Merge pull request #1482 from lidofinance/fix/pdg-side-activation

[VAULTS] PDG side-activation

Author: folkyatina

contracts/0.8.25/vaults/LazyOracle.sol

@@ -106,7 +106,7 @@ contract LazyOracle is ILazyOracle, AccessControlEnumerableUpgradeable {
 
     struct VaultInfo {
         address vault;
-        uint256 aggregateBalance; // includes pendingPredeposits, availableBalance and stagedBalance
+        uint256 aggregatedBalance; // includes availableBalance and stagedBalance
         int256 inOutDelta;
         bytes32 withdrawalCredentials;
         uint256 liabilityShares;
@@ -231,7 +231,7 @@ contract LazyOracle is ILazyOracle, AccessControlEnumerableUpgradeable {
             VaultHub.VaultRecord memory record = vaultHub.vaultRecord(vaultAddress);
             batch[i] = VaultInfo(
                 vaultAddress,
-                vault.availableBalance() + vault.stagedBalance() + pendingPredeposits(vault),
+                vault.availableBalance() + vault.stagedBalance(),
                 record.inOutDelta.currentValue(),
                 vault.withdrawalCredentials(),
                 record.liabilityShares,
@@ -249,6 +249,20 @@ contract LazyOracle is ILazyOracle, AccessControlEnumerableUpgradeable {
         return batch;
     }
 
+    /**
+     * @notice batch method to mass check the validator stages in PredepositGuarantee contract
+     * @param _pubkeys the array of validator's pubkeys to check
+     */
+    function batchValidatorStages(
+        bytes[] calldata _pubkeys
+    ) external view returns (IPredepositGuarantee.ValidatorStage[] memory batch) {
+        batch = new IPredepositGuarantee.ValidatorStage[](_pubkeys.length);
+
+        for (uint256 i = 0; i < _pubkeys.length; i++) {
+            batch[i] = predepositGuarantee().validatorStatus(_pubkeys[i]).stage;
+        }
+    }
+
     /// @notice update the sanity parameters
     /// @param _quarantinePeriod the quarantine period
     /// @param _maxRewardRatioBP the max EL CL rewards
@@ -562,8 +576,8 @@ contract LazyOracle is ILazyOracle, AccessControlEnumerableUpgradeable {
         }
     }
 
-    function pendingPredeposits(IStakingVault _vault) internal view returns (uint256) {
-        return IPredepositGuarantee(LIDO_LOCATOR.predepositGuarantee()).pendingPredeposits(_vault);
+    function predepositGuarantee() internal view returns (IPredepositGuarantee) {
+        return IPredepositGuarantee(LIDO_LOCATOR.predepositGuarantee());
     }
 
     function _vaultHub() internal view returns (VaultHub) {

contracts/0.8.25/vaults/VaultHub.sol

@@ -353,9 +353,8 @@ contract VaultHub is PausableUntilWithRoles {
         if (vault_.pendingOwner() != address(this)) revert VaultHubNotPendingOwner(_vault);
         if (IPinnedBeaconProxy(address(vault_)).isOssified()) revert VaultOssified(_vault);
         if (vault_.depositor() != address(_predepositGuarantee())) revert PDGNotDepositor(_vault);
-        // for each pending predeposit, vault should have an activation amount staged in StakingVault
-        // 1 predeposit is 1 ether and activation amount is 31 ether
-        if (vault_.stagedBalance() != 31 * _predepositGuarantee().pendingPredeposits(vault_)) {
+        // we need vault to match staged balance with pendingActivations
+        if (vault_.stagedBalance() != _predepositGuarantee().pendingActivations(vault_) * 31 ether) {
             revert InsufficientStagedBalance(_vault);
         }
 

contracts/0.8.25/vaults/interfaces/IPredepositGuarantee.sol

@@ -13,6 +13,33 @@ import {IStakingVault} from "./IStakingVault.sol";
  * @notice Interface for the `PredepositGuarantee` contract
  */
 interface IPredepositGuarantee {
+    /**
+     * @notice represents validator stages in PDG flow
+     * @param NONE - initial stage
+     * @param PREDEPOSITED - PREDEPOSIT_AMOUNT is deposited to this validator by the vault
+     * @param PROVEN - validator is proven to be valid and can be used to deposit to beacon chain
+     * @param ACTIVATED - validator is proven and the ACTIVATION_DEPOSIT_AMOUNT is deposited to this validator
+     * @param COMPENSATED - disproven validator has its PREDEPOSIT_AMOUNT ether compensated to staking vault owner and validator cannot be used in PDG anymore
+     */
+    enum ValidatorStage {
+        NONE,
+        PREDEPOSITED,
+        PROVEN,
+        ACTIVATED,
+        COMPENSATED
+    }
+    /**
+     * @notice represents status of the validator in PDG
+     * @param stage represents validator stage in PDG flow
+     * @param stakingVault pins validator to specific StakingVault
+     * @param nodeOperator pins validator to specific NO
+     */
+    struct ValidatorStatus {
+        ValidatorStage stage;
+        IStakingVault stakingVault;
+        address nodeOperator;
+    }
+
     /**
      * @notice user input for validator proof verification
      * @custom:proof array of merkle proofs from parent(pubkey,wc) node to Beacon block root
@@ -31,6 +58,7 @@ interface IPredepositGuarantee {
         uint64 proposerIndex;
     }
 
-    function pendingPredeposits(IStakingVault _vault) external view returns (uint256);
+    function pendingActivations(IStakingVault _vault) external view returns (uint256);
+    function validatorStatus(bytes calldata _pubkey) external view returns (ValidatorStatus memory);
     function proveUnknownValidator(ValidatorWitness calldata _witness, IStakingVault _stakingVault) external;
 }

contracts/0.8.25/vaults/predeposit_guarantee/PredepositGuarantee.sol

@@ -60,23 +60,7 @@ contract PredepositGuarantee is IPredepositGuarantee, CLProofVerifier, PausableU
         mapping(address guarantor => uint256 claimableEther) guarantorClaimableEther;
         mapping(bytes validatorPubkey => ValidatorStatus validatorStatus) validatorStatus;
         mapping(address nodeOperator => address depositor) nodeOperatorDepositor;
-        mapping(address stakingVault => uint256 balance) pendingPredeposits;
-    }
-
-    /**
-     * @notice represents validator stages in PDG flow
-     * @param NONE - initial stage
-     * @param PREDEPOSITED - PREDEPOSIT_AMOUNT is deposited to this validator by the vault
-     * @param PROVEN - validator is proven to be valid and can be used to deposit to beacon chain
-     * @param ACTIVATED - validator is proven and the ACTIVATION_DEPOSIT_AMOUNT is deposited to this validator
-     * @param COMPENSATED - disproven validator has its PREDEPOSIT_AMOUNT ether compensated to staking vault owner and validator cannot be used in PDG anymore
-     */
-    enum ValidatorStage {
-        NONE,
-        PREDEPOSITED,
-        PROVEN,
-        ACTIVATED,
-        COMPENSATED
+        mapping(address stakingVault => uint256 number) pendingActivations;
     }
 
     /**
@@ -90,18 +74,6 @@ contract PredepositGuarantee is IPredepositGuarantee, CLProofVerifier, PausableU
         uint128 locked;
     }
 
-    /**
-     * @notice represents status of the validator in PDG
-     * @param stage represents validator stage in PDG flow
-     * @param stakingVault pins validator to specific StakingVault
-     * @param nodeOperator pins validator to specific NO
-     */
-    struct ValidatorStatus {
-        ValidatorStage stage;
-        IStakingVault stakingVault;
-        address nodeOperator;
-    }
-
     /**
      * @notice encodes parameters for method "topUpExistingValidators"
      * @param pubkey public key of the validator to top up. It should have the PROVEN status
@@ -220,17 +192,19 @@ contract PredepositGuarantee is IPredepositGuarantee, CLProofVerifier, PausableU
      * @param _validatorPubkey to check status for
      * @return struct of ValidatorStatus
      */
-    function validatorStatus(bytes calldata _validatorPubkey) external view returns (ValidatorStatus memory) {
+    function validatorStatus(
+        bytes calldata _validatorPubkey
+    ) external view override returns (ValidatorStatus memory) {
         return _storage().validatorStatus[_validatorPubkey];
     }
 
     /**
-     * @notice returns the current amount of ether that is predeposited to a given vault
+     * @notice returns the number of validators in PREDEPOSITED and PROVEN states but not ACTIVATED yet
      * @param _vault staking vault address
-     * @return amount of ether in wei
+     * @return the number of validators yet-to-be-activated
      */
-    function pendingPredeposits(IStakingVault _vault) external view returns (uint256) {
-        return _storage().pendingPredeposits[address(_vault)];
+    function pendingActivations(IStakingVault _vault) external view returns (uint256) {
+        return _storage().pendingActivations[address(_vault)];
     }
 
     /**
@@ -415,7 +389,7 @@ contract PredepositGuarantee is IPredepositGuarantee, CLProofVerifier, PausableU
         balance.locked += uint128(totalDepositAmount);
         emit BalanceLocked(nodeOperator, balance.total, balance.locked);
 
-        $.pendingPredeposits[address(_stakingVault)] += _deposits.length * PREDEPOSIT_AMOUNT;
+        $.pendingActivations[address(_stakingVault)] += _deposits.length;
 
         mapping(bytes validatorPubkey => ValidatorStatus) storage validatorByPubkey = _storage().validatorStatus;
 
@@ -446,12 +420,13 @@ contract PredepositGuarantee is IPredepositGuarantee, CLProofVerifier, PausableU
     }
 
     /**
-     * @notice permissionless method to prove correct Withdrawal Credentials for the validator
+     * @notice permissionless method to prove correct Withdrawal Credentials and activate validator if possible
      * @param _witness object containing validator pubkey, Merkle proof and timestamp for Beacon Block root child block
      * @dev will revert if proof is invalid or misformed or validator is not predeposited
-     * @dev transition PREDEPOSITED => PROVEN
+     * @dev transition PREDEPOSITED => PROVEN [=> ACTIVATED]
+     * @dev if activation is impossible, it can be done later by calling activateValidator() explicitly
      */
-    function proveWC(ValidatorWitness calldata _witness) external whenResumed {
+    function proveWCAndActivate(ValidatorWitness calldata _witness) external whenResumed {
         ValidatorStatus storage validator = _storage().validatorStatus[_witness.pubkey];
 
         if (validator.stage != ValidatorStage.PREDEPOSITED) {
@@ -460,9 +435,19 @@ contract PredepositGuarantee is IPredepositGuarantee, CLProofVerifier, PausableU
 
         IStakingVault stakingVault = validator.stakingVault;
         bytes32 withdrawalCredentials = _checkVaultWC(stakingVault);
+        address nodeOperator = validator.nodeOperator;
 
-        validator.stage = ValidatorStage.PROVEN;
-        _proveWC(_witness, stakingVault, withdrawalCredentials, validator.nodeOperator);
+        _proveWC(_witness, stakingVault, withdrawalCredentials, nodeOperator);
+
+        // activate validator if possible
+        if (stakingVault.depositor() == address(this) && stakingVault.stagedBalance() >= ACTIVATION_DEPOSIT_AMOUNT) {
+            _activateAndTopUpValidator(stakingVault, _witness.pubkey, 0, new bytes(96), withdrawalCredentials, nodeOperator);
+            validator.stage = ValidatorStage.ACTIVATED;
+        } else {
+            // only if validator is disconnected
+            // because on connection we check depositor and staged balance
+            validator.stage = ValidatorStage.PROVEN;
+        }
     }
 
     /**
@@ -576,7 +561,7 @@ contract PredepositGuarantee is IPredepositGuarantee, CLProofVerifier, PausableU
         NodeOperatorBalance storage balance = $.nodeOperatorBalance[nodeOperator];
         balance.total -= PREDEPOSIT_AMOUNT;
         balance.locked -= PREDEPOSIT_AMOUNT;
-        $.pendingPredeposits[address(stakingVault)] -= PREDEPOSIT_AMOUNT;
+        $.pendingActivations[address(stakingVault)] -= 1;
 
         // unlocking the staged amount if possible as we are not activating this validator
         if (stakingVault.depositor() == address(this) && stakingVault.stagedBalance() >= ACTIVATION_DEPOSIT_AMOUNT) {
@@ -706,7 +691,6 @@ contract PredepositGuarantee is IPredepositGuarantee, CLProofVerifier, PausableU
 
         NodeOperatorBalance storage balance = _storage().nodeOperatorBalance[_nodeOperator];
         balance.locked -= PREDEPOSIT_AMOUNT;
-        _storage().pendingPredeposits[address(_vault)] -= PREDEPOSIT_AMOUNT;
 
         emit BalanceUnlocked(_nodeOperator, balance.total, balance.locked);
         emit ValidatorProven(_witness.pubkey, _nodeOperator, address(_vault), _withdrawalCredentials);
@@ -720,6 +704,7 @@ contract PredepositGuarantee is IPredepositGuarantee, CLProofVerifier, PausableU
         bytes32 _withdrawalCredentials,
         address _nodeOperator
     ) internal {
+        _storage().pendingActivations[address(_stakingVault)] -= 1;
         uint256 depositAmount = ACTIVATION_DEPOSIT_AMOUNT + _additionalAmount;
 
         IStakingVault.Deposit memory deposit = IStakingVault.Deposit({

test/0.8.25/vaults/lazyOracle/contracts/PredepositGuarantee__MockForLazyOracle.sol

@@ -7,7 +7,9 @@ import {IPredepositGuarantee} from "contracts/0.8.25/vaults/interfaces/IPredepos
 import {IStakingVault} from "contracts/0.8.25/vaults/interfaces/IStakingVault.sol";
 
 contract PredepositGuarantee__MockForLazyOracle is IPredepositGuarantee {
-    function pendingPredeposits(IStakingVault _vault) external view override returns (uint256) {}
+    function pendingActivations(IStakingVault _vault) external view override returns (uint256) {}
 
     function proveUnknownValidator(ValidatorWitness calldata _witness, IStakingVault _stakingVault) external override {}
+
+    function validatorStatus(bytes calldata _pubkey) external view override returns (ValidatorStatus memory) {}
 }

test/0.8.25/vaults/lazyOracle/lazyOracle.test.ts

@@ -171,7 +171,7 @@ describe("LazyOracle.sol", () => {
 
       const vaultInfo = vaults[0];
       expect(vaultInfo.vault).to.equal(vault1);
-      expect(vaultInfo.aggregateBalance).to.equal(0n);
+      expect(vaultInfo.aggregatedBalance).to.equal(0n);
       expect(vaultInfo.inOutDelta).to.equal(5n);
       expect(vaultInfo.withdrawalCredentials).to.equal(ZERO_BYTES32);
       expect(vaultInfo.liabilityShares).to.equal(4n);

test/0.8.25/vaults/predepositGuarantee/predepositGuarantee.test.ts

@@ -851,27 +851,29 @@ describe("PredepositGuarantee.sol", () => {
         };
 
         // stage NONE
-        await expect(pdg.proveWC(witness))
+        await expect(pdg.proveWCAndActivate(witness))
           .to.be.revertedWithCustomError(pdg, "ValidatorNotPreDeposited")
           .withArgs(validator.container.pubkey, 0n);
 
         // stage PREDEPOSITED
         const { deposit, depositY } = await generatePredeposit(validator);
         await pdg.predeposit(stakingVault, [deposit], [depositY]);
 
-        const proveTx = await pdg.proveWC(witness);
+        const proveTx = await pdg.proveWCAndActivate(witness);
         await expect(proveTx)
           .to.emit(pdg, "BalanceUnlocked")
           .withArgs(vaultOperator.address, balance, 0)
           .to.emit(pdg, "ValidatorProven")
+          .withArgs(validator.container.pubkey, vaultOperator.address, await stakingVault.getAddress(), wc)
+          .to.emit(pdg, "ValidatorActivated")
           .withArgs(validator.container.pubkey, vaultOperator.address, await stakingVault.getAddress(), wc);
 
-        expect((await pdg.validatorStatus(validator.container.pubkey)).stage).to.equal(2n);
+        expect((await pdg.validatorStatus(validator.container.pubkey)).stage).to.equal(3n); // 3n is ACTIVATED
 
-        // stage PROVEN
-        await expect(pdg.proveWC(witness))
+        // stage ACTIVATED
+        await expect(pdg.proveWCAndActivate(witness))
           .to.be.revertedWithCustomError(pdg, "ValidatorNotPreDeposited")
-          .withArgs(validator.container.pubkey, 2n);
+          .withArgs(validator.container.pubkey, 3n); // 3n is ACTIVATED
       });
 
       it("allows NO to proveValidatorWC", async () => {
@@ -918,16 +920,18 @@ describe("PredepositGuarantee.sol", () => {
           proposerIndex: beaconBlockHeader.proposerIndex,
         };
 
-        const proveValidatorWCTX = pdg.connect(vaultOwner).proveWC(witness);
+        const proveValidatorWCTX = pdg.connect(vaultOwner).proveWCAndActivate(witness);
 
         await expect(proveValidatorWCTX)
           .to.emit(pdg, "BalanceUnlocked")
           .withArgs(vaultOperator, ether("1"), ether("0"))
           .to.emit(pdg, "ValidatorProven")
+          .withArgs(validator.container.pubkey, vaultOperator, stakingVault, vaultWC)
+          .to.emit(pdg, "ValidatorActivated")
           .withArgs(validator.container.pubkey, vaultOperator, stakingVault, vaultWC);
 
         const validatorStatus = await pdg.validatorStatus(validator.container.pubkey);
-        expect(validatorStatus.stage).to.equal(2n);
+        expect(validatorStatus.stage).to.equal(3n); // 3n is ACTIVATED
         expect(validatorStatus.stakingVault).to.equal(stakingVault);
         expect(validatorStatus.nodeOperator).to.equal(vaultOperator);
       });
@@ -1017,35 +1021,32 @@ describe("PredepositGuarantee.sol", () => {
         const sameNoProof = [...sameNoValidatorProof.proof, ...sameNoStateProof, ...beaconProof];
 
         // prove
-        await pdg.proveWC({
+        await pdg.proveWCAndActivate({
           proof: mainProof,
           pubkey: mainValidator.container.pubkey,
           validatorIndex: mainValidatorIndex,
           childBlockTimestamp: childBlockTimestamp,
           slot: beaconHeader.slot,
           proposerIndex: beaconHeader.proposerIndex,
         });
-        await pdg.activateValidator(mainValidator.container.pubkey);
 
-        await pdg.proveWC({
+        await pdg.proveWCAndActivate({
           proof: sideProof,
           pubkey: sideValidator.container.pubkey,
           validatorIndex: sideValidatorIndex,
           childBlockTimestamp: childBlockTimestamp,
           slot: beaconHeader.slot,
           proposerIndex: beaconHeader.proposerIndex,
         });
-        await pdg.activateValidator(sideValidator.container.pubkey);
 
-        await pdg.proveWC({
+        await pdg.proveWCAndActivate({
           proof: sameNoProof,
           pubkey: sameNOValidator.container.pubkey,
           validatorIndex: sameNoValidatorIndex,
           childBlockTimestamp: childBlockTimestamp,
           slot: beaconHeader.slot,
           proposerIndex: beaconHeader.proposerIndex,
         });
-        await pdg.activateValidator(sameNOValidator.container.pubkey);
 
         expect((await pdg.validatorStatus(mainValidator.container.pubkey)).stage).to.equal(3n); // 3n is ACTIVATED
         expect((await pdg.validatorStatus(sideValidator.container.pubkey)).stage).to.equal(3n); // 3n is ACTIVATED
@@ -1233,10 +1234,10 @@ describe("PredepositGuarantee.sol", () => {
         ).to.revertedWithCustomError(pdg, "WithdrawalCredentialsMatch");
 
         // proving
-        await pdg.proveWC(validNotPredepostedValidatorWitness);
+        await pdg.proveWCAndActivate(validNotPredepostedValidatorWitness);
         await expect(pdg.connect(vaultOperator).proveInvalidValidatorWC(validNotPredepostedValidatorWitness, validWC))
           .to.revertedWithCustomError(pdg, "ValidatorNotPreDeposited")
-          .withArgs(validNotPredepostedValidator.container.pubkey, 2n);
+          .withArgs(validNotPredepostedValidator.container.pubkey, 3n); // 3n is ACTIVATED
       });
 
       it("reverts when trying to prove valid validator", async () => {
@@ -1413,7 +1414,7 @@ describe("PredepositGuarantee.sol", () => {
       };
 
       await expect(pdg.predeposit(stakingVault, [], [])).to.revertedWithCustomError(pdg, "ResumedExpected");
-      await expect(pdg.proveWC(witness)).to.revertedWithCustomError(pdg, "ResumedExpected");
+      await expect(pdg.proveWCAndActivate(witness)).to.revertedWithCustomError(pdg, "ResumedExpected");
       await expect(pdg.activateValidator(witness.pubkey)).to.revertedWithCustomError(pdg, "ResumedExpected");
       await expect(pdg.topUpExistingValidators([])).to.revertedWithCustomError(pdg, "ResumedExpected");
       await expect(pdg.proveWCActivateAndTopUpValidators([], [])).to.revertedWithCustomError(pdg, "ResumedExpected");