v1.9.0

Production release.

Summary of Changes

• Add UniswapV4 integrations in MainnetController to:
  • Mint new LP positions
  • Increase and decrease liquidity in existing positions
  • Swap
• Remove Morpho allocator role logic from ForeignController
• Use modifiers uniformly in ForeignController
• Add zero address check for LayerZero
• Move ERC4626 logic into a library to save bytecode size
• Move AAVE logic into a library to save bytecode size
• Move ERC-20 SafeApprove logic into ApproveLib library to save bytecode size
• Use standardize rate limit helper function usage in MainnetController

What's Changed

• feat: Add v1.8.0 audits by @lucas-manuel in #192
• feat: UniswapV4 mint/increase/decrease liquidity support by @deluca-mike in #189
• feat: UniswapV4 swap support (SC-1249) by @deluca-mike in #194
• feat: Add ALM_PROXY and RATE_LIMITS addresses to deploy json by @supercontracts in #190
• fix: Uniswapv4 USDT/USDS tests and swap fix (SC-1253) by @deluca-mike in #196
• add: Uniswap fuzz tests (SC-1250) by @supercontracts in #195
• feat: Apply Tick Checks on increaseLiquidityUniswapV4 (SC-1262) by @deluca-mike in #197
• feat: UniswapV4 swap invalid tokenIn clear error (SC-1259) by @deluca-mike in #199
• feat: Remove shadow declaration warning and add zero address check (SC-1277) by @lucas-manuel in #200
• feat: Update ForeignController to use modifiers (SC-1281) by @supercontracts in #201
• cleanup: Morpho Allocations by @supercontracts in #202
• fix: Inconsistent Uniswap v4 PositionManager action usage in increasePosition by @supercontracts in #204
• fix: enforce amount0Min / amount1Min beyond Uniswap slippage checks by @supercontracts in #205
• fix: Minor comments by @supercontracts in #206
• fix: reuse _rateLimited to save space by @deluca-mike in #209
• fix: _requirePoolIdMatch in mint and swap C10 by @deluca-mike in #211
• fix: Add an explicit bounds check to prevent silent truncation in _approveWithPermit2 by @supercontracts in #207
• feat: Add additional requirements/assumptions (C-22) by @lucas-manuel in #212

Full Changelog: v1.8.0...v1.9.0

v1.9.0-rc.0

Audit fixes release.

What's Changed

• feat: Update ForeignController to use modifiers (SC-1281) by @supercontracts in #201
• cleanup: Morpho Allocations by @supercontracts in #202
• fix: Inconsistent Uniswap v4 PositionManager action usage in increasePosition by @supercontracts in #204
• fix: enforce amount0Min / amount1Min beyond Uniswap slippage checks by @supercontracts in #205
• fix: Minor comments by @supercontracts in #206
• fix: reuse _rateLimited to save space by @deluca-mike in #209
• fix: _requirePoolIdMatch in mint and swap C10 by @deluca-mike in #211
• fix: Add an explicit bounds check to prevent silent truncation in _approveWithPermit2 by @supercontracts in #207
• feat: Add additional requirements/assumptions (C-22) by @lucas-manuel in #212

Full Changelog: v1.9.0-beta.1...v1.9.0-rc.0

v1.9.0-beta.1

Pre-Cantina audit.

What's Changed Since beta.0

• add: Uniswap fuzz tests (SC-1250) by @supercontracts in #195
• feat: Apply Tick Checks on increaseLiquidityUniswapV4 (SC-1262) by @deluca-mike in #197
• feat: UniswapV4 swap invalid tokenIn clear error (SC-1259) by @deluca-mike in #199
• feat: Remove shadow declaration warning and add zero address check (SC-1277) by @lucas-manuel in #200

Full Changelog: v1.9.0-beta.0...v1.9.0-beta.1

What's Changed Since v1.8.0

• feat: Add v1.8.0 audits by @lucas-manuel in #192
• feat: UniswapV4 mint/increase/decrease liquidity support by @deluca-mike in #189
• feat: UniswapV4 swap support (SC-1249) by @deluca-mike in #194
• feat: Add ALM_PROXY and RATE_LIMITS addresses to deploy json by @supercontracts in #190
• fix: Uniswapv4 USDT/USDS tests and swap fix (SC-1253) by @deluca-mike in #196
• add: Uniswap fuzz tests (SC-1250) by @supercontracts in #195
• feat: Apply Tick Checks on increaseLiquidityUniswapV4 (SC-1262) by @deluca-mike in #197
• feat: UniswapV4 swap invalid tokenIn clear error (SC-1259) by @deluca-mike in #199
• feat: Remove shadow declaration warning and add zero address check (SC-1277) by @lucas-manuel in #200

Full Changelog: v1.8.0...v1.9.0-beta.1

v1.9.0-beta.0

Pre-Certora audit release.

What's Changed

• feat: Add v1.8.0 audits by @lucas-manuel in #192
• feat: UniswapV4 mint/increase/decrease liquidity support by @deluca-mike in #189
• feat: UniswapV4 swap support (SC-1249) by @deluca-mike in #194
• feat: Add ALM_PROXY and RATE_LIMITS addresses to deploy json by @supercontracts in #190
• fix: Uniswapv4 USDT/USDS tests and swap fix (SC-1253) by @deluca-mike in #196

Full Changelog: v1.8.0...v1.9.0-beta.0

v1.8.0

Production release.

What's Changed

• feat: Add v1.6.0 release by @lucas-manuel in #141
• feat: Add audits (SC-1146) by @lucas-manuel in #151
• feat: Add slippage check (SC-1076) by @lucas-manuel in #145
• feat: Migrate maxSlippage values to new controller (SC-1136) by @supercontracts in #149
• feat: Add ALMProxyFreezable and tests (SC-1115) by @hacker-DOM in #147
• feat: Add wstETH Integration (SC-1140) by @supercontracts in #154
• feat: Use ETH for rate limits in wstETH request withdraw. by @hacker-DOM in #157
• feat: Update OTC swap functionality (SC-1116) by @lucas-manuel in #156
• feat: wstETH: amountToRedeem (SC-181) by @hacker-DOM in #159
• update: ForeignControllerInit to check psm conditionally by @supercontracts in #158
• fix: spark-address-registry submodule by @supercontracts in #161
• feat: Rename _rateLimitedX (SC-1179) by @hacker-DOM in #164
• feat: Add Aave attack (SC-1155) by @supercontracts in #165
• feat: check return value for transfer (SC-1188) by @supercontracts in #166
• fix: Update to AccessControlEnumerable (SC-1192) by @lucas-manuel in #169
• fix: transfer in transferAsset, otcSend and otcClaim to revert on silent failures by @supercontracts in #170
• fix: v1.8.0 alpha code review fixes by @deluca-mike in #171
• feat: Add doc for OTC functionality (SC-1191) by @supercontracts in #172
• doc: ALMProxyFreezable in README by @deluca-mike in #173
• feat: Remove centrifuge integration by @lucas-manuel in #174
• feat: Add additional OTC validation by @deluca-mike in #175
• feat: Test maxSlippage with ERC4626 donation attack by @hacker-DOM in #167
• fix: Remove receive from OTCBuffer (SC-1206) by @supercontracts in #176
• fix: Cantina Issue 5 (SC-1202) by @supercontracts in #177
• fix: Add maxSlippageParams to ForeignControllerInit (SC-1204) by @supercontracts in #178
• fix: Hardcode the spender to ALM Proxy in OTCBuffer (SC-1208) by @supercontracts in #179
• fix: Add OTC check in setOTCWhitelistedAsset (SC-1205) by @supercontracts in #180
• fix: Certora [I-03] Error message (SC-1220) by @hivtushok in #183
• fix: Certora [I-02] Cleanups (SC-1219) by @hivtushok in #182
• feat: Add Reentrancy Guards (SC-1224) by @deluca-mike in #185
• feat: ERC4626 Exchange Rate Threshold (SC-1229) by @deluca-mike in #186

New Contributors

• @hivtushok made their first contribution in #183

Full Changelog: v1.7.0...v1.8.0

v1.8.0-rc.0

Post audit release.

What's Changed

• feat: Test maxSlippage with ERC4626 donation attack by @hacker-DOM in #167
• fix: Remove receive from OTCBuffer (SC-1206) by @supercontracts in #176
• fix: Cantina Issue 5 (SC-1202) by @supercontracts in #177
• fix: Add maxSlippageParams to ForeignControllerInit (SC-1204) by @supercontracts in #178
• fix: Hardcode the spender to ALM Proxy in OTCBuffer (SC-1208) by @supercontracts in #179
• fix: Add OTC check in setOTCWhitelistedAsset (SC-1205) by @supercontracts in #180
• fix: Certora [I-03] Error message (SC-1220) by @hivtushok in #183
• fix: Certora [I-02] Cleanups (SC-1219) by @hivtushok in #182
• feat: Add Reentrancy Guards (SC-1224) by @deluca-mike in #185
• feat: ERC4626 Exchange Rate Threshold (SC-1229) by @deluca-mike in #186

New Contributors

• @hivtushok made their first contribution in #183

Full Changelog: v1.8.0-beta.0...v1.8.0-rc.0

v1.8.0-beta.0

Pre Cantina and Certora audit release.

Release Notes

• New Features

  • Added per-pool maximum slippage configuration to protect against excessive price slippage during deposits
  • Introduced OTC swap functionality with recharge-rate management
  • Added controller freezing capability via new FREEZER role

• Configuration & Deployment

  • Updated staging and production deployment configurations for mainnet and base chains
  • Improved PSM address selection based on environment (staging vs. production)
  • Removed Arbitrum staging deployment infrastructure

What's Changed

• feat: Add v1.6.0 release by @lucas-manuel in #141
• feat: Add audits (SC-1146) by @lucas-manuel in #151
• feat: Add slippage check (SC-1076) by @lucas-manuel in #145
• feat: Migrate maxSlippage values to new controller (SC-1136) by @supercontracts in #149
• feat: Add ALMProxyFreezable and tests (SC-1115) by @hacker-DOM in #147
• feat: Add wstETH Integration (SC-1140) by @supercontracts in #154
• feat: Use ETH for rate limits in wstETH request withdraw. by @hacker-DOM in #157
• feat: Update OTC swap functionality (SC-1116) by @lucas-manuel in #156
• feat: wstETH: amountToRedeem (SC-181) by @hacker-DOM in #159
• update: ForeignControllerInit to check psm conditionally by @supercontracts in #158
• fix: spark-address-registry submodule by @supercontracts in #161
• feat: Rename _rateLimitedX (SC-1179) by @hacker-DOM in #164
• feat: Add Aave attack (SC-1155) by @supercontracts in #165
• feat: check return value for transfer (SC-1188) by @supercontracts in #166
• fix: Update to AccessControlEnumerable (SC-1192) by @lucas-manuel in #169
• fix: transfer in transferAsset, otcSend and otcClaim to revert on silent failures by @supercontracts in #170
• fix: v1.8.0 alpha code review fixes by @deluca-mike in #171
• feat: Add doc for OTC functionality (SC-1191) by @supercontracts in #172
• doc: ALMProxyFreezable in README by @deluca-mike in #173
• feat: Remove centrifuge integration by @lucas-manuel in #174
• feat: Add additional OTC validation by @deluca-mike in #175

New Contributors

• @deluca-mike made their first contribution in #171

Full Changelog: v1.7.0...v1.8.0-beta.0

v1.8.0-alpha.1

What's Changed

• feat: Add Aave attack (SC-1155) by @supercontracts in #165
• feat: check return value for transfer (SC-1188) by @supercontracts in #166

Full Changelog: v1.8.0-alpha.0...v1.8.0-alpha.1

v1.8.0-alpha.0

What's Changed

• feat: Add v1.6.0 release by @lucas-manuel in #141
• feat: Add audits (SC-1146) by @lucas-manuel in #151
• feat: Add slippage check (SC-1076) by @lucas-manuel in #145
• feat: Migrate maxSlippage values to new controller (SC-1136) by @supercontracts in #149
• feat: Add ALMProxyFreezable and tests (SC-1115) by @hacker-DOM in #147
• feat: Add wstETH Integration (SC-1140) by @supercontracts in #154
• feat: Use ETH for rate limits in wstETH request withdraw. by @hacker-DOM in #157
• feat: Update OTC swap functionality (SC-1116) by @lucas-manuel in #156
• feat: wstETH: amountToRedeem (SC-181) by @hacker-DOM in #159
• update: ForeignControllerInit to check psm conditionally by @supercontracts in #158
• fix: spark-address-registry submodule by @supercontracts in #161
• feat: Rename _rateLimitedX (SC-1179) by @hacker-DOM in #164

Full Changelog: v1.7.0...v1.8.0-alpha.0

v1.7.0

Production release.

Summary of Changes

• Add Spark Vaults V2 support
• Remove redeem functionality for Superstate
• Add transferAsset to foreignController
• Reduce bytecode size but removing immutable/constant keywords

What's Changed

• feat: Add v1.5.0 release by @lucas-manuel in #134
• feat: Add audits (SC-1084) by @lucas-manuel in #139
• feat: Remove redeem functionality for superstate (SC-1072) by @lucas-manuel in #136
• fix: Update to remove keywords to save size (SC-1086) by @lucas-manuel in #140
• feat: Add take functionality to controllers (SC-1081) by @hacker-DOM in #142
• feat: Update spark-vaults-v2 commit for tests (SC-1114) by @hacker-DOM in #143
• feat: Add e2e tests and transferAsset to ForeignController (SC-1118 + SC-1113) by @lucas-manuel in #144
• fix: Remove superstateRedemption artefacts by @supercontracts in #146

Full Changelog: v1.6.0...v1.7.0