Plugin & Delegation System
Be Careful When Delegating Actions
When you grant delegation permissions to an external address or contract, you are authorizing that entity to perform actions on your behalf within the Curvance Protocol. This permission should only be granted to thoroughly vetted and trusted entities.
Potential Risks
Financial Control: Delegates can execute operations that directly impact your assets and positions.
Denial of Service: A malicious delegate could repeatedly execute operations that delay critical actions such as asset redemption.
Unexpected Behavior: Even well-intentioned delegates might behave unexpectedly if their contracts contain bugs or vulnerabilities.
Position Manipulation: In leveraged positions, delegates can adjust your risk exposure through actions like leveraging and deleveraging.
Overview
The Curvance Plugin Architecture is a modular system that enables authorized third-party contracts or addresses to perform actions on behalf of users. This architecture enhances capital efficiency and user experience by enabling the development of automation tools, complex trading strategies, and cross-chain operations, all without requiring direct user interaction at each step.
Core Components
The Plugin Architecture is built around three primary components:
ActionRegistry: Base library that manages user configuration for delegation and transfer permissions
PluginDelegable: Abstract contract that implements delegate approval functionality
Central Registry: Core hub that inherits from ActionRegistry and serves as the source of truth
Data Flow & State Management
User Configuration State Machine
Each user has a configuration record in the ActionRegistry that tracks:
UserConfig {
uint208 lockCooldown; // Duration of transfer/delegation cooldown
uint40 transferEnabledTimestamp; // When transfers become enabled
bool transferDisabled; // Transfer lock status
uint208 approvalIndex; // Approval index for delegate revocation
uint40 delegationEnabledTimestamp; // When delegations become enabled
bool delegationDisabled; // Delegation status
}This state record facilitates two key security mechanisms:
Transfer locking: Controls whether a user's tokens can be transferred.
Delegation control: Controls whether a user can approve new delegates.
Delegation Approval System
Delegations are tracked in a nested mapping structure:
owner => approvalIndex => delegate => isApprovedThis design creates a three-dimensional relationship:
The token/rights owner.
Their current approval index (a security counter).
Each delegate address.
Whether that delegate is approved to act on behalf of the owner.
Security State Transitions
Approval Index Mechanism
The approval index serves as a master revocation system. When a user increments their approval index:
All previously approved delegates are instantly revoked..
New delegations must be established at the new index
Transfer & Delegation Cooldown
The system implements protective cooldown periods:
Disabled → Enabled: When a user re-enables transfers or delegation capability, a cooldown period applies before the action takes effect.
Cooldown Reduction: If a user decreases their cooldown period, the system automatically enforces the previous cooldown period.
This prevents attackers from social engineering users to rapidly disable protections.
Integration Points
Contracts that integrate with the Plugin Architecture:
Inherit from PluginDelegable.
Implement permission checks using _checkDelegate() for delegate-initiated operations.
Reference the Central Registry for user configuration state.
The architecture is utilized by core protocol components including token contracts (pTokens, eTokens) and position management systems, allowing for complex operations like automated liquidation protection, cross-chain rebalancing, and advanced trading strategies.
Last updated