Conversation
Closes #132. Evaluates OUSD for Yearn strategy deposit. Key finding: AMO can mint without direct backing but constrained by 99.8% solvency check. Same governance as Origin ARM (xOGN + 48h timelock). Low Risk tier. Co-Authored-By: Claude Opus 4.6 (1M context) <noreply@anthropic.com>
|
The latest updates on your projects. Learn more about Vercel for GitHub.
|
spalen0
commented
Apr 22, 2026
Collaborator
Author
spalen0
left a comment
spalen0
left a comment
There was a problem hiding this comment.
Leaving the contract-level review notes here since GitHub won't let the PR author request changes on their own pull request. The main issues are the stale redemption description and the understated strategist powers; details are inline.
spalen0
changed the title
- Correct redemption model: async requestWithdrawal/claimWithdrawal with 10-min minimum delay and no on-chain upper bound (was incorrectly described as redeem() with up to 24h) - Expand strategist (2-of-8) untimelocked powers: setVaultBuffer, setDefaultStrategy, setRebaseRateMax, setDripDuration, withdrawAllFromStrategies, plus OUSD token delegateYield / undelegateYield which can redirect any account's rebase yield - Fix monitoring: totalSupply() is on the OUSD token, totalValue() on the vault - Bump Programmability subscore 2.0 -> 2.5; Centralization 1.83 -> 2.0; Final Score 1.85 -> 1.90 (still Low Risk tier) Co-Authored-By: Claude Opus 4.7 <noreply@anthropic.com>
Aligns Category 4 bullet with the rest of the report (Accessibility, Liquidity Risk, Data flows) which already describe the async withdrawal queue with a 10-minute minimum and no on-chain upper bound. Co-Authored-By: Claude Opus 4.7 <noreply@anthropic.com>
spalen0
commented
Apr 28, 2026
Collaborator
Author
spalen0
left a comment
spalen0
left a comment
There was a problem hiding this comment.
On-chain spot check completed against the current PR head. Main findings are inline: stale TVL/allocation, overstated Curve exit liquidity, queue-reserved accounting nuance, and one stale Safe signer entry.
Addresses spalen0 review comments on PR #136: - TVL/allocation refreshed at block 24978666: vault.totalValue() ~$5.66M (was ~$7.6M), Morpho ~63% (was ~45%), Curve AMO ~17% (was ~43%), Cross-chain ~20% combined (was ~12%); cross-chain percentages updated in Overview, Allocation table, Collateralization, Provability, Liquidity, External Dependencies, Risk Summary, score subcategories, and the architecture diagram. - Provability/Monitoring now note that totalValue() and checkBalance() already net out the withdrawal-queue reserve (queued - claimed); the vault's raw USDC balance must be read separately from withdrawalQueueMetadata() to reconstruct components. Effective idle vault USDC at snapshot is ~734 (~17,938 raw - ~17,204 reserved). - Curve OUSD/USDC pool TVL corrected from ~$3.4M to ~$1.05M (~588K OUSD + ~465K USDC); liquidity narrative now reflects that the USDC side caps instant DEX-exit capacity. get_dy values cited. - GOV multisig 8th signer updated from 0xa96bD9c5 to 0x9990C10c per current Safe getOwners() result; threshold remains 5-of-8. - Morpho concentration (~63% in a single MetaMorpho vault) added to Risk Summary and elevated to a Critical external dependency. Co-Authored-By: Claude Opus 4.7 <noreply@anthropic.com>
Snapshot moved from block 24978666 to 25074136. Material shifts: - vault.totalValue() $5.66M -> $5.47M (down ~3.4%) - Morpho ~63% -> ~55% (~$3.00M; strategy balance dropped ~$560K) - HyperEVM ~10% -> ~17% (~$914K; +69% growth) - Cross-chain combined ~20% -> ~28% - Curve pool TVL ~$1.05M -> ~$956K; USDC side ~$465K -> ~$328K (-30%) - get_dy 100k OUSD ~99,903 USDC; 300k OUSD ~297,718 USDC - Effective idle vault USDC ~734 -> ~0 (all ~17,204 raw fully reserved against pending withdrawal queue claims) - Queue index 45 -> 52 (7 new requests; queue caught up) - GOV multisig signers and threshold unchanged Updated: Overview, TVL history, Strategy Allocation table, Accessibility (DEX), Collateralization, Provability, Liquidity Risk, External Dependencies, GOV signer block reference, Risk Summary, Risk Score subcategories, and the architecture diagram. Co-Authored-By: Claude Opus 4.7 <noreply@anthropic.com>
This file contains hidden or bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
Sign up for free
to join this conversation on GitHub.
Already have an account?
Sign in to comment
1 participant
Add this suggestion to a batch that can be applied as a single commit.This suggestion is invalid because no changes were made to the code.Suggestions cannot be applied while the pull request is closed.Suggestions cannot be applied while viewing a subset of changes.Only one suggestion per line can be applied in a batch.Add this suggestion to a batch that can be applied as a single commit.Applying suggestions on deleted lines is not supported.You must change the existing code in this line in order to create a valid suggestion.Outdated suggestions cannot be applied.This suggestion has been applied or marked resolved.Suggestions cannot be applied from pending reviews.Suggestions cannot be applied on multi-line comments.Suggestions cannot be applied while the pull request is queued to merge.Suggestion cannot be applied right now. Please check back later.
Summary
Key Findings
mintForStrategy()can mint OUSD without direct backing, but constrained by 99.8% solvency check, pool balance improvement modifier, and governance-controlled whitelist. Historical vault-level cap deprecated.setVaultBuffer,setDripDuration,setRebaseRateMax,setDefaultStrategy), pause controls, and OUSD tokendelegateYield/undelegateYield(can redirect any account's rebase yield)requestWithdrawal/claimWithdrawalwith 10-min minimum delay (withdrawalClaimDelay= 600s) and no on-chain upper boundTest plan
0xa7b7...dcc33, Vault:0xe3a9...4578e); multisig thresholds match (Strategist 2-of-8, GOV 5-of-8, Trustee 1-of-3)SOLVENCY_THRESHOLD= 9.98e17 (99.8%) verified; only Curve AMO0x26a0...Ce11is mint-whitelisted; Morpho V2 not whitelisted;netOusdMintForStrategyThreshold()reverts (confirms deprecated)totalSupplyon token vstotalValueon vault, rescored Programmability 2.0→2.5Closes #132
🤖 Generated with Claude Code