROXY) is 1)
      • Ensure that contract deployer address was denied (wards(deployer) is 0)
      • Ensure MCD_ESM address is already relied OR being relied (wards(MCD_ESM) is 1) in this spell (as approved by Governance Facilitators, in order to allow de-authing the pause proxy during Emergency Shutdown, via denyProxy)
        Forced by Do not authorize ESM in any new contracts action
      • Ensure that there are no other Rely events except for PAUSE_PROXY and MCD_ESM (using a block explorer like etherscan)
    • Source code matches corresponding github source code (e.g. diffcheck via vscode code --diff etherscan.sol github.sol)
    • Deployer address is included into addresses_deployers.sol

    • USDS_IMP 0x1923DfeE706A8E78157416C29cBCCFDe7cdF4102

      • Source code is verified on etherscan

      • Compilation optimizations match deployment settings defined in the source code repo

      • GNU AGPLv3 license

      • Every maker-related constructor argument matches chainlog (e.g. vat, dai, dog, ...)
        No constructor args

      • IF new contract have concept of wards or access control
        It's implementaion contract which don't have any state, all wards defined in proxy contract (USDS)

      • Source code matches corresponding github source code (e.g. diffcheck via vscode code --diff etherscan.sol github.sol)

      • Deployer address is included into addresses_deployers.sol

    • USDS_JOIN 0x3C0f895007CA717Aa01c8693e59DF1e8C3777FEB

      • Source code is verified on etherscan
      • Compilation optimizations match deployment settings defined in the source code repo
      • GNU AGPLv3 license
      • Every maker-related constructor argument matches chainlog (e.g. vat, dai, dog, ...)
      • IF new contract have concept of wards or access control
        No wards
      • Source code matches corresponding github source code (e.g. diffcheck via vscode code --diff etherscan.sol github.sol)
      • Deployer address is included into addresses_deployers.sol

    • DAI_USDS 0x3225737a9Bbb6473CB4a45b7244ACa2BeFdB276A

      • Source code is verified on etherscan
      • Compilation optimizations match deployment settings defined in the source code repo
      • GNU AGPLv3 license
      • Every maker-related constructor argument matches chainlog (e.g. vat, dai, dog, ...)
      • IF new contract have concept of wards or access control
        No wards
      • Source code matches corresponding github source code (e.g. diffcheck via vscode code --diff etherscan.sol github.sol)
      • Deployer address is included into addresses_deployers.sol

    • SUSDS 0xa3931d71877C0E7a3148CB7Eb4463524FEc27fbD

      • Source code is verified on etherscan
      • Compilation optimizations match deployment settings defined in the source code repo
      • GNU AGPLv3 license
        Expected and not a blocker
      • Every maker-related constructor argument matches chainlog (e.g. vat, dai, dog, ...)
      • IF new contract have concept of wards or access control
        • Ensure PAUSE_PROXY address was relied (wards(PAUSE_PROXY) is 1)
        • Ensure that contract deployer address was denied (wards(deployer) is 0)
        • Ensure MCD_ESM address is already relied OR being relied (wards(MCD_ESM) is 1) in this spell (as approved by Governance Facilitators, in order to allow de-authing the pause proxy during Emergency Shutdown, via denyProxy)
          Forced by Do not authorize ESM in any new contracts action
        • Ensure that there are no other Rely events except for PAUSE_PROXY and MCD_ESM (using a block explorer like etherscan)
      • Source code matches corresponding github source code (e.g. diffcheck via vscode code --diff etherscan.sol github.sol)
      • Deployer address is included into addresses_deployers.sol

    • SUSDS_IMP 0x4e7991e5C547ce825BdEb665EE14a3274f9F61e0

      • Source code is verified on etherscan
      • Compilation optimizations match deployment settings defined in the source code repo
      • GNU AGPLv3 license
      • Every maker-related constructor argument matches chainlog (e.g. vat, dai, dog, ...)
      • IF new contract have concept of wards or access control
        It's implementaion contract which don't have any state, all wards defined in proxy contract (SUSDS)
      • Source code matches corresponding github source code (e.g. diffcheck via vscode code --diff etherscan.sol github.sol)
      • Deployer address is included into addresses_deployers.sol

    • SKY 0x56072C95FAA701256059aa122697B133aDEd9279

      • Source code is verified on etherscan
      • Compilation optimizations match deployment settings defined in the source code repo
      • GNU AGPLv3 license
      • Every maker-related constructor argument matches chainlog (e.g. vat, dai, dog, ...)
        Don't have constructor args
      • IF new contract have concept of wards or access control
        • Ensure PAUSE_PROXY address was relied (wards(PAUSE_PROXY) is 1)
        • Ensure that contract deployer address was denied (wards(deployer) is 0)
        • Ensure MCD_ESM address is already relied OR being relied (wards(MCD_ESM) is 1) in this spell (as approved by Governance Facilitators, in order to allow de-authing the pause proxy during Emergency Shutdown, via denyProxy)
          Forced by Do not authorize ESM in any new contracts action
        • Ensure that there are no other Rely events except for PAUSE_PROXY and MCD_ESM (using a block explorer like etherscan)
      • Source code matches corresponding github source code (e.g. diffcheck via vscode code --diff etherscan.sol github.sol)
      • Deployer address is included into addresses_deployers.sol

    • MKR_SKY 0xBDcFCA946b6CDd965f99a839e4435Bcdc1bc470B

      • Source code is verified on etherscan
      • Compilation optimizations match deployment settings defined in the source code repo
      • GNU AGPLv3 license
      • Every maker-related constructor argument matches chainlog (e.g. vat, dai, dog, ...)
      • IF new contract have concept of wards or access control
        No wards
      • Source code matches corresponding github source code (e.g. diffcheck via vscode code --diff etherscan.sol github.sol)
      • Deployer address is included into addresses_deployers.sol

    • UNIV2DAIMKR 0x517F9dD285e75b599234F7221227339478d0FcC8
      This is a Uniswap V2 pair contract retrieved from UniV2 Factory, checks are not applicable

      • Source code is verified on etherscan

    • UNIV2USDSSKY 0x2621CC0B3F3c079c1Db0E80794AA24976F0b9e3c named as in the spell
      This is a Uniswap V2 pair contract retrieved from UniV2 Factory, checks are not applicable

      • Source code is verified on etherscan

    • MCD_SPLIT 0xBF7111F13386d23cb2Fba5A538107A73f6872bCF named as in the spell

      • Source code is verified on etherscan
      • Compilation optimizations match deployment settings defined in the source code repo
      • GNU AGPLv3 license
      • Every maker-related constructor argument matches chainlog (e.g. vat, dai, dog, ...)
      • IF new contract have concept of wards or access control
        • Ensure PAUSE_PROXY address was relied (wards(PAUSE_PROXY) is 1)
        • Ensure that contract deployer address was denied (wards(deployer) is 0)
        • Ensure MCD_ESM address is already relied OR being relied (wards(MCD_ESM) is 1) in this spell (as approved by Governance Facilitators, in order to allow de-authing the pause proxy during Emergency Shutdown, via denyProxy)
          Force by Do not authorize ESM in any new contracts action
        • Ensure that there are no other Rely events except for PAUSE_PROXY and MCD_ESM (using a block explorer like etherscan)
      • Source code matches corresponding github source code (e.g. diffcheck via vscode code --diff etherscan.sol github.sol)
      • Deployer address is included into addresses_deployers.sol

    • SPLITTER_MOM 0xF51a075d468dE7dE3599C1Dc47F5C42d02C9230e

      • Source code is verified on etherscan
      • Compilation optimizations match deployment settings defined in the source code repo
      • GNU AGPLv3 license
      • Every maker-related constructor argument matches chainlog (e.g. vat, dai, dog, ...)
      • IF new contract have concept of wards or access control
        • Ensure PAUSE_PROXY address was relied (wards(PAUSE_PROXY) is 1)
        • Ensure that contract deployer address was denied (wards(deployer) is 0)
      • Source code matches corresponding github source code (e.g. diffcheck via vscode code --diff etherscan.sol github.sol)
      • Deployer address is included into addresses_deployers.sol

    • MCD_FLAP 0xc5A9CaeBA70D6974cBDFb28120C3611Dd9910355 named as in the spell

      • Source code is verified on etherscan
      • Compilation optimizations match deployment settings defined in the source code repo
      • GNU AGPLv3 license
      • Every maker-related constructor argument matches chainlog (e.g. vat, dai, dog, ...)
      • IF new contract have concept of wards or access control
        • Ensure PAUSE_PROXY address was relied (wards(PAUSE_PROXY) is 1)
        • Ensure that contract deployer address was denied (wards(deployer) is 0)
        • Ensure MCD_ESM address is already relied OR being relied (wards(MCD_ESM) is 1) in this spell (as approved by Governance Facilitators, in order to allow de-authing the pause proxy during Emergency Shutdown, via denyProxy)
          Forced by Do not authorize ESM in any new contracts action
        • Ensure that there are no other Rely events except for PAUSE_PROXY and MCD_ESM (using a block explorer like etherscan)
      • Source code matches corresponding github source code (e.g. diffcheck via vscode code --diff etherscan.sol github.sol)
      • Deployer address is included into addresses_deployers.sol

    • FLAP_SKY_ORACLE 0x38e8c1D443f546Dc014D7756ec63116161CB7B25 named as in the spell

      • Source code is verified on etherscan
      • Compilation optimizations match deployment settings defined in the source code repo
      • GNU AGPLv3 license
      • Every maker-related constructor argument matches chainlog (e.g. vat, dai, dog, ...)
      • IF new contract have concept of wards or access control
        No wards
      • Source code matches corresponding github source code (e.g. diffcheck via vscode code --diff etherscan.sol github.sol)
      • Deployer address is included into addresses_deployers.sol

    • MCD_VEST_SKY 0xB313Eab3FdE99B2bB4bA9750C2DDFBe2729d1cE9

      • Source code is verified on etherscan
      • Compilation optimizations match deployment settings defined in the source code repo
      • GNU AGPLv3 license
      • Every maker-related constructor argument matches chainlog (e.g. vat, dai, dog, ...)
      • IF new contract have concept of wards or access control
        • Ensure PAUSE_PROXY address was relied (wards(PAUSE_PROXY) is 1)
        • Ensure that contract deployer address was denied (wards(deployer) is 0)
        • Ensure MCD_ESM address is already relied OR being relied (wards(MCD_ESM) is 1) in this spell (as approved by Governance Facilitators, in order to allow de-authing the pause proxy during Emergency Shutdown, via denyProxy)
          Forced by Do not authorize ESM in any new contracts action
        • Ensure that there are no other Rely events except for PAUSE_PROXY and MCD_ESM (using a block explorer like etherscan)
      • Source code matches corresponding github source code (e.g. diffcheck via vscode code --diff etherscan.sol github.sol)
        There are some minor diffs like new line and etherescan verification metadata, nothing major
      • Deployer address is included into addresses_deployers.sol

    • REWARDS_USDS_SKY 0x0650CAF159C5A49f711e8169D4336ECB9b950275

      • Source code is verified on etherscan
      • Compilation optimizations match deployment settings defined in the source code repo
      • GNU AGPLv3 license
        Not a blocker as contract was not developed by us
      • Every maker-related constructor argument matches chainlog (e.g. vat, dai, dog, ...)
      • IF new contract have concept of wards or access control
        • Ensure PAUSE_PROXY address was relied (wards(PAUSE_PROXY) is 1)
      • Source code matches corresponding github source code (e.g. diffcheck via vscode code --diff etherscan.sol github.sol)
      • Deployer address is included into addresses_deployers.sol

    • REWARDS_DIST_USDS_SKY 0x2F0C88e935Db5A60DDA73b0B4EAEef55883896d9

      • Source code is verified on etherscan
      • Compilation optimizations match deployment settings defined in the source code repo
      • GNU AGPLv3 license
      • Every maker-related constructor argument matches chainlog (e.g. vat, dai, dog, ...)
      • IF new contract have concept of wards or access control
        • Ensure PAUSE_PROXY address was relied (wards(PAUSE_PROXY) is 1)
        • Ensure that contract deployer address was denied (wards(deployer) is 0)
        • Ensure MCD_ESM address is already relied OR being relied (wards(MCD_ESM) is 1) in this spell (as approved by Governance Facilitators, in order to allow de-authing the pause proxy during Emergency Shutdown, via denyProxy)
          Forced by Do not authorize ESM in any new contracts action
        • Ensure that there are no other Rely events except for PAUSE_PROXY and MCD_ESM (using a block explorer like etherscan)
      • Source code matches corresponding github source code (e.g. diffcheck via vscode code --diff etherscan.sol github.sol)
      • Deployer address is included into addresses_deployers.sol

    • REWARDS_USDS_01 0x10ab606B067C9C461d8893c47C7512472E19e2Ce

      • Source code is verified on etherscan
      • Compilation optimizations match deployment settings defined in the source code repo
      • GNU AGPLv3 license
        Not a blocker as contract was not developed by us
      • Every maker-related constructor argument matches chainlog (e.g. vat, dai, dog, ...)
      • IF new contract have concept of wards or access control
        • Ensure PAUSE_PROXY address was relied (wards(PAUSE_PROXY) is 1)
      • Source code matches corresponding github source code (e.g. diffcheck via vscode code --diff etherscan.sol github.sol)
      • Deployer address is included into addresses_deployers.sol

    • CRON_REWARDS_DIST_JOB 0x6464C34A02DD155dd0c630CE233DD6e21C24F9A5

      • Source code is verified on etherscan
      • Compilation optimizations match deployment settings defined in the source code repo
      • GNU AGPLv3 license
      • Every maker-related constructor argument matches chainlog (e.g. vat, dai, dog, ...)
      • IF new contract have concept of wards or access control
        • Ensure PAUSE_PROXY address was relied (wards(PAUSE_PROXY) is 1)
        • Ensure that contract deployer address was denied (wards(deployer) is 0)
        • Ensure MCD_ESM address is already relied OR being relied (wards(MCD_ESM) is 1) in this spell (as approved by Governance Facilitators, in order to allow de-authing the pause proxy during Emergency Shutdown, via denyProxy)
          Forced by Do not authorize ESM in any new contracts action
        • Ensure that there are no other Rely events except for PAUSE_PROXY and MCD_ESM (using a block explorer like etherscan)
      • Source code matches corresponding github source code (e.g. diffcheck via vscode code --diff etherscan.sol github.sol)
      • Deployer address is included into addresses_deployers.sol

    • WRAPPER_USDS_LITE_PSM_USDC_A 0xA188EEC8F81263234dA3622A406892F3D630f98c

      • Source code is verified on etherscan
      • Compilation optimizations match deployment settings defined in the source code repo
      • GNU AGPLv3 license
      • Every maker-related constructor argument matches chainlog (e.g. vat, dai, dog, ...)
      • IF new contract have concept of wards or access control
        No wards
      • Source code matches corresponding github source code (e.g. diffcheck via vscode code --diff etherscan.sol github.sol)
      • Deployer address is included into addresses_deployers.sol

  • IF core system parameter changes are present in the instructions

    • MCD_PAUSE.delay was changed using PauseLike(MCD_PAUSE).setDelay(16 hours)

  • IF additional dependencies (i.e. ./src/dependencies/ directory) are present:

    • 01-usds/UsdsInit.sol
    • IF the dependencies contracts/libraries have been audited
      • Each contract/library exactly matches (i.e. diff check) the source code of the latest audited version

    • 01-usds/UsdsInstance.sol

      • IF the dependencies contracts/libraries have been audited
        • Each contract/library exactly matches (i.e. diff check) the source code of the latest audited version

    • 02-susds/SUsdsInit.sol

      • IF the dependencies contracts/libraries have been audited
        • Each contract/library exactly matches (i.e. diff check) the source code of the latest audited version

    • 02-susds/SUsdsInstance.sol

      • IF the dependencies contracts/libraries have been audited
        • Each contract/library exactly matches (i.e. diff check) the source code of the latest audited version

    • 03-sky/SkyInit.sol

      • IF the dependencies contracts/libraries have been audited
        • Each contract/library exactly matches (i.e. diff check) the source code of the latest audited version

    • 03-sky/SkyInstance.sol

      • IF the dependencies contracts/libraries have been audited
        • Each contract/library exactly matches (i.e. diff check) the source code of the latest audited version

    • 04-univ2-pool-migrator/UniV2PoolMigratorInit.sol

      • IF the dependencies contracts/libraries have been audited

        • Each contract/library exactly matches (i.e. diff check) the source code of the latest audited version

    • 05-flapper/FlapperInit.sol

      • IF the dependencies contracts/libraries have been audited
        • Each contract/library exactly matches (i.e. diff check) the source code of the latest audited version

    • 05-flapper/SplitterInstance.sol

      • IF the dependencies contracts/libraries have been audited
        • Each contract/library exactly matches (i.e. diff check) the source code of the latest audited version

    • 06-farm/StakingRewardsInit.sol

      • IF the dependencies contracts/libraries have been audited
        • Each contract/library exactly matches (i.e. diff check) the source code of the latest audited version

    • 06-farm/VestedRewardsDistributionInit.sol

      • IF the dependencies contracts/libraries have been audited
        • Each contract/library exactly matches (i.e. diff check) the source code of the latest audited version

    • 06-farm/VestInit.sol

      • IF the dependencies contracts/libraries have been audited
        • Each contract/library exactly matches (i.e. diff check) the source code of the latest audited version

    • 06-farm/UsdsSkyFarmingInit.sol

      • IF the dependencies contracts/libraries have been audited
        • Each contract/library exactly matches (i.e. diff check) the source code of the latest audited version

    • 06-farm/Usds01PreFarmingInit.sol

      • IF the dependencies contracts/libraries have been audited
        • Each contract/library exactly matches (i.e. diff check) the source code of the latest audited version

    • 07-cron/VestedRewardsDistributionJobInit.sol

      • OTHERWISE obtain the permalink to the relevant repository from a trusted party (i.e. Gov Facilitators)
        Source code: makerdao/dss-cron repo
        • Each contract/library exactly matches (i.e. diff check) the source code from the permalink
          Not match, the only diff in Solidity version (pragma), this was done to be compatible with spell soldity version, not blocking

  • IF MKR or DAI streams (DssVest) are created
    New SKY stream is created using UsdsSkyFarmingInit.init call

    • VestAbstract interface is imported from dss-interfaces/dss/VestAbstract.sol
      DssVestLike is defined inside dependencies/06-farm/VestInit.sol
    • restrict is used for each stream, UNLESS otherwise explicitly stated in the Exec Sheet
    • usr (Vest recipient address) matches Exec Sheet
    • usr address in the instruction is in the checksummed format
    • usr address variable name match one found in addresses_wallets.sol
      REWARDS_DIST_USDS_SKY is used and added to CHAINLOG
    • tot (Total stream amount) matches Exec Sheet
    • bgn (Vest start timestamp) matches Exec Sheet
    • tau is expressed as bgn - fin (i.e. MONTH_DD_YYYY - MONTH_DD_YYYY)
      Start date based on the timestamp, not a blocker
    • IF mgr (Vest manager address) is specified in the Exec Sheet, matches the value, OTHERWISE matches address(0)
    • Ensure that max vesting rate (cap) is enough for the new streams
      • The maximum vesting rate (tot divided by tau) <= the maximum vest streaming rate (cap)
      • The maximum vesting rate (tot divided by tau) > the maximum vest streaming rate (cap)
      • Calculate new cap value equal to 10% greater than the new maximum vesting rate, then round new cap up with 2 significant figure precision (i.e. 2446 becomes 2500)
    • IF max vesting rate (cap) is changed in the spell
      • Governance facilitators were notified
      • Exec Sheet contain explicit instruction
      • Exec Doc contain explicit instruction
    • Tested via testVestDAI or testVestMKR
      Tested by testVestSKY as we have stream for a new token

  • IF spell interacts with ChainLog

    • ChainLog version is incremented based on update type
      • Minor -> Core Module (DSS) Update (e.g. Flapper) (0.++.0)
    • New addresses are added to the addresses_mainnet.sol
    • Changes are tested via testChainlogIntegrity and testChainlogValues

  • Ensure every spell variable is declared as public/internal

  • Ensure immutable visibility is only used when fetching addresses from the ChainLog via DssExecLib.getChangelogAddress(key) and constant is used instead for static addresses

    • Fetch addresses as type address and wrap with Like suffix interfaces inline (when making calls), UNLESS archive patterns permit otherwise (Such as MKR)
    • Where addresses are fetched from the ChainLog, the variable name must match the value of the ChainLog key for that address (e.g. MCD_VAT rather than vat), except where the archive pattern differs from this pattern (e.g. MKR)

  • Tests

    • Ensure that the DssExecLib.address file is not being modified by the spell PR
    • Check all CI tests are passing as at the latest commit
      Insert most recent commit hash where CI was passing
      057f402
    • Ensure every test function is declared as public
      • IF the test needs to run, it MUST NOT have the skipped modifier; OTHERWISE, it MUST have the skipped modifier
    • Ensure each spell action has sufficient test coverage
      List actions for which coverage was checked here
      • Set earliest execution date September 17, 12:00 UTC -> testNextCastTimeMinEta
      • Do not authorize ESM in any new contracts -> Tested manually
      • Init USDS by calling UsdsInit.init
        • Tested by testSystemTokens
        • Authorization tested by testNewAuthorizations
        • Chainlog values tested by testChainlogIntegrity & testChainlogValues
      • Init sUSDS by calling SUsdsInit.init
        • Tested by testSystemTokens
        • Authorization tested by testNewAuthorizations
        • Chainlog values tested by testChainlogIntegrity & testChainlogValues
        • SUsdsLike(instance.sUsds).file("ssr", cfg.ssr); tested by testGeneral
      • Init SKY by calling SkyInit.init
        • Tested by testSystemTokens
        • Authorization tested by testNewAuthorizations
        • Chainlog values tested by testChainlogIntegrity & testChainlogValues
      • Migrate full DAI/MKR UniswapV2 liquidity into USDS/SKY by calling UniV2PoolMigratorInit.init
        • Tested by testSystemTokens & testUniV2PoolMigration
      • Init Splitter by calling FlapperInit.initSplitter
        • Tested by testGeneral & testSplitter
        • Chainlog values tested by testChainlogIntegrity & testChainlogValues
      • Init new Flapper by calling FlapperInit.initFlapperUniV2
        • Tested by testGeneral & testSplitter
      • Init new Oracle by calling FlapperInit.initOracleWrapper
        • Tested by testSplitter
        • Chainlog values tested by testChainlogIntegrity & testChainlogValues
      • Setup DssVestMintable for SKY
        • Tested by testGeneral
        • Authorization tested by testNewAuthorizations
        • Chainlog values tested by testChainlogIntegrity & testChainlogValues
      • Init USDS -> SKY rewards by calling UsdsSkyFarmingInit.init
        • Chainlog values tested by testChainlogIntegrity & testChainlogValues
        • Tested by testUsdsSkyRewards && testVestSKY
      • Call distribute() in VestedRewardsDistribution contract
        • Tested by testUsdsSkyRewards
      • Initialize the new cron job by calling VestedRewardsDistributionJobInit.init
        • Tested by testNewCronJobs
        • Chainlog values tested by testChainlogIntegrity & testChainlogValues
      • Add VestedRewardsDistribution to the new cron job by calling VestedRewardsDistributionJobInit.setDist
        • Tested by testVestedRewardsDistributionJob
      • Init Rewards-01 by calling Usds01PreFarmingInit.init
        • Tested by testUsds01Rewards
        • Chainlog values tested by testChainlogIntegrity & testChainlogValues
      • Add LitePsmWrapper to the Chainlog
        • Tested by testUsdsPsmWrapper
        • Chainlog values tested by testChainlogIntegrity & testChainlogValues
      • Update GSM Delay
        • Tested by testGeneral
      • Bump chainlog
        • Tested by testChainlogValues
    • Ensure that any other env variable does not affect execution of the tests (for example, by inspecting the output of printenv | grep "FOUNDRY_\|DAPP_")
    • Check all tests are passing locally using make test
      • Ensure every test listed in the coverage item above is present in the logs and with the [PASS] prefix.
Ran 2 tests for src/test/starknet.t.sol:StarknetTests
[PASS] testStarknet() (gas: 3272751)
[PASS] testStarknetSpell() (gas: 2309)
Suite result: ok. 2 passed; 0 failed; 0 skipped; finished in 55.15s (51.58s CPU time)

Ran 45 tests for src/DssSpell.t.sol:DssSpellTest
[SKIP] testBytecodeMatches() (gas: 0)
[PASS] testCastCost() (gas: 3149889)
[PASS] testCastOnTime() (gas: 3146919)
[PASS] testChainlogIntegrity() (gas: 8821248)
[PASS] testChainlogValues() (gas: 10398867)
[SKIP] testCollateralIntegrations() (gas: 0)
[PASS] testContractSize() (gas: 10909)
[SKIP] testDAIPayments() (gas: 0)
[SKIP] testDaoResolutions() (gas: 0)
[PASS] testDeployCost() (gas: 5315800)
[SKIP] testEsmAuth() (gas: 0)
[PASS] testGeneral() (gas: 28883707)
[SKIP] testIlkClipper() (gas: 0)
[SKIP] testL2ArbitrumSpell() (gas: 0)
[SKIP] testL2OptimismSpell() (gas: 0)
[SKIP] testLerpSurplusBuffer() (gas: 0)
[PASS] testLitePSMs() (gas: 4023792)
[SKIP] testMKRPayments() (gas: 0)
[SKIP] testMedianizers() (gas: 0)
[PASS] testNewAuthorizations() (gas: 3208391)
[PASS] testNewCronJobs() (gas: 3155704)
[SKIP] testNewIlkRegistryValues() (gas: 0)
[SKIP] testNextCastTime() (gas: 0)
[PASS] testNextCastTimeMinEta() (gas: 684024)
[SKIP] testOSMs() (gas: 0)
[SKIP] testOffboardings() (gas: 0)
[PASS] testOfficeHours() (gas: 12233)
[SKIP] testOracleList() (gas: 0)
[PASS] testPSMs() (gas: 4334093)
[PASS] testRemoveChainlogValues() (gas: 3153480)
[PASS] testRevertIfNotScheduled() (gas: 16808)
[SKIP] testSparkSpellIsExecuted() (gas: 0)
[PASS] testSplitter() (gas: 3498506)
[PASS] testSystemTokens() (gas: 3862547)
[PASS] testUniV2PoolMigration() (gas: 3172918)
[PASS] testUsds01Rewards() (gas: 3255353)
[PASS] testUsdsPsmWrapper() (gas: 3516106)
[PASS] testUsdsSkyRewards() (gas: 3359247)
[PASS] testUseEta() (gas: 341839)
[SKIP] testVestDAI() (gas: 0)
[SKIP] testVestMKR() (gas: 0)
[PASS] testVestSKY() (gas: 3553767)
[PASS] testVestedRewardsDistributionJob() (gas: 3315673)
[SKIP] testYankDAI() (gas: 0)
[SKIP] testYankMKR() (gas: 0)
Suite result: ok. 24 passed; 0 failed; 21 skipped; finished in 427.67s (1410.32s CPU time)

Ran 2 test suites in 428.60s (482.82s CPU time): 26 tests passed, 0 failed, 21 skipped (47 total tests)

Pre-Deployment Stage

  • Wait till the Exec Doc is merged
  • Exec Doc checks
    • Exec Doc for the specified date is found in the makerdao/community GitHub repo
      https://github.com/makerdao/community/blob/master/governance/votes/Executive%20vote%20-%20September%2013%2C%202024.md
    • Exec Doc file name follows the format Executive vote - Month DD, YYYY.md
    • Extract permanent URL to the raw markdown file and paste it below
      Insert your Raw Exec Doc URL here
      https://raw.githubusercontent.com/makerdao/community/4911c55070a1f40998da1caba08bda37d6c615bb/governance/votes/Executive%20vote%20-%20September%2013%2C%202024.md
    • Ensure the URL uses commit hash that introduced last change to the Exec Doc, NOT merge commit
      • OTHERWISE, ensure it is pointing to the latest commit on master: 
        git switch master && git pull origin master
      • Get the latest commit hash for the exec doc: 
        git log --pretty=oneline -1 -- "governance/votes/Executive vote - September 13, 2024.md"
    • Using Exec Doc URL from the above and the TARGET_DATE, generate Exec Doc Hash via make exec-hash date=$TARGET_DATE $URL
      Insert your Exec Doc Hash here
      Script is broken, checked manually by next rule
    • Using Exec Doc URL from the above, generate Exec Doc Hash via cast keccak -- "$(curl '$URL' -o - 2>/dev/null)"
      Insert your Exec Doc Hash here
      0xdf8af8066b5e0a90668ab343a1244624c58a30b568ff9113dbc82a22a77d0cf6
    • Make sure that hash above doesn't match keccak hash of the empty string (0xc5d2460186f7233c927e7db2dcc703c0e500b653ca82273b7bfad8045d85a470)
    • Using Exec Doc URL from the above, read spell instructions from the Exec Doc and list them below
      List all instructions announced in the Exec Doc
      • Execution date restriction
        • This executive proposal has its earliest execution date set to September 17, 2024 at 12:00 UTC
      • New Contract ESM Exclusion
        • The Emergency Shutdown Module (ESM) will not be authorized in any new contracts deployed for this proposal.
      • USDS, sUSDS, and SKY Tokens Initialization
        • Initialize USDS by calling UsdsInit.Init with the following parameters:
          • usds: 0xdC035D45d973E3EC169d2276DDab16f1e407384F
          • usdsImp: 0x1923DfeE706A8E78157416C29cBCCFDe7cdF4102
          • UsdsJoin: 0x3C0f895007CA717Aa01c8693e59DF1e8C3777FEB
          • DaiUsds: 0x3225737a9Bbb6473CB4a45b7244ACa2BeFdB276A
        • Initialize sUSDS by calling sUsdsInit.Init with the following parameters:
          • susds: 0xa3931d71877C0E7a3148CB7Eb4463524FEc27fbD
          • sUsdsImp: 0x4e7991e5C547ce825BdEb665EE14a3274f9F61e0
          • UsdsJoin: 0x3C0f895007CA717Aa01c8693e59DF1e8C3777FEB
          • usds: 0xdC035D45d973E3EC169d2276DDab16f1e407384F
          • ssr: 6.25%
        • Initialize SKY by calling SkyInit.Init with the following parameters:
          • sky 0x56072C95FAA701256059aa122697B133aDEd9279
          • mkrSky 0xBDcFCA946b6CDd965f99a839e4435Bcdc1bc470B
          • rate: 24,000
        • These functions will also add the following elements to the chainlog:
          • 0xdC035D45d973E3EC169d2276DDab16f1e407384F USDS
          • 0x1923DfeE706A8E78157416C29cBCCFDe7cdF4102 USDS_IMP
          • 0x3C0f895007CA717Aa01c8693e59DF1e8C3777FEB USDS_JOIN
          • 0x3225737a9Bbb6473CB4a45b7244ACa2BeFdB276A DAI_USDS
          • 0xa3931d71877C0E7a3148CB7Eb4463524FEc27fbD SUSDS
          • 0x4e7991e5C547ce825BdEb665EE14a3274f9F61e0 SUSDS_IMP
          • 0x56072C95FAA701256059aa122697B133aDEd9279 SKY
          • 0xBDcFCA946b6CDd965f99a839e4435Bcdc1bc470B MKR_SKY
        • The following permissions will be granted by the functions mentioned above:
          • The usdsJoin Adapter will be authorized in the usds contract
          • The sUSDS contract will be authorized to access the vat
          • The mkrSky contract will be authorized in the sky contract
          • The mkrSky contract will be authorized in the MkrAuthority contract
        • Smart Burn Engine (SBE) Upgrade
          • UniV2 Pool Migration
            • The DAI/MKR UniV2 pool funds will be migrated to the USDS/SKY UniV2 pool by executing the UniV2 Pool Migrator script with the following parameters:
              • pairDaiMkr: 0x517F9dD285e75b599234F7221227339478d0FcC8
              • pairUsdsSky: 0x2621CC0B3F3c079c1Db0E80794AA24976F0b9e3c
          • The Splitter will be initialized by calling the FlapperInit.initSplitter function with the following parameters:
            • splitter: 0xBF7111F13386d23cb2Fba5A538107A73f6872bCF
            • mom: 0xF51a075d468dE7dE3599C1Dc47F5C42d02C9230e
            • hump: 55 million DAI
            • bump: 65,000 DAI
            • hop: 10,249 seconds
            • burn: 100% (1 * WAD)
            • usdsJoin: 0x3C0f895007CA717Aa01c8693e59DF1e8C3777FEB
            • splitterChainlogKey: MCD_SPLIT
            • prevMomChainlogKey: FLAPPER_MOM
            • momChainlogKey: SPLITTER_MOM
          • The state variable flapper in the vow will be changed to the splitter address by calling file through the FlapperInit.initSplitter function.
          • The Flapper will be initialized by calling the FlapperInit.initFlapperUniV2 function with the following parameters:
            • flapper_: 0xc5A9CaeBA70D6974cBDFb28120C3611Dd9910355
            • want: 98% (98 * WAD / 100)
            • pip: 0x38e8c1D443f546Dc014D7756ec63116161CB7B25
            • pair: 0x2621CC0B3F3c079c1Db0E80794AA24976F0b9e3c
            • usds: 0xdC035D45d973E3EC169d2276DDab16f1e407384F
            • splitter: 0xBF7111F13386d23cb2Fba5A538107A73f6872bCF
            • prevChainlogKey: MCD_FLAP
            • chainlogKey: MCD_FLAP
          • The Oracle will be initialized by calling the FlapperInit.initOracleWrapper function with the following parameters:
            • wrapper_: 0x38e8c1D443f546Dc014D7756ec63116161CB7B25
            • divisor: 24,000
            • clKey: FLAP_SKY_ORACLE
          • Wrapper will be authorized to read the MKR oracle price through the FlapperInit.initOracleWrapper function.
        • SKY DssVestMintable Setup
          • Authorize DssVestMintable on SKY by calling DssExecLib.authorize with the following parameters:
            • _base: 0x56072C95FAA701256059aa122697B133aDEd9279
            • _ward: 0xB313Eab3FdE99B2bB4bA9750C2DDFBe2729d1cE9
          • Set DssVestMintable max rate (cap) by calling DssExecLib.setValue with the following parameters:
            • _base: 0xB313Eab3FdE99B2bB4bA9750C2DDFBe2729d1cE9
            • _what: "cap"
            • _amt: 799,999,999.999999999985808000 SKY per year (800M * WAD / 365 days )
          • Add DssVestMintable to Chainlog by calling DssExecLib.setChangelogAddress with the following parameters:
            • _key: MCD_VEST_SKY
            • _val: 0xB313Eab3FdE99B2bB4bA9750C2DDFBe2729d1cE9
        • USDS->SKY Farming Setup
          • Initialize USDS->SKY Token Rewards (STR) by calling UsdsSkyFarmingInit.init with the following parameters:
            • usds: 0xdC035D45d973E3EC169d2276DDab16f1e407384F
            • sky: 0x56072C95FAA701256059aa122697B133aDEd9279
            • rewards: 0x0650CAF159C5A49f711e8169D4336ECB9b950275
            • rewardsKey: REWARDS_USDS_SKY
            • dist: 0x2F0C88e935Db5A60DDA73b0B4EAEef55883896d9
            • distKey: REWARDS_DIST_USDS_SKY
            • vest: 0xB313Eab3FdE99B2bB4bA9750C2DDFBe2729d1cE9
            • vestTot: 600M * WAD
            • vestBgn: block.timestamp - 7 days
            • vestTau: 365 days - 1
            • Call distribute() in VestedRewardsDistribution contract in the spell execution.
          • The following SKY vesting stream will be created for rewards distribution through the UsdsSkyFarmingInit.init function:
            • SKY Vesting Stream | from 'block.timestamp - 7 days' for '365 days - 1' | 600M * WAD SKY | 0x2F0C88e935Db5A60DDA73b0B4EAEef55883896d9
          • Initialize the new cron job by calling VestedRewardsDistributionJobInit.init with the following parameters:
            • job: 0x6464C34A02DD155dd0c630CE233DD6e21C24F9A5
            • cfg.jobKey: CRON_REWARDS_DIST_JOB
          • Add VestedRewardsDistribution to the new cron job by calling VestedRewardsDistributionJobInit.setDist with the following parameters:
            • job: 0x6464C34A02DD155dd0c630CE233DD6e21C24F9A5
            • cfg.dist: 0x2F0C88e935Db5A60DDA73b0B4EAEef55883896d9
            • cfg.interval: 7 days - 1 hours
        • USDS->01 Farming Setup
          • Initialize STR 01 Rewards by calling Usds01PreFarmingInit.init with the following parameters:
            • usds: 0xdC035D45d973E3EC169d2276DDab16f1e407384F
            • rewards: 0x10ab606B067C9C461d8893c47C7512472E19e2Ce
            • rewardsKey: REWARDS_USDS_01
        • LitePsmWrapper Addition to the Chainlog
          • Add LitePsmWrapper to the Chainlog by calling DssExecLib.setChangelogAddress with the following parameters:
            • _key: WRAPPER_USDS_LITE_PSM_USDC_A
            • _val: 0xA188EEC8F81263234dA3622A406892F3D630f98c
        • GSM Pause Delay Update
          • GSM Pause Delay will be decreased by 14 hours, from 30 hours to 16 hours
    • Office hours value in the Exec Doc matches the spell
      No office hours in the Exec Doc, set to NO in Exec Sheet
    • Sum of all payments in the Exec Doc matches the tests
    • Exec Doc URL in the spell comment matches your Raw Exec Doc URL above
    • Exec Doc URL in the spell comment refers to the https://github.com/makerdao/community repository
    • Every action present in the spell code is present in the Exec Doc
    • Every action in the Exec Doc is present in the spell code
  • IF all checks pass, make sure to include explicit "Good to deploy" comment

@amusingaxl
Copy link
Contributor Author

Spell is deployed: 0x70254BD530684CF4a6323F51098FA39AAE6130b6.

Spell is cast on the Tenderly Virtual Testnet: https://dashboard.tenderly.co/explorer/vnet/8c4daeff-45a3-489d-8e60-c607179dca99

@SidestreamColdMelon
Copy link
Contributor

TLDR: Good to handover

Deployed Stage

  • Source code settings
    • Deployed spell is verified on etherscan
    • Optimization enabled: false UNLESS the contract size is too big AND all mitigation strategies (i.e.: removing revert strings) have failed
      ℹ️ Optimization Enabled: Yes with 1 runs
    • Default evmVersion
    • GNU AGPLv3 license
  • Source code validity
    • Deployed spell code matches source on github. (can be checked via make diff-deployed-spell or manually)
    • No new changes are made after previously given "good to deploy"
      ⚠️ 1fb85dd commit was made after previously given "good to deploy", only after consulting with the spell team and receiving internal approval. This change only affects tests and fixes inconsistency between deployment and testing settings (namely FOUNDRY_OPTIMIZER_RUNS env variable was different from DAPP_BUILD_OPTIMIZE_RUNS which prevented testBytecodeMatches to validate deployed bytecode)
  • Deployed spell Etherscan checks
    • Automated checks via make check-deployed-spell
      • Verified
      • Valid license
      • Version matches
      • Optimizations are disabled
        ⚠️ This is not true (optimization are enabled), but is intentional and expected as spell doesn't fit into the 24Kb size limit imposed on mainnet
      • dss-exec-lib library address used (under 'Libraries Used') matches the hardcoded local DssExecLib.address file
      • deployed_spell_created matches deployment timestamp
      • deployed_spell_block matches deployment block number
    • Manual checks
      • Ensure make deploy-info tx=<tx> matches config
        • deployed_spell_created timestamp
        • deployed_spell_block block number
      • Check again that the PR did not modify the DssExecLib.address file (e.g. look under the 'Files Changed' PR tab, etc.)
      • Ensure Etherscan Libraries Used matches DssExecLib Latest Release
      • (For your tests to be accurate) git submodule hash matches dss-exec-lib latest release's tag commit and inspect diffs if doesn't match to ensure expected behaviour (Currently Non-Critical pending the next DssExecLib release, double check that the ExecLib used by the contract matches the latest release)
        ⚠️ The hash doesn't match as in multiple previous spells. Latest release v0.0.9 has hash of c0d3c6c made on Feb 1, 2022, while git submodule lib/dss-exec-lib is set to track the latest commit 69b658f made on Jan 23, 2023. Here is the diff between the latest release and the submodule: makerdao/dss-exec-lib@v0.0.9...69b658f#diff-72201ff20380f5c7fc89281be3ad2dd6bd5a992f246d41d6d9d97f71e078d40d. The only major difference between deployed and the imported library is the new setRWAIlkDebtCeiling, which is not used in this particular spell
  • Tenderly Testnet checks
  • Archive checks
    • make diff-archive-spell for current date or make diff-archive-spell date="YYYY-MM-DD"
    • Ensure date corresponds to target Exec Doc date
  • Tests
    • Ensure that the DssExecLib.address file is not being modified by the spell PR
    • Check all CI tests are passing as at the latest commit
      Insert most recent commit hash where CI was passing
      fafea9d
    • Ensure that any other env variable does not affect execution of the tests (for example, by inspecting the output of printenv | grep "FOUNDRY_\|DAPP_")
    • Check all tests are passing locally using make test
_Insert your local test logs here_
./scripts/test-dssspell-forge.sh no-match="" match="" block=""
Using DssExecLib at: 0x8De6DDbCd5053d32292AAA0D2105A32d108484a6
[⠊] Compiling...
[⠒] Compiling 4 files with Solc 0.8.16
[⠢] Solc 0.8.16 finished in 12.49s
Compiler run successful!

Ran 2 tests for src/test/starknet.t.sol:StarknetTests
[PASS] testStarknet() (gas: 3276947)
[PASS] testStarknetSpell() (gas: 2352)
Suite result: ok. 2 passed; 0 failed; 0 skipped; finished in 19.24s (18.19s CPU time)

Ran 45 tests for src/DssSpell.t.sol:DssSpellTest
[PASS] testBytecodeMatches() (gas: 5295245)
[PASS] testCastCost() (gas: 3154005)
[PASS] testCastOnTime() (gas: 3150637)
[PASS] testChainlogIntegrity() (gas: 8836919)
[PASS] testChainlogValues() (gas: 10402983)
[SKIP] testCollateralIntegrations() (gas: 0)
[SKIP] testContractSize() (gas: 0)
[SKIP] testDAIPayments() (gas: 0)
[SKIP] testDaoResolutions() (gas: 0)
[SKIP] testDeployCost() (gas: 0)
[SKIP] testEsmAuth() (gas: 0)
[PASS] testGeneral() (gas: 28862826)
[SKIP] testIlkClipper() (gas: 0)
[SKIP] testL2ArbitrumSpell() (gas: 0)
[SKIP] testL2OptimismSpell() (gas: 0)
[SKIP] testLerpSurplusBuffer() (gas: 0)
[PASS] testLitePSMs() (gas: 4035008)
[SKIP] testMKRPayments() (gas: 0)
[SKIP] testMedianizers() (gas: 0)
[PASS] testNewAuthorizations() (gas: 3212238)
[PASS] testNewCronJobs() (gas: 3158943)
[SKIP] testNewIlkRegistryValues() (gas: 0)
[SKIP] testNextCastTime() (gas: 0)
[PASS] testNextCastTimeMinEta() (gas: 686496)
[SKIP] testOSMs() (gas: 0)
[SKIP] testOffboardings() (gas: 0)
[PASS] testOfficeHours() (gas: 12977)
[SKIP] testOracleList() (gas: 0)
[PASS] testPSMs() (gas: 4343733)
[PASS] testRemoveChainlogValues() (gas: 3157779)
[PASS] testRevertIfNotScheduled() (gas: 17047)
[SKIP] testSparkSpellIsExecuted() (gas: 0)
[PASS] testSplitter() (gas: 3504582)
[PASS] testSystemTokens() (gas: 3868451)
[PASS] testUniV2PoolMigration() (gas: 3177033)
[PASS] testUsds01Rewards() (gas: 3259955)
[PASS] testUsdsPsmWrapper() (gas: 3523367)
[PASS] testUsdsSkyRewards() (gas: 3363535)
[PASS] testUseEta() (gas: 343977)
[SKIP] testVestDAI() (gas: 0)
[SKIP] testVestMKR() (gas: 0)
[PASS] testVestSKY() (gas: 3558659)
[PASS] testVestedRewardsDistributionJob() (gas: 3340142)
[SKIP] testYankDAI() (gas: 0)
[SKIP] testYankMKR() (gas: 0)
Suite result: ok. 23 passed; 0 failed; 22 skipped; finished in 145.99s (336.97s CPU time)

Ran 2 test suites in 146.56s (165.23s CPU time): 25 tests passed, 0 failed, 22 skipped (47 total tests)
  • Additional checks
    • testBytecodeMatches pass
    • No delegatecall code inside verified code
    • No selfdestruct code inside verified code

@0xdecr1pto
Copy link
Contributor

Good to handover

Deployed Stage

  • Source code settings
    • Deployed spell is verified on etherscan
    • Optimization enabled: false UNLESS the contract size is too big AND all mitigation strategies (i.e.: removing revert strings) have failed
      Enabled with 1 runs
    • Default evmVersion
    • GNU AGPLv3 license
  • Source code validity
    • Deployed spell code matches source on github. (can be checked via make diff-deployed-spell or manually)
    • No new changes are made after previously given "good to deploy"
      1fb85dd commit was made, this changes was approved by a spell team and changes affect only tests
  • Deployed spell Etherscan checks
    • Automated checks via make check-deployed-spell
      • Verified
      • Valid license
      • Version matches
      • Optimizations are disabled
        ** Optimization enabled to fit into contract size limit**
      • dss-exec-lib library address used (under 'Libraries Used') matches the hardcoded local DssExecLib.address file
      • deployed_spell_created matches deployment timestamp
      • deployed_spell_block matches deployment block number
    • Manual checks
      • Ensure make deploy-info tx=<tx> matches config
        • deployed_spell_created timestamp
        • deployed_spell_block block number
      • Check again that the PR did not modify the DssExecLib.address file (e.g. look under the 'Files Changed' PR tab, etc.)
      • Ensure Etherscan Libraries Used matches DssExecLib Latest Release
      • (For your tests to be accurate) git submodule hash matches dss-exec-lib latest release's tag commit and inspect diffs if doesn't match to ensure expected behaviour (Currently Non-Critical pending the next DssExecLib release, double check that the ExecLib used by the contract matches the latest release)
        Hash doesn't match as in previouse spells, not blocking
  • Tenderly Testnet checks
    • A testnet with the name matching spell description is found at maker dashboard
    • The testnet name is unique (previous testnets does not have the same name)
    • Cast transaction is set to the correct "receiver" (matches deployed spell address)
    • All actions are executed in the transaction trace
    • No reverts are present that block execution
    • No out-of-gas errors are present
  • Archive checks
    • make diff-archive-spell for current date or make diff-archive-spell date="YYYY-MM-DD"
    • Ensure date corresponds to target Exec Doc date
  • Tests
    • Ensure that the DssExecLib.address file is not being modified by the spell PR
    • Check all CI tests are passing as at the latest commit
      fafea9d
    • Ensure that any other env variable does not affect execution of the tests (for example, by inspecting the output of printenv | grep "FOUNDRY_\|DAPP_")
    • Check all tests are passing locally using make test
Ran 2 tests for src/test/starknet.t.sol:StarknetTests
[PASS] testStarknet() (gas: 3276947)
[PASS] testStarknetSpell() (gas: 2352)
Suite result: ok. 2 passed; 0 failed; 0 skipped; finished in 54.05s (51.05s CPU time)

Ran 45 tests for src/DssSpell.t.sol:DssSpellTest
[PASS] testBytecodeMatches() (gas: 5295245)
[PASS] testCastCost() (gas: 3154005)
[PASS] testCastOnTime() (gas: 3150637)
[PASS] testChainlogIntegrity() (gas: 8836919)
[PASS] testChainlogValues() (gas: 10402983)
[SKIP] testCollateralIntegrations() (gas: 0)
[SKIP] testContractSize() (gas: 0)
[SKIP] testDAIPayments() (gas: 0)
[SKIP] testDaoResolutions() (gas: 0)
[SKIP] testDeployCost() (gas: 0)
[SKIP] testEsmAuth() (gas: 0)
[PASS] testGeneral() (gas: 28862826)
[SKIP] testIlkClipper() (gas: 0)
[SKIP] testL2ArbitrumSpell() (gas: 0)
[SKIP] testL2OptimismSpell() (gas: 0)
[SKIP] testLerpSurplusBuffer() (gas: 0)
[PASS] testLitePSMs() (gas: 4035008)
[SKIP] testMKRPayments() (gas: 0)
[SKIP] testMedianizers() (gas: 0)
[PASS] testNewAuthorizations() (gas: 3212238)
[PASS] testNewCronJobs() (gas: 3158943)
[SKIP] testNewIlkRegistryValues() (gas: 0)
[SKIP] testNextCastTime() (gas: 0)
[PASS] testNextCastTimeMinEta() (gas: 686496)
[SKIP] testOSMs() (gas: 0)
[SKIP] testOffboardings() (gas: 0)
[PASS] testOfficeHours() (gas: 12977)
[SKIP] testOracleList() (gas: 0)
[PASS] testPSMs() (gas: 4343733)
[PASS] testRemoveChainlogValues() (gas: 3157779)
[PASS] testRevertIfNotScheduled() (gas: 17047)
[SKIP] testSparkSpellIsExecuted() (gas: 0)
[PASS] testSplitter() (gas: 3504582)
[PASS] testSystemTokens() (gas: 3868451)
[PASS] testUniV2PoolMigration() (gas: 3177033)
[PASS] testUsds01Rewards() (gas: 3259955)
[PASS] testUsdsPsmWrapper() (gas: 3523367)
[PASS] testUsdsSkyRewards() (gas: 3363535)
[PASS] testUseEta() (gas: 343977)
[SKIP] testVestDAI() (gas: 0)
[SKIP] testVestMKR() (gas: 0)
[PASS] testVestSKY() (gas: 3558659)
[PASS] testVestedRewardsDistributionJob() (gas: 3277034)
[SKIP] testYankDAI() (gas: 0)
[SKIP] testYankMKR() (gas: 0)
Suite result: ok. 23 passed; 0 failed; 22 skipped; finished in 442.37s (1436.17s CPU time)

Ran 2 test suites in 443.20s (496.42s CPU time): 25 tests passed, 0 failed, 22 skipped (47 total tests)

SidestreamColdMelon
SidestreamColdMelon approved these changes Sep 16, 2024
View reviewed changes
Copy link
Contributor

@SidestreamColdMelon SidestreamColdMelon left a comment

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

Handover and Merge Stage

  • Check that the spell address posted by the crafter in new-spells is correct
  • Confirm the address in the new-spells channel (via a separate "reply to" message, restating the address to avoid edits)
    • Wait until responsible governance facilitator confirms handover in new-spells
  • Ensure that no changes were made to the code since the spell was deployed and archived
  • Approve spell PR for merge via 'Approve' review option

0xdecr1pto
0xdecr1pto approved these changes Sep 16, 2024
View reviewed changes
Copy link
Contributor

@0xdecr1pto 0xdecr1pto left a comment

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

Handover and Merge Stage

  • Check that the spell address posted by the crafter in new-spells is correct
  • Confirm the address in the new-spells channel (via a separate "reply to" message, restating the address to avoid edits)
    • Wait until responsible governance facilitator confirms handover in new-spells
  • Ensure that no changes were made to the code since the spell was deployed and archived
  • Approve spell PR for merge via 'Approve' review option

@amusingaxl amusingaxl merged commit 4ab7b60 into master Sep 16, 2024
3 checks passed
@amusingaxl amusingaxl deleted the 2024-09-13 branch September 16, 2024 16:24
@SidestreamColdMelon SidestreamColdMelon mentioned this pull request Nov 18, 2024
Merged
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Reviewers

@sunbreak1211 sunbreak1211 sunbreak1211 left review comments

@0xdecr1pto 0xdecr1pto 0xdecr1pto approved these changes

@SidestreamColdMelon SidestreamColdMelon SidestreamColdMelon approved these changes

Assignees
No one assigned
Labels
None yet
Projects
None yet
Milestone
No milestone
Development

Successfully merging this pull request may close these issues.
4 participants
@amusingaxl @SidestreamColdMelon @0xdecr1pto @sunbreak1211