feat: stable rate bug bounty (#206)

* feat: stable rate bug bounty

* fix: update aave token amount

* Added README content

* Fixed AAVE amount

---------

Co-authored-by: eboado <[email protected]>

diffs/AaveV3Ethereum_StableRateBugBounty_20240207_before_AaveV3Ethereum_StableRateBugBounty_20240207_after.md

@@ -0,0 +1,5 @@
+## Raw diff
+
+```json
+{}
+```

src/20240207_AaveV3Ethereum_StableRateBugBounty/AaveV3Ethereum_StableRateBugBounty_20240207.sol

@@ -0,0 +1,42 @@
+// SPDX-License-Identifier: MIT
+pragma solidity ^0.8.0;
+
+import {IProposalGenericExecutor} from 'aave-helpers/interfaces/IProposalGenericExecutor.sol';
+import {AaveV3Ethereum, AaveV3EthereumAssets} from 'aave-address-book/AaveV3Ethereum.sol';
+import {AaveV2EthereumAssets} from 'aave-address-book/AaveV2Ethereum.sol';
+import {MiscEthereum} from 'aave-address-book/MiscEthereum.sol';
+
+/**
+ * @title Stable Rate Bug Bounty
+ * @author BGD Labs @bgdlabs
+ * - Discussion: https://governance.aave.com/t/bgd-full-deprecation-of-stable-rate/16473
+ */
+contract AaveV3Ethereum_StableRateBugBounty_20240207 is IProposalGenericExecutor {
+  address public constant WHITEHAT_RECIPIENT = 0x501eE2A368f1E58C736dd7cE3b494B33c3158c68;
+  address public constant IMMUNEFI_RECIPIENT = 0x2BC5fFc5De1a83a9e4cDDfA138bAEd516D70414b;
+
+  // Considering the 30 day avg price of 1 AAVE: $89.56 recommended by financial SPs
+  // https://governance.aave.com/t/bgd-full-deprecation-of-stable-rate/16473/8
+  uint256 public constant AAVE_WHITEHAT_AMOUNT = 5_583 ether;
+  uint256 public constant USDT_WHITEHAT_AMOUNT = 500_000e6;
+  uint256 public constant USDT_IMMUNEFI_AMOUNT = 100_000e6;
+
+  function execute() external {
+    MiscEthereum.AAVE_ECOSYSTEM_RESERVE_CONTROLLER.transfer(
+      MiscEthereum.ECOSYSTEM_RESERVE,
+      AaveV3EthereumAssets.AAVE_UNDERLYING,
+      WHITEHAT_RECIPIENT,
+      AAVE_WHITEHAT_AMOUNT
+    );
+    AaveV3Ethereum.COLLECTOR.transfer(
+      AaveV2EthereumAssets.USDT_A_TOKEN,
+      WHITEHAT_RECIPIENT,
+      USDT_WHITEHAT_AMOUNT
+    );
+    AaveV3Ethereum.COLLECTOR.transfer(
+      AaveV2EthereumAssets.USDT_A_TOKEN,
+      IMMUNEFI_RECIPIENT,
+      USDT_IMMUNEFI_AMOUNT
+    );
+  }
+}

src/20240207_AaveV3Ethereum_StableRateBugBounty/AaveV3Ethereum_StableRateBugBounty_20240207.t.sol

@@ -0,0 +1,69 @@
+// SPDX-License-Identifier: MIT
+pragma solidity ^0.8.0;
+
+import {AaveV3Ethereum, AaveV3EthereumAssets} from 'aave-address-book/AaveV3Ethereum.sol';
+import {AaveV2EthereumAssets} from 'aave-address-book/AaveV2Ethereum.sol';
+
+import {ProtocolV3TestBase} from 'aave-helpers/ProtocolV3TestBase.sol';
+import {IERC20} from 'solidity-utils/contracts/oz-common/interfaces/IERC20.sol';
+import {AaveV3Ethereum_StableRateBugBounty_20240207} from './AaveV3Ethereum_StableRateBugBounty_20240207.sol';
+
+/**
+ * @dev Test for AaveV3Ethereum_StableRateBugBounty_20240207
+ * command: make test-contract filter=AaveV3Ethereum_StableRateBugBounty_20240207
+ */
+contract AaveV3Ethereum_StableRateBugBounty_20240207_Test is ProtocolV3TestBase {
+  AaveV3Ethereum_StableRateBugBounty_20240207 internal proposal;
+
+  function setUp() public {
+    vm.createSelectFork(vm.rpcUrl('mainnet'), 19290890);
+    proposal = new AaveV3Ethereum_StableRateBugBounty_20240207();
+  }
+
+  /**
+   * @dev executes the generic test suite including e2e and config snapshots
+   */
+  function test_defaultProposalExecution() public {
+    defaultTest(
+      'AaveV3Ethereum_StableRateBugBounty_20240207',
+      AaveV3Ethereum.POOL,
+      address(proposal)
+    );
+  }
+
+  function test_consistentBalances() public {
+    uint256 immunefiUsdtBalanceBefore = IERC20(AaveV2EthereumAssets.USDT_A_TOKEN).balanceOf(
+      proposal.IMMUNEFI_RECIPIENT()
+    );
+    uint256 whitehatUsdtBalanceBefore = IERC20(AaveV2EthereumAssets.USDT_A_TOKEN).balanceOf(
+      proposal.WHITEHAT_RECIPIENT()
+    );
+    uint256 whitehatAaveBalanceBefore = IERC20(AaveV3EthereumAssets.AAVE_UNDERLYING).balanceOf(
+      proposal.WHITEHAT_RECIPIENT()
+    );
+
+    executePayload(vm, address(proposal));
+
+    uint256 immunefiUsdtBalanceAfter = IERC20(AaveV2EthereumAssets.USDT_A_TOKEN).balanceOf(
+      proposal.IMMUNEFI_RECIPIENT()
+    );
+    uint256 whitehatUsdtBalanceAfter = IERC20(AaveV2EthereumAssets.USDT_A_TOKEN).balanceOf(
+      proposal.WHITEHAT_RECIPIENT()
+    );
+    uint256 whitehatAaveBalanceAfter = IERC20(AaveV3EthereumAssets.AAVE_UNDERLYING).balanceOf(
+      proposal.WHITEHAT_RECIPIENT()
+    );
+
+    assertApproxEqAbs(
+      immunefiUsdtBalanceAfter,
+      immunefiUsdtBalanceBefore + proposal.USDT_IMMUNEFI_AMOUNT(),
+      1
+    );
+    assertApproxEqAbs(
+      whitehatUsdtBalanceAfter,
+      whitehatUsdtBalanceBefore + proposal.USDT_WHITEHAT_AMOUNT(),
+      1
+    );
+    assertEq(whitehatAaveBalanceAfter, whitehatAaveBalanceBefore + proposal.AAVE_WHITEHAT_AMOUNT());
+  }
+}

src/20240207_AaveV3Ethereum_StableRateBugBounty/StableRateBugBounty.md

@@ -0,0 +1,38 @@
+---
+title: "Stable Rate Bug Bounty"
+author: "BGD Labs @bgdlabs"
+discussions: "https://governance.aave.com/t/bgd-full-deprecation-of-stable-rate/16473"
+---
+
+## Simple Summary
+
+Bug bounty payment for the [report received on 4th November 2023](https://governance.aave.com/t/aave-v2-v3-security-incident-04-11-2023/15335) amounting a grant total of ~1'000'000 for the white hat splitted in stable-coins and AAVE, together with the $100'000 Immunefi fee (10% of the total).
+
+## Motivation
+
+On the 4th of November 2023, a report was received via the Aave <> Immunefi bug bounty program about a critical bug related to the stable borrow rate.
+
+Similar to any other valid bug reports, a bounty needs to be paid to the white-hat. However, being a critical severity one, we think it is reasonable to have an ad-hoc governance proposal for this type of sizeable payment.
+
+## Specification
+
+The governance proposal executes the payment to 2 different recipients:
+
+-> **White-hat**
+
+- Transfer of 500'000 aUSDT v2 Ethereum from the Aave Ethereum Collector.
+- Transfer of 5'583 AAVE (calculated to be $500'000 using a 30-days average) from the Aave Ecosystem Reserve. The amount has been determined following the recommendation of the financial service providers of the DAO [HERE](https://governance.aave.com/t/bgd-full-deprecation-of-stable-rate/16473/8).
+
+-> **Immunefi**
+
+- Transfer of 100'000 aUSDT v2 Ethereum from the Aave Ethereum Collector.
+
+## References
+
+- Implementation: [AaveV3Ethereum](https://github.com/bgd-labs/aave-proposals-v3/blob/main/src/20240207_AaveV3Ethereum_StableRateBugBounty/AaveV3Ethereum_StableRateBugBounty_20240207.sol)
+- Tests: [AaveV3Ethereum](https://github.com/bgd-labs/aave-proposals-v3/blob/main/src/20240207_AaveV3Ethereum_StableRateBugBounty/AaveV3Ethereum_StableRateBugBounty_20240207.t.sol)
+- [Discussion](https://governance.aave.com/t/bgd-full-deprecation-of-stable-rate/16473)
+
+## Copyright
+
+Copyright and related rights waived via [CC0](https://creativecommons.org/publicdomain/zero/1.0/).

src/20240207_AaveV3Ethereum_StableRateBugBounty/StableRateBugBounty_20240207.s.sol

@@ -0,0 +1,58 @@
+// SPDX-License-Identifier: MIT
+pragma solidity ^0.8.0;
+
+import {GovV3Helpers, IPayloadsControllerCore, PayloadsControllerUtils} from 'aave-helpers/GovV3Helpers.sol';
+import {EthereumScript} from 'aave-helpers/ScriptUtils.sol';
+import {AaveV3Ethereum_StableRateBugBounty_20240207} from './AaveV3Ethereum_StableRateBugBounty_20240207.sol';
+
+/**
+ * @dev Deploy Ethereum
+ * deploy-command: make deploy-ledger contract=src/20240207_AaveV3Ethereum_StableRateBugBounty/StableRateBugBounty_20240207.s.sol:DeployEthereum chain=mainnet
+ * verify-command: npx catapulta-verify -b broadcast/StableRateBugBounty_20240207.s.sol/1/run-latest.json
+ */
+contract DeployEthereum is EthereumScript {
+  function run() external broadcast {
+    // deploy payloads
+    address payload0 = GovV3Helpers.deployDeterministic(
+      type(AaveV3Ethereum_StableRateBugBounty_20240207).creationCode
+    );
+
+    // compose action
+    IPayloadsControllerCore.ExecutionAction[]
+      memory actions = new IPayloadsControllerCore.ExecutionAction[](1);
+    actions[0] = GovV3Helpers.buildAction(payload0);
+
+    // register action at payloadsController
+    GovV3Helpers.createPayload(actions);
+  }
+}
+
+/**
+ * @dev Create Proposal
+ * command: make deploy-ledger contract=src/20240207_AaveV3Ethereum_StableRateBugBounty/StableRateBugBounty_20240207.s.sol:CreateProposal chain=mainnet
+ */
+contract CreateProposal is EthereumScript {
+  function run() external {
+    // create payloads
+    PayloadsControllerUtils.Payload[] memory payloads = new PayloadsControllerUtils.Payload[](1);
+
+    // compose actions for validation
+    IPayloadsControllerCore.ExecutionAction[]
+      memory actionsEthereum = new IPayloadsControllerCore.ExecutionAction[](1);
+    actionsEthereum[0] = GovV3Helpers.buildAction(
+      type(AaveV3Ethereum_StableRateBugBounty_20240207).creationCode
+    );
+    payloads[0] = GovV3Helpers.buildMainnetPayload(vm, actionsEthereum);
+
+    // create proposal
+    vm.startBroadcast();
+    GovV3Helpers.createProposal(
+      vm,
+      payloads,
+      GovV3Helpers.ipfsHashFile(
+        vm,
+        'src/20240207_AaveV3Ethereum_StableRateBugBounty/StableRateBugBounty.md'
+      )
+    );
+  }
+}

src/20240207_AaveV3Ethereum_StableRateBugBounty/config.ts

@@ -0,0 +1,13 @@
+import {ConfigFile} from '../../generator/types';
+export const config: ConfigFile = {
+  rootOptions: {
+    pools: ['AaveV3Ethereum'],
+    title: 'Stable Rate Bug Bounty',
+    shortName: 'StableRateBugBounty',
+    date: '20240207',
+    author: 'BGD Labs @bgdlabs',
+    discussion: 'https://governance.aave.com/t/bgd-full-deprecation-of-stable-rate/16473',
+    snapshot: '',
+  },
+  poolOptions: {AaveV3Ethereum: {configs: {OTHERS: {}}, cache: {blockNumber: 19174640}}},
+};