an adapter contract to support withdrawal from weETH #287
Conversation
seongyun-ko
changed the title
![cursor[bot]](https://avatars.githubusercontent.com/in/1210556?s=60&v=4){kind=small}
This comment was marked as outdated.
This comment was marked as outdated.
Sorry, something went wrong.
seongyun-ko
force-pushed
the
syko/feature/weETH-withdraw-adapter
branch
from
63ee206 to
5bb5607
Compare
|
|
||
| // Call the regular requestWithdraw function | ||
| return requestWithdraw(weETHAmount, recipient); | ||
| } |
There was a problem hiding this comment.
Bug: Mismatch Between Permit Value and Transfer Amount
In requestWithdrawWithPermit, the weETH.permit call approves permit.value tokens, but the subsequent safeTransferFrom in requestWithdraw attempts to transfer weETHAmount. If permit.value is less than weETHAmount, the transfer will revert due to insufficient allowance. If permit.value is greater, the user approves more tokens than necessary.
| string memory hour = pad(vm.toString((ts % 86400) / 3600)); | ||
| string memory minute = pad(vm.toString((ts % 3600) / 60)); | ||
| string memory second = pad(vm.toString(ts % 60)); | ||
| return string.concat(year, "-", month, "-", day, "-", hour, "-", minute, "-", second); |
There was a problem hiding this comment.
Bug: Timestamp Calculation Errors in Deployment Logs
The getTimestampString function calculates deployment log timestamps. It incorrectly assumes fixed durations for months (30 days) and years (365 days, ignoring leap years), leading to mathematically inaccurate month and day values in the generated filenames.
Sherlock AI FindingsThe automated tool completed its analysis of the codebase and found no potential security issues. Next Steps: No immediate actions are required. Continue monitoring the codebase with future scans. Full report available at: https://ai.sherlock.xyz/runs/25345e33-4c0b-445d-9de3-7c6a3f866296 |
2 participants
Note
Introduce a UUPS-upgradeable WeETHWithdrawAdapter enabling withdrawals via weETH (with permit), plus Create2-based deployment and logged artifacts for implementation and proxy.
src/helpers/WeETHWithdrawAdapter.sol: New UUPS-upgradeable adapter to request withdrawals usingweETH.weETH→eETH, approvesLiquidityPool, and callsrequestWithdraw.requestWithdrawWithPermit, role-gated pause/unpause, upgrade auth viaRoleRegistry, and basic getters.src/interfaces/IWeETHWithdrawAdapter.sol: New interface incl.PermitInput,requestWithdraw,requestWithdrawWithPermit, andgetEETHByWeETH.script/DeployWeETHWithdrawAdapter.s.sol: Create2 deterministic deployment of implementation andUUPSProxy, initializes owner to timelock, verifies and saves logs.WeETHWithdrawAdapterandWeETHWithdrawAdapter_Proxywith factory, salt, constructor args, and deployed addresses.Written by Cursor Bugbot for commit f9f7b15. This will update automatically on new commits. Configure here.