Plugin & Delegation System

Overview

The Curvance Plugin Architecture is a modular system that enables authorized third-party contracts or addresses to perform actions on behalf of users. This architecture enhances capital efficiency and user experience by enabling the development of automation tools, complex trading strategies, and cross-chain operations, all without requiring direct user interaction at each step.

Core Components

The Plugin Architecture is built around three primary components:

  1. ActionRegistry: Base library that manages user configuration for delegation and transfer permissions

  2. PluginDelegable: Abstract contract that implements delegate approval functionality

  3. Central Registry: Core hub that inherits from ActionRegistry and serves as the source of truth

Data Flow & State Management

User Configuration State Machine

Each user has a configuration record in the ActionRegistry that tracks:

UserConfig {
    uint208 lockCooldown;               // Duration of transfer/delegation cooldown
    uint40 transferEnabledTimestamp;    // When transfers become enabled
    bool transferDisabled;              // Transfer lock status
    uint208 approvalIndex;              // Approval index for delegate revocation
    uint40 delegationEnabledTimestamp;  // When delegations become enabled  
    bool delegationDisabled;            // Delegation status
}

This state record facilitates two key security mechanisms:

  1. Transfer locking: Controls whether a user's tokens can be transferred.

  2. Delegation control: Controls whether a user can approve new delegates.

Delegation Approval System

Delegations are tracked in a nested mapping structure:

owner => approvalIndex => delegate => isApproved

This design creates a three-dimensional relationship:

  • The token/rights owner.

  • Their current approval index (a security counter).

  • Each delegate address.

  • Whether that delegate is approved to act on behalf of the owner.

Security State Transitions

Approval Index Mechanism

The approval index serves as a master revocation system. When a user increments their approval index:

  1. All previously approved delegates are instantly revoked..

  2. New delegations must be established at the new index

Transfer & Delegation Cooldown

The system implements protective cooldown periods:

  1. DisabledEnabled: When a user re-enables transfers or delegation capability, a cooldown period applies before the action takes effect.

  2. Cooldown Reduction: If a user decreases their cooldown period, the system automatically enforces the previous cooldown period.

This prevents attackers from social engineering users to rapidly disable protections.

Integration Points

Contracts that integrate with the Plugin Architecture:

  1. Inherit from PluginDelegable.

  2. Implement permission checks using _checkDelegate() for delegate-initiated operations.

  3. Reference the Central Registry for user configuration state.

The architecture is utilized by core protocol components including token contracts (pTokens, eTokens) and position management systems, allowing for complex operations like automated liquidation protection, cross-chain rebalancing, and advanced trading strategies.


Last updated