VaultProxystate. E.g., in this release, no
VaultProxystate-changing actions are allowed by the
FeeManagerare allowed limited sets of actions.
VaultProxymust both originate from and return through the same
ComptrollerProxyof the corresponding fund, guaranteeing that extensions can only act upon a particular
VaultProxywhen called by the fund itself.
IntegrationManagerand an adapter
IntegrationManageris an extension that defines rules for how "adapters" (its plugins) can use a fund's assets in interactions with external DeFi protocols. The
IntegrationManageritself has access to state-changing functions on the
VaultProxyrelated to spending and accounting for asset holdings. It provisions these holdings to its adapters as instructed by the user input in
callOnIntegration(). The rough pathway is as follows:
ComptrollerProxy.callOnExtension()with instructions to use AdapterA, SelectorB, and CalldataC
IntegrationManagercalls to AdapterA and asks for the assets and max amounts to be spent and the assets and min amounts to be received in the tx, along with how the assets to be spent should be provisioned to the adapter (e.g. approval or transferal)
IntegrationManagerprovisions the spend assets to the adapter as instructed
IntegrationManagerthen runs validation on the amounts spent and received, and provides all final incoming and outgoing asset balances to the
PolicyManagerfor further validation
IntegrationManager) is responsible for parsing the assets to be spent and received from the user-input calldata, which has the potential for malicious abuse.