Put error messages in a spreadsheet for reference, and come with consistent codes for them.

An example of using ETH from a join to get Dai from MakerDAO to cover a series maturing

Remove all dependencies from yield-utils, now the relevant functionality is available in yield-utils-v2.

Do this after Multicall has been removed.

Only authorized contracts would be able to operate with Cauldron, and these contracts would be the ones verifying that the caller has rights to the vault.

This architecture would make trivial implementing a multicall router.

This would also allow to create the circuit breakers using AccessControl, which would save some gas.

Only between vaults for the same series. Will allow to merge and split vaults in combination with build and destroy

Make Witch Ownable and copy the setParameter function from FYToken.sol

Consider whether to implement this in Ladle, or on its own.

If on its own, do we make Ladle a platform registry of Joins and Pools? Do we make standalone registries? Do we duplicate the records?

Complete the roll function here once you can flash borrow from Joins

1. Flash loan base from Join (can also just take it and return it at the end instead, no callbacks)
2. Buy fyToken1 from pool1 - amount equal to debt to roll
3. Buy base from pool2 - output equal to new debt
4. Adjust vault with roll.

Consider not re-using names across contracts. We might also consider giving the Ladle contracts more human-friendly names--i.e., no Daiwanese, since this is the entrypoint for most people into the system.

In Cauldron and FYToken

Uniswap v3 oracles may be an effective way to liquidate positions.

Currently, Cauldron allows liquidators to operate on the vaults in liquidation under the condition that the collateralization level improves with each operation.

However, Cauldron doesn't check that the liquidator actually has moved any assets. A malicious liquidator can just set the debt of a vault to zero. It can also take assets from the Joins via the Ladle.

I would suggest removing that condition from the Cauldron and instead make sure that Liquidation engines are thoroughly vetted (as a new Ladle would be) and treated as core contracts.

Agree?

Do this in the FYToken contract.

Too much complexity to just add vault caching. Disable vault caching for stir and merge it back into one function

Some or all of:

• revokeDelegateWithSignature
• renounceDelegation
• onlyWithSignature
• addPartialDelegate (for only certain functions, maybe pack up to 8 of them in a bytes32)

ERC3156, with no fee for auth borrowers.

function flashLoan(...) calls _flashLoan(..., feeFactor) with factor equal to a state variable.
function flashLoanNoFee(...) auth calls _flashLoan(..., feeFactor = 0)

Fixed in #46

Include a list of pools in the Ladle, and then calling serve will borrow straight into the pool, selling the fyToken for base into the caller's address.

Implement a Mock Pool to test.

It would get locked in a pool

Cauldron shouldn't know of these.

With an undercollateralized vault, it is only allowed to stir it if the operation brings it back to a healthy collateralization ratio (and only if you are faster than the liquidation bots).

Should we allow operating with an undercollateralizated vault, but with the condition that the collateralization level only improves?

It seems to me quite worthless.

Code a PoolRouterMock and remove retrieveToken from Ladle, as it can be used with Ladle.route instead.

So Ladle will have:

• ladle.stir -> move collateral between vaults
• ladle.pour -> move collateral and/or fyTokens between a user and his vaults. Incurs or repays debt if moving fyTokens.
• ladle.close -> repay debt with base at a 1:1 ratio. Can move collateral at the same time.
• ladle.serve -> pour, but any fyToken gets converted to/from base in a pool, so the user never holds fyToken, and the Cauldron never receives base.

It will be tightly integrated with Ladle, so that users still call the same contract.

It might require an extra mapping of Join to Collateral, so that we can accept several tokens (Eth, WETH9, WETH10) for a single collateral (ETH-A).

It might come useful later on if there are any other wrapped tokens we want to accept.

Multicall could check that the user owns the vault and if successful SSTORE a flag.

Then all Ladle functions would be called with a parameter instructing then to check the flag, instead of reading from Cauldron.

At the end, multicall deletes the flag.

It would save a CALL per call after the first.

ethers.provider instead of ethers.providers.getDefaultProvider

Check if ethers-time-traveller snapshots can be now removed

Check about using evm calls to advance time, and drop ethers-time-traveller altogether: evm_mine(timestamp)

https://github.com/ItsNickBarry/hardhat-abi-exporter

Throught the router functions, to allow fyToken.redeem as the first step in a batch.
Also allow to execute fyToken.redeem from Ladle.

We are running out of space in Ladle, and removing Multicall is the best option.

New functions can be added in batch for vault management. A give in a batch must be in the last position. A tweak resets the cached series.

roll needs to be added to batch.

If we run out of space, it will be time to remove some of the public functions (and refactor tests accordingly).

A number of projects use SafeTransfer contracts or libraries to deal with non-standard ERC20 and the like. What should we do?

The price formula for the auctions waws designed thinking on a 150% collateralization ratio. It starts by selling half the collateral for all the debt, and moves linearly until it offers all collateral for all the debt.

Should it change for vaults with different collateralization ratios, like 100% or 200%?

It is possible that Join contracts may receive airdropped assets. There should be a governance controlled function that permits withdrawal of these assets.

So that other repos can get started quickly.

• Create IOracle interface
• oracle.spot returns a RAY (27 decimals)
• Create mock oracle (test in 011_oracle.ts)
• Add oracle to Vat (test in 051_vat_build.ts)
• Uncomment and test value (in 052_vat_level.ts, ask about fixed point math)

If instead of pulling a price from an oracle, we push an amount, we can implement NFT oracles. The ink of a vault would be an amount for an ERC20, an id for an NFT.

Find base debt B1
Mint B12 into P2
Buy B1 into J1 from P2, finding fyToken debt F2
Roll F1 -> F2
Roll S1 -> S2
Retrieve B12 - F2 into FYToken2
Burn B1*2 - F2 in FYToken2

Use this as an example for the interface: https://github.com/yieldprotocol/YieldSpace-Farming/blob/feat/comp/contracts/CPool.sol

https://github.com/wighawag/template-ethereum-contracts

The fees might be implemented as an extra amount of fyToken that gets minted into a governance account whenever fyToken are minted (meaning, users borrow)

Fixed on #47