# Plugin & Delegation System {% hint style="danger" %} **Be Careful When Delegating Actions** When you grant delegation permissions to an external address or contract, you are authorizing that entity to perform actions on your behalf within the Curvance Protocol. This permission should only be granted to thoroughly vetted and trusted entities. **Potential Risks** * **Financial Control:** Delegates can execute operations that directly impact your assets and positions. * **Denial of Service**: A malicious delegate could repeatedly execute operations that delay critical actions such as asset redemption. * **Unexpected Behavior:** Even well-intentioned delegates might behave unexpectedly if their contracts contain bugs or vulnerabilities. * **Position Manipulation:** In leveraged positions, delegates can adjust your risk exposure through actions like leveraging and deleveraging. {% endhint %} ## Overview The Curvance Plugin Architecture is a modular system that enables authorized third-party contracts or addresses to perform actions on behalf of users. This architecture enhances capital efficiency and user experience by enabling the development of automation tools, complex trading strategies, and cross-chain operations, all without requiring direct user interaction at each step. ### Core Components The Plugin Architecture is built around three primary components: 1. **ActionRegistry:** Base library that manages user configuration for delegation and transfer permissions. 2. **PluginDelegable:** Abstract contract that implements delegate approval functionality. 3. **Central Registry:** Core hub that inherits from ActionRegistry and serves as the source of truth. ### Data Flow & State Management #### User Configuration State Machine Each user has a configuration record in the ActionRegistry that tracks: ```solidity UserConfig { uint208 lockCooldown; // Duration of transfer/delegation cooldown uint40 transferEnabledTimestamp; // When transfers become enabled bool transferDisabled; // Transfer lock status uint208 approvalIndex; // Approval index for delegate revocation uint40 delegationEnabledTimestamp; // When delegations become enabled bool delegationDisabled; // Delegation status } ``` This state record facilitates two key security mechanisms: 1. **Transfer locking:** Controls whether a user's tokens can be transferred. 2. **Delegation control:** Controls whether a user can approve new delegates. #### Delegation Approval System Delegations are tracked in a nested mapping structure: ``` owner => approvalIndex => delegate => isApproved ``` This design creates a three-dimensional relationship: * The token/rights **owner.** * Their current **approval index** (a security counter). * Each **delegate** address. * Whether that delegate **is approved** to act on behalf of the owner. #### Security State Transitions **Approval Index Mechanism** The approval index serves as a master revocation system. When a user increments their approval index: 1. All previously approved delegates are instantly revoked.. 2. New delegations must be established at the new index **Transfer & Delegation Cooldown** The system implements protective cooldown periods: 1. **Disabled** → **Enabled**: When a user re-enables transfers or delegation capability, a cooldown period applies before the action takes effect. 2. **Cooldown Reduction**: If a user decreases their cooldown period, the system automatically enforces the previous cooldown period. This prevents attackers from social engineering users to rapidly disable protections. ### Integration Points Contracts that integrate with the Plugin Architecture: 1. Inherit from **PluginDelegable.** 2. Implement permission checks using **\_checkDelegate()** for delegate-initiated operations. 3. Reference the Central Registry for user configuration state. The architecture is utilized by core protocol components including cToken contracts and position management systems, allowing for complex operations like automated liquidation protection, cross-chain rebalancing, and advanced trading strategies. ***