ManagerWithMerkleVerification
Last updated
Last updated
This contract securely allows a strategist to rebalance a BoringVault, by restricting multiple attributes about what can and can’t be passed into BoringVault:manage
. The contract can store multiple merkle roots known as ManageRoots
. Each ManageRoot allows a specific caller access to a very specific set of possible function calls. This allows for increased flexibility in implementing various roles, such as risk managers and executors.
The Merkle tree is composed of leafs following this structure.
decodersAndSanitizer
is the address used to extract the packed addresses from the target data, and to sanitize the target data
target
is the address to make the function calls to
valueIsNonZero
is a bool indicating whether or not it is native value can be sent to the target
selector
is the bytes4 function selector to call on target
argumentAddress_0, ...., argumentAddress_N
is every address argument in target data
Using this leaf setup, the ManagerWithMerkleVerification
can control what addresses a strategist can make calls to, what function selectors strategists have access to, whether or not value can be sent to a target, and exactly what address arguments can be passed into those function calls.
Additionally DecoderAndSanitizers
can implement even more checks to sanitize non address arguments in target data.