feat: introduces a killswitch for the diamond (EmergencyPauseFacet v1.0.0)

.github/workflows/diamondEmergencyPause.yml

@@ -0,0 +1,92 @@
+name: Pause PRODUCTION diamond (CAREFUL)
+
+on:
+  push:
+  workflow_dispatch:
+    inputs:
+      Warning:
+        description: 'By clicking the next button you are pausing all PROD diamonds. Please proceed with caution'
+        required: false
+
+jobs:
+  diamond-emergency-pause:
+    runs-on: ubuntu-latest
+    steps:
+      - name: Checkout repository
+        uses: actions/checkout@v3
+
+      # Keeping this code for now until team member authentication has been tested successfully
+      # - name: Authenticate user
+      #   id: check_user
+      #   run: |
+      #     ALLOWED_USERS=("0xDEnYO" "maxklenk" "ezynda3")
+      #     USER=${{ github.actor }}
+      #     if [[ ! " ${ALLOWED_USERS[@]} " =~ " $USER " ]]; then
+      #       echo "User $USER is not allowed to run this workflow. Only the following users are:"
+      #       echo "$ALLOWED_USERS"
+      #       exit 1
+      #     else
+      #       echo "User $USER is allowed to run this workflow."
+      #     fi
+      #   shell: bash
+
+      - name: Authenticate git user (check membership in 'DiamondPauser' group)
+        id: authenticate-user
+        uses: tspascoal/get-user-teams-membership@v3
+        with:
+          username: ${{ github.actor }}
+          organization: lifinance
+          team: diamondpauser
+          GITHUB_TOKEN: ${{ secrets.GIT_TOKEN }}
+
+      - name: Check team membership
+        run: |
+          if [[ "${{ steps.authenticate-user.outputs.isTeamMember }}" != "true" ]]; then
+            echo "User ${{ github.actor }} is not a member of the DiamondPauser team. Please ask one of the team members to execute this action:"
+            echo "https://github.com/orgs/lifinance/teams/diamondpauser/members"
+            exit 1
+          else
+            echo "User is a member of the DiamondPauser team and may execute this action"
+          fi
+
+      - name: Install Foundry
+        uses: foundry-rs/foundry-toolchain@v1
+
+      - name: Pause Diamond
+        run: |
+          ./script/tasks/diamondEMERGENCYPauseGitHub.sh
+        env:
+          ETH_NODE_URI_MAINNET: ${{ secrets.ETH_NODE_URI_MAINNET }}
+          ETH_NODE_URI_ARBITRUM: ${{ secrets.ETH_NODE_URI_ARBITRUM }}
+          ETH_NODE_URI_AURORA: ${{ secrets.ETH_NODE_URI_AURORA }}
+          ETH_NODE_URI_AVALANCHE: ${{ secrets.ETH_NODE_URI_AVALANCHE }}
+          ETH_NODE_URI_BASE: ${{ secrets.ETH_NODE_URI_BASE }}
+          ETH_NODE_URI_BLAST: ${{ secrets.ETH_NODE_URI_BLAST }}
+          ETH_NODE_URI_BOBA: ${{ secrets.ETH_NODE_URI_BOBA }}
+          ETH_NODE_URI_BSC: ${{ secrets.ETH_NODE_URI_BSC }}
+          ETH_NODE_URI_CELO: ${{ secrets.ETH_NODE_URI_CELO }}
+          ETH_NODE_URI_FANTOM: ${{ secrets.ETH_NODE_URI_FANTOM }}
+          ETH_NODE_URI_FRAXTAL: ${{ secrets.ETH_NODE_URI_FRAXTAL }}
+          ETH_NODE_URI_FUSE: ${{ secrets.ETH_NODE_URI_FUSE }}
+          ETH_NODE_URI_GNOSIS: ${{ secrets.ETH_NODE_URI_GNOSIS }}
+          ETH_NODE_URI_LINEA: ${{ secrets.ETH_NODE_URI_LINEA }}
+          ETH_NODE_URI_MANTLE: ${{ secrets.ETH_NODE_URI_MANTLE }}
+          ETH_NODE_URI_METIS: ${{ secrets.ETH_NODE_URI_METIS }}
+          ETH_NODE_URI_MODE: ${{ secrets.ETH_NODE_URI_MODE }}
+          ETH_NODE_URI_MOONBEAM: ${{ secrets.ETH_NODE_URI_MOONBEAM }}
+          ETH_NODE_URI_MOONRIVER: ${{ secrets.ETH_NODE_URI_MOONRIVER }}
+          ETH_NODE_URI_OPTIMISM: ${{ secrets.ETH_NODE_URI_OPTIMISM }}
+          ETH_NODE_URI_POLYGON: ${{ secrets.ETH_NODE_URI_POLYGON }}
+          ETH_NODE_URI_POLYGONZKEVM: ${{ secrets.ETH_NODE_URI_POLYGONZKEVM }}
+          ETH_NODE_URI_ROOTSTOCK: ${{ secrets.ETH_NODE_URI_ROOTSTOCK }}
+          ETH_NODE_URI_SCROLL: ${{ secrets.ETH_NODE_URI_SCROLL }}
+          ETH_NODE_URI_SEI: ${{ secrets.ETH_NODE_URI_SEI }}
+          ETH_NODE_URI_ZKSYNC: ${{ secrets.ETH_NODE_URI_ZKSYNC }}
+          PRIVATE_KEY_PAUSER_WALLET: ${{ secrets.TEST_PRIV_KEY_SECRET }}
+
+      - name: Send Discord message
+        uses: Ilshidur/[email protected]
+        with:
+          args: 'ATTENTION - the emergency diamond pause action was just executed by ${{ github.actor }}'
+        env:
+          DISCORD_WEBHOOK: ${{ secrets.DISCORD_WEBHOOK_DEV_SMARTCONTRACTS }}

config/global.json

@@ -8,6 +8,7 @@
   "withdrawWallet": "0x08647cc950813966142A416D40C382e2c5DB73bB",
   "lifuelRebalanceWallet": "0xC71284231A726A18ac85c94D75f9fe17A185BeAF",
   "deployerWallet": "0x11F1022cA6AdEF6400e5677528a80d49a069C00c",
+  "pauserWallet": "0x29DaCdF7cCaDf4eE67c923b4C22255A4B2494eD7",
   "approvedSigsForRefundWallet": [
     {
       "sig": "0x0d19e519",

deployments/_deployments_log_file.json

@@ -762,12 +762,12 @@
       "staging": {
         "1.0.0": [
           {
-            "ADDRESS": "0x8938CEa23C3c5eAABb895765f5B0b2b07D680402",
+            "ADDRESS": "0x47a0bD7A824291040BB7bD8cdBBd7d63bA1B81C9",
             "OPTIMIZER_RUNS": "1000000",
-            "TIMESTAMP": "2023-06-27 16:56:48",
+            "TIMESTAMP": "2024-07-21 16:02:40",
             "CONSTRUCTOR_ARGS": "0x",
-            "SALT": "27062023",
-            "VERIFIED": "true"
+            "SALT": "",
+            "VERIFIED": "false"
           }
         ]
       }
@@ -20552,5 +20552,35 @@
         ]
       }
     }
+  },
+  "EmergencyPauseFacet": {
+    "polygon": {
+      "staging": {
+        "1.0.0": [
+          {
+            "ADDRESS": "0x6DCDA5EEb0eb10D61eB9AAF93C3B89704955dA42",
+            "OPTIMIZER_RUNS": "1000000",
+            "TIMESTAMP": "2024-07-21 15:50:57",
+            "CONSTRUCTOR_ARGS": "0x00000000000000000000000029dacdf7ccadf4ee67c923b4c22255a4b2494ed7",
+            "SALT": "",
+            "VERIFIED": "false"
+          }
+        ]
+      }
+    },
+    "bsc": {
+      "staging": {
+        "1.0.0": [
+          {
+            "ADDRESS": "0xf03AFcA857918BE01EBD6C6800Fc2974b8a9eBA2",
+            "OPTIMIZER_RUNS": "1000000",
+            "TIMESTAMP": "2024-07-25 15:21:33",
+            "CONSTRUCTOR_ARGS": "0x00000000000000000000000029dacdf7ccadf4ee67c923b4c22255a4b2494ed7",
+            "SALT": "",
+            "VERIFIED": "false"
+          }
+        ]
+      }
+    }
   }
 }

deployments/bsc.diamond.staging.json

@@ -1,6 +1,10 @@
 {
   "LiFiDiamond": {
     "Facets": {
+      "0xE871874D8AC30E8aCD0eC67529b4a5dDD73Bf0d6": {
+        "Name": "GenericSwapFacetV3",
+        "Version": "1.0.1"
+      },
       "0x06045F5FA6EA7c6AcEb104b55BcD6C3dE3a08831": {
         "Name": "DiamondCutFacet",
         "Version": "1.0.0"
@@ -69,13 +73,13 @@
         "Name": "GenericSwapFacet",
         "Version": "1.0.0"
       },
-      "0xA269cb81E6bBB86683558e449cb1bAFFdb155Bfc": {
+      "0x089153117bffd37CBbE0c604dAE8e493D4743fA8": {
         "Name": "",
         "Version": ""
       },
-      "0xE871874D8AC30E8aCD0eC67529b4a5dDD73Bf0d6": {
-        "Name": "GenericSwapFacetV3",
-        "Version": "1.0.1"
+      "0xf03AFcA857918BE01EBD6C6800Fc2974b8a9eBA2": {
+        "Name": "EmergencyPauseFacet",
+        "Version": "1.0.0"
       }
     },
     "Periphery": {

deployments/bsc.staging.json

@@ -27,5 +27,6 @@
   "AmarokFacetPacked": "0x7ac3EB2D191EBAb9E925CAbFD4F8155be066b3aa",
   "MayanBridgeFacet": "0x5Ba4FeD1DAd2fD057A9f687B399B8e4cF2368214",
   "MayanFacet": "0xd596C903d78870786c5DB0E448ce7F87A65A0daD",
-  "GenericSwapFacetV3": "0xE871874D8AC30E8aCD0eC67529b4a5dDD73Bf0d6"
+  "GenericSwapFacetV3": "0xE871874D8AC30E8aCD0eC67529b4a5dDD73Bf0d6",
+  "EmergencyPauseFacet": "0xf03AFcA857918BE01EBD6C6800Fc2974b8a9eBA2"
 }

deployments/polygon.diamond.staging.json

@@ -1,6 +1,10 @@
 {
   "LiFiDiamond": {
     "Facets": {
+      "0x6DCDA5EEb0eb10D61eB9AAF93C3B89704955dA42": {
+        "Name": "EmergencyPauseFacet",
+        "Version": "1.0.0"
+      },
       "0x06045F5FA6EA7c6AcEb104b55BcD6C3dE3a08831": {
         "Name": "DiamondCutFacet",
         "Version": "1.0.0"

deployments/polygon.staging.json

@@ -1,6 +1,6 @@
 {
   "DiamondCutFacet": "0x06045F5FA6EA7c6AcEb104b55BcD6C3dE3a08831",
-  "DiamondLoupeFacet": "0x8938CEa23C3c5eAABb895765f5B0b2b07D680402",
+  "DiamondLoupeFacet": "0x47a0bD7A824291040BB7bD8cdBBd7d63bA1B81C9",
   "OwnershipFacet": "0x53d4Bcd5BEa4e863376b7eA43D7465351a4d71B0",
   "DexManagerFacet": "0xB94Fd26F6b138E1bE6CfEa5Ec4F67C5573F5d6AD",
   "AccessManagerFacet": "0x1A841931913806FB7570B43bcD64A487A8E7A50c",
@@ -39,5 +39,6 @@
   "TokenWrapper": "0xfb4A1eAC23CF91043C5C8f85993ce153B863ed61",
   "GasRebateDistributor": "0x3116B8F099D7eFA6e24f39F80146Aac423365EB9",
   "GenericSwapFacetV3": "0x4b904ad5Ca7601595277575824B080e078e2E812",
-  "StargateFacetV2": "0xeb3f9490d8cbD0C34C0642a8d0495e5E0B0745AA"
+  "StargateFacetV2": "0xeb3f9490d8cbD0C34C0642a8d0495e5E0B0745AA",
+  "EmergencyPauseFacet": "0x6DCDA5EEb0eb10D61eB9AAF93C3B89704955dA42"
 }

docs/EmergencyPauseFacet.md

@@ -0,0 +1,14 @@
+# EmergencyPauseFacet
+
+## How it works
+
+The EmergencyPauseFacet is an admin-only facet. Its purpose is to provide a fast yet secure way to respond to suspicious transactions and smart contract activity by either pausing the whole diamond or by removing one specific facet. This can be done from a non-multisig account (i.e.: the 'PauserWallet') to ensure fast execution. The unpausing of the contract as well as adding any new facets is still only possible through the multisig owner wallet for added security.
+
+## Public Methods
+
+- `function removeFacet(address _facetAddress)`
+  - Removes the given facet from the diamond
+- `function pauseDiamond()`
+  - Pauses the diamond by redirecting all function selectors to EmergencyPauseFacet
+- `function unpauseDiamond(address[] calldata _blacklist)`
+  - Unpauses the diamond by reactivating all formerly registered facets except for the facets in '\_blacklist'

docs/README.md

@@ -13,7 +13,9 @@
 - [DEX Manager Facet](./DexManagerFacet.md)
 - [DiamondCut Facet](./DiamondCutFacet.md)
 - [DiamondLoupe Facet](./DiamondLoupeFacet.md)
+- [Emergency Pause Facet](./EmergencyPauseFacet.md)
 - [Generic Swap Facet](./GenericSwapFacet.md)
+- [Generic Swap FacetV3](./GenericSwapFacetV3.md)
 - [Gnosis Bridge Facet](./GnosisBridgeFacet.md)
 - [Hop Facet](./HopFacet.md)
 - [Hop Facet Packed](./HopFacetPacked.md)
@@ -30,6 +32,7 @@
 - [Squid Facet](./SquidFacet.md)
 - [Standardized Call Facet](./StandardizedCallFacet.md)
 - [Stargate Facet](./StargateFacet.md)
+- [Stargate FacetV2](./StargateFacetV2.md)
 - [Synapse Bridge Facet](./SynapseBridgeFacet.md)
 - [ThorSwap Facet](./ThorSwapFacet.md)
 - [Withdraw Facet](./WithdrawFacet.md)
@@ -54,5 +57,7 @@
 - [ERC20Proxy](./ERC20Proxy.md)
 - [Executor](./Executor.md)
 - [FeeCollector](./FeeCollector.md)
+- [LiFuelFeeCollector](./LiFuelFeeCollector.md)
 - [Receiver](./Receiver.md)
+- [ReceiverStargateV2](./ReceiverStargateV2.md)
 - [RelayerCelerIM](./RelayerCelerIM.md)

script/deploy/facets/DeployEmergencyPauseFacet.s.sol

@@ -0,0 +1,32 @@
+// SPDX-License-Identifier: UNLICENSED
+pragma solidity ^0.8.17;
+
+import { DeployScriptBase } from "./utils/DeployScriptBase.sol";
+import { stdJson } from "forge-std/Script.sol";
+import { EmergencyPauseFacet } from "lifi/Facets/EmergencyPauseFacet.sol";
+
+contract DeployScript is DeployScriptBase {
+    using stdJson for string;
+
+    constructor() DeployScriptBase("EmergencyPauseFacet") {}
+
+    function run()
+        public
+        returns (EmergencyPauseFacet deployed, bytes memory constructorArgs)
+    {
+        constructorArgs = getConstructorArgs();
+
+        deployed = EmergencyPauseFacet(
+            deploy(type(EmergencyPauseFacet).creationCode)
+        );
+    }
+
+    function getConstructorArgs() internal override returns (bytes memory) {
+        string memory path = string.concat(root, "/config/global.json");
+        string memory json = vm.readFile(path);
+
+        address pauserWallet = json.readAddress(".pauserWallet");
+
+        return abi.encode(pauserWallet);
+    }
+}

script/deploy/facets/UpdateEmergencyPauseFacet.s.sol

@@ -0,0 +1,17 @@
+// SPDX-License-Identifier: UNLICENSED
+pragma solidity ^0.8.17;
+
+import { UpdateScriptBase } from "./utils/UpdateScriptBase.sol";
+import { stdJson } from "forge-std/StdJson.sol";
+import { EmergencyPauseFacet } from "lifi/Facets/EmergencyPauseFacet.sol";
+
+contract DeployScript is UpdateScriptBase {
+    using stdJson for string;
+
+    function run()
+        public
+        returns (address[] memory facets, bytes memory cutData)
+    {
+        return update("EmergencyPauseFacet");
+    }
+}