Loading...
Loading...
Loading...
Loading...
Loading...
Loading...
Loading...
Loading...
Loading...
Loading...
Loading...
Loading...
Loading...
Loading...
Loading...
Loading...
Loading...
Loading...
Loading...
Loading...
Loading...
Loading...
Loading...
Loading...
Loading...
Loading...
Loading...
Loading...
Loading...
Loading...
Loading...
Loading...
Loading...
Loading...
Loading...
Loading...
Loading...
Loading...
Loading...
Loading...
Loading...
Loading...
Loading...
Loading...
Loading...
Loading...
Loading...
Loading...
Loading...
Loading...
Loading...
Loading...
Loading...
Loading...
Loading...
Loading...
Loading...
Loading...
Loading...
Loading...
Loading...
Loading...
Loading...
Loading...
Loading...
Loading...
Loading...
Loading...
Loading...
Loading...
Loading...
Loading...
Loading...
Loading...
Loading...
Loading...
Loading...
Loading...
Loading...
Loading...
Loading...
Three layers of slashing coverage are available for every participant staking through the Liquid Collective protocol
Liquid Collective’s Slashing Coverage Treasury allocates a percentage of all network rewards to provide coverage for slashing coverage deductibles on network-wide slashing incidents. The Treasury continues to accrue network rewards unless deployed.
Node operators supporting Liquid Collective's active set provide coverage for deductibles, up to a cap, against slashing incidents and missed rewards incurred due to the fault of their infrastructure.
The Slashing Coverage Fund is in charge of injecting coverage funds into the system. In the case of a slashing event on one of the validators of the system, the Slashing Coverage Fund can be supplied with ETH to be used to repay slashing losses. When funds are sent to the Slashing Coverage Fund, the system will attempt to pull everything until the fund is empty.
The amount pulled is always capped by the reporting upper bound, just like the execution layer fees. This means that the supplied ETH will probably be injected in the system in multiple oracle report rounds.
Funds are supplied to the Slashing Coverage Fund contract when a qualified slashing event has occurred.
Partners assigned with a deductible can reimburse by posting the deductible (in ETH) to Liquid Collective's CoverageFund smart contract. ETH in the CoverageFund contract are periodically pulled into the system, accounted into the Conversion Rate, and eventually introduced into the staking flow.
Liquid Collective's CoverageFund contract is designed to only accept ETH from allowlisted accounts with a specific DONATOR permission.
When pulling funds from the CoverageFund contract the system does not mint any new LsETH and so the operation results in a replacement of any shortfalls that may have occurred from a slashing event, which applies to every LsETH holder.
No fees are taken on the received funds
The funds are entirely distributed to LsETH holders
No new LsETH are minted
Funds are distributed by increasing the Conversion Rate of LsETH
Funds from the CoverageFund contract are pulled into the system upon successful Oracle reports after Execution Layer fees have been pulled and rewards have been accounted, so no fee is charged on the cover funds pulled.
The amount pulled from the CoverageFund contract respects the Conversion Rate's variation bounds, so a slashing reimbursement cannot disrupt the Conversion Rate. On every Oracle report the system accounts for network rewards (CL + EL) then collects the gross fee, then attempts to pull funds from the CoverageFund contract up to the authorized maximum to remain within Conversion Rate's variation bounds.
In other words, if ETH is available in the contract, River will attempt to pull as much ETH as possible, up to the upper bound allowed by the Oracle contract. This smoothing mechanism means that it may take multiple Oracle cycles for Slashing Coverage Funds to be pulled entirely into the system, ensuring a gradual variation of the Conversion Rate.
Liquid Collective's protocol architecture on Ethereum
River is the core smart contract in the protocol. River manages:
LsETH Token
User Deposits: River allows users to perform ETH deposits and receive receipt tokens (mint LsETH) in return.
The Oracle contract is responsible for feeding the River contract with the balance position of the validator nodes on the consensus layer. It relies on a set of Oracle Operators that periodically report data from the consensus layer to the execution layer; it is currently configured to report every 24 hours.
The Oracle contract helps synchronize a quorum of Oracle Operators to report the same consensus layer data. In particular, the Oracle contract makes sure that the core River contract receives data only after the Oracle contract has received identical reports from a quorum of Oracle Operators.
The Node Operators Registry:
Manages Node Operators that have been approved to receive ETH delegation
Enables Node Operators to register validators
Selects the next validators to receive delegation, attempting even distribution so all Node Operators get a fair delegation
The Allowlist contract manages the permissions of who can deposit to the protocol. The protocol requires participants to use an allowlisted wallet to deposit ETH and redeem LsETH.
The ELFeeRecipient contract is the contract that receives execution layer fees, including priority fees and MEV network rewards.
The Withdraw contract is the contract that perceives withdrawn funds resulting from both validator’s full and partial exits. All Liquid Collective validator keys have their withdrawal credentials set to the address of the Withdraw contract. Withdrawn funds are automatically pushed to the Withdraw contract by design of the Ethereum protocol. Funds on the Withdraw contract are periodically pulled by River contract on every Oracle report.
The Liquid Collective protocol smart contract was upgraded to enable LsETH redemptions in May of 2023. Liquid Collective upgradability relies on the upgradeable proxy pattern enabling any functional upgrade to the smart contracts.
In its current form, the River smart contract always sets the validator withdrawal credentials to the address of the Liquid Collective Withdraw contract, which is an upgradeable proxy Smart Contract.
Upgradability of both contracts is governed in a decentralized fashion by the protocol's administrators through the Liquid Collective DAO.
The Liquid Collective protocol’s Redemption Queue facilitates the satisfaction of redemption requests in the same order as they have been requested. The first-in-first-out Redemption Queue is intended to protect against a race for claims in the event of high withdrawal demand.
The Liquid Collective protocol’s Redemption Buffer holds ETH that is pending to be supplied for redemption satisfactions.
The Liquid Collective protocol’s Withdrawal Stack automatically facilitates the movement of ETH to the protocol’s Redemption Buffer. This ETH may be sourced by validator exits from the consensus layer or rebalanced from the protocol’s Deposit Buffer.
The Liquid Collective protocol’s Deposit Buffer holds ETH pending to be deposited to Ethereum’s consensus layer, or that can be rebalanced to the Withdrawal Stack to programmatically facilitate redemption satisfactions. This ETH may be sourced from user deposits, network rewards (consensus layer & execution layer), the protocol’s Slashing Coverage Program, or rebalanced from the protocol’s Withdrawal Stack.
Users can deposit and stake any amount of ETH
Liquid Collective allows users to deposit and stake any amount of ETH, not just 32 ETH (the minimum required to operate a full validator). Deposited ETH are gathered into an ETH smart contract account as fungible bulk. ETH in the account are regularly delegated to validators in a round-robin manner as the account reaches a balance of 32 ETH.
The Liquid Collective protocol is non-custodial. Deposited ETH is sent by the protocol to the Ethereum deposit contract. LsETH is also self-custodied, so LsETH holders have complete control over their LsETH and can pick any preferred custody solution.
The roles in Liquid Collective's Ethereum implementation, and staking infrastructure overview.
Platforms provide a seamless on-ramp and access for users to interact with the Liquid Collective protocol. There are two types of Liquid Collective Platforms. Platforms either enable minting and redemption of LsETH, or enable secondary interactions.
Wallet Providers and Custody Providers offer LsETH token storage and signing infrastructure. Wallet and Custody Providers enable Platforms to easily access and distribute LsETH to their users through custody and/or embedded minting services. In some cases, these Providers and Platforms are the same entities.
Service Providers provide development, consulting, attestation, legal, or technological services to the Liquid Collective. Liquid Collective seeks to collaborate with existing web3 teams in the development of the protocol’s liquid staking offering.
Node Operators run the Ethereum validator infrastructure on Liquid Collective, registering validator keys with the protocol, performing validation duties, and earning network rewards for doing so. Liquid Collective does not run validator infrastructure, but instead delegates that critical task to proven Node Operators that meet high performance standards.
Infrastructure providers, operating a daemon app to report Ethereum consensus layer data to the Liquid Collective protocol. This data is necessary so the Liquid Collective protocol can account for the network rewards earned by validators.
Liquid Collective is designed to provide a secure and enterprise-grade liquid staking solution which necessitates sanctions checks on the protocol’s active validator set. Liquid Collective Node Operators must meet certain protocol performance and compliance requirements, and have the capacity to scale to a large number of validator nodes.
Liquid Collective works only with security-focused Node Operators that institute best practices to generate network rewards, including:
operating multi-region, multi-client infrastructure
offering technical support teams
maintaining security posturing (including double-sign protection)
To reduce the risk impact of validator operations, and to increase decentralization, Liquid Collective delegates tokens to multiple independent validator Node Operators. The staked tokens are distributed across Node Operators in a round-robin manner so that the Liquid Collective protocol is supported by a broad and dispersed active validator set. As a result, the risk is distributed, which should minimize staked ETH exposure to any one operator.
This documentation is specific to Liquid Collective's Ethereum liquid staking protocol and its ETH liquid staking token, Liquid Staked ETH (LsETH).
Liquid staking enables participants to contribute to the security and decentralization of proof of stake networks, while providing increased liquidity and capital efficiency.
Read on for Liquid Collective's ETH liquid staking protocol documentation.
Liquid Staked ETH, Liquid Collective's liquid staking token
The LsETH User Agreement is a legal agreement that outlines the terms and conditions of using the Liquid Collective protocol and holding LsETH. It contains important information about the protocol's token specifications and ownership characteristics, protocol service fees, slashing and slashing coverage, AML/KYC compliance, and risks associated with staking on Ethereum via the Liquid Collective protocol.
Each unit of LsETH is designed to serve as an electronic document of title to a corresponding amount of fungible ETH within the protocol. The LsETH User Agreement provides that LsETH is a cryptographic receipt that evidences legal and beneficial ownership of a corresponding amount of ETH, which is subject to increase as a result of the accrual of Ethereum network rewards.
Because of the cToken design, LsETH's Conversion Rate may fluctuate. Depositors in the cToken model do not receive more or less tokens as their staked tokens accrue network rewards or penalties. Instead, the conversion rate for each cToken owned by the depositor will increase or decrease (i.e, the LsETH will evidence legal and beneficial ownership of more or less ETH) in an amount that reflects accrued network rewards or penalties. This is in contrast to other token models, such as aTokens, which issue new net network reward tokens on a unit basis.
The internal Conversion Rate is the rate at which Liquid Collective redeems LsETH from/to ETH on deposits and redemptions. In other words, the Conversion Rate is the amount of ETH for which LsETH can be redeemed. The Conversion Rate is independent of the price at which ETH or LsETH may trade on the open market.
The value of LsETH is bound to this internal Conversion Rate which fluctuates over time according to the network rewards earned by the validators. The Conversion Rate is computed as the total balance of staked ETH over the total supply of LsETH. If accrued network rewards are greater than penalties and fees, the internal Conversion Rate will increase to reflect the net network rewards collected by the protocol.
The Conversion Rate is updated every 24 hours at Oracle Report Time, which is when Liquid Collective accounts for network rewards earned.
Hold LsETH and accrue network rewards
Exchange LsETH for another token
Use LsETH as collateral to participate in a wide range of DeFi and dapp activities
DISCLAIMER: This information is intended for informational purposes only and is not, and shall not be construed, to be any form of tax advice. All liquid staking participants are strongly encouraged to consult with their tax advisers to fully understand the tax implications of staking and liquid staking.
While the status of liquid staking activities under the Internal Revenue Code of 1986, as amended, remains uncertain, certain market views have developed around the U.S. tax consequences of liquid staking, including the following:
Depositing ETH and receiving LsETH may not be deemed a taxable event. Unlike a traditional token exchange (e.g., trading ETH for another token), depositing ETH may not be a token exchange because LsETH is a receipt token that evidences legal and beneficial ownership of the deposited ETH.
Additionally, because LsETH is based on the cToken model, the accrual of network rewards may not be deemed taxable events, especially when compared to the unit incremental basis in aToken models (or standard staking) for the accrual of network rewards.
Staking ETH to mint LsETH, and redeeming LsETH for ETH, on Liquid Collective
Liquid Collective users can deposit ETH to stake on Ethereum. Users can also redeem LsETH for the underlying staked ETH plus network rewards earned, and minus any fees or penalties.
The Liquid Collective protocol automatically maintains ETH Deposit and Redemption Buffers. These buffers are designed to ensure that flows in and out of the protocol are managed efficiently between Ethereum’s execution and consensus layers, which enables seamless redemptions of LsETH for ETH via automatic rebalancing.
The protocol’s Deposit Buffer includes ETH pending to be deposited to Ethereum’s consensus layer, while the Redemption Buffer includes ETH pending to be supplied for redemptions.
ETH deposits enter the Deposit Buffer to be programmatically staked in Ethereum’s consensus layer
Ethereum execution layer fees received by Liquid Collective validators automatically enter the Deposit Buffer to be programmatically staked
Ethereum consensus layer network rewards received by Liquid Collective validators automatically enter the Deposit Buffer to be programmatically staked
Withdrawn validator consensus layer ETH from validator full exits, or slashed validator exits, automatically enter the Redemption Buffer to fund LsETH redemptions
In addition to the Liquid Collective protocol’s Deposit and Redemption Buffers, the protocol’s Withdrawal Stack, along with Ethereum’s activation and exit queues, play an important role in deposits and redemptions on the Liquid Collective protocol.
Below is a step-by-step diagram showing how a request will flow through the protocol’s buffers and stacks.
When a user deposits ETH they receive the LsETH receipt token at the current Conversion Rate, which evidences legal and beneficial ownership of the staked token, plus network rewards received and minus any fees or penalties.
Deposited ETH automatically enters the Liquid Collective protocol’s Deposit Buffer. As ETH in the Deposit Buffer reaches a fungible bulk of 32 ETH it is programmatically staked, funding new validator keys and being pushed to Etheruem’s activation queue.
LsETH are minted on deposit, so depositing does not affect the Conversion Rate.
Example
Assuming
totalETHSupply = 125 ETH
totalLsETHSupply = 100 LsETH
So conversionRate = 125 / 100 = 1.25
A user deposits 10 ETH and receives 10 / 1.25 = 8 LsETH
And the new conversionRate = (125+10) / (100+8) = 1.25 remains unchanged
For more technical audiences, a sequence diagram showing the interaction between smart contracts is included below:
The LsETH receipt token can be redeemed for ETH at the current Conversion Rate, to effectively withdraw the staked token plus network rewards received and minus any fees or penalties.
Redemption requests on the Liquid Collective protocol cannot be canceled once they have been made. This is because validator exits cannot be canceled on Ethereum once they have been triggered.
LsETH redemptions take place via a three-stage process performed programmatically by the Liquid Collective protocol:
Request: the LsETH holder requests a redemption via a Platform (e.g. in the Coinbase Prime app), surrendering the amount of LsETH that they would like to redeem. This LsETH will eventually be burned.
Satisfaction: after the protocol completes any required validator exits and the corresponding amount of ETH is withdrawn as according to the protocol Conversion Rate, the request is satisfied and can be claimed at any time.
Claim: the redemption request is claimed, triggering the actual transfer of ETH to the redeemer.
When a LsETH holder requests a redemption the request is added to the protocol’s Redemption Queue. On each Oracle report, completed approximately every 24 hours, the protocol assesses the unsupplied ETH demand for redemptions.
When there is unsupplied ETH demand:
The Liquid Collective protocol programmatically rebalance's ETH between the deposit and Redemption Buffers to preserve capital efficiency by minimizing consensus layer operations. The protocol prioritizes moving ETH from the Deposit Buffer to the Redemption Buffer to satisfy the unsupplied redemption requests.
All Liquid Collective validator keys have their withdrawal credentials set to the address of Liquid Collective’s Withdraw contract, which is automatically pulled to the Redemption Buffer upon Oracle report. The withdrawn ETH is then used by the protocol to satisfy the unsupplied redemptions.
A user decides they want to redeem their LsETH for ETH via the Liquid Collective protocol
A user's redemption request is enqueued in the Redemption Queue pending satisfaction
On each Oracle report, the Liquid Collective protocol evaluates pending LsETH redemption requests and programmatically pulls any ETH from the Deposit Buffer to the Redemption Buffer to satisfy the requests
If the balance in the Deposit Buffer is insufficient to satisfy all pending redemption requests the Liquid Collective protocol initiates the exit of a corresponding amount of ETH by programmatically requesting Node Operators to submit validator exits
Any redemption request that has been satisfied by the Buffer can be immediately claimed by the user
For redemption requests that require a validator exit to satisfy, the validator key enters Ethereum’s exit queue, waits the full network withdrawal time, and, once exited, the validator’s ETH balance is automatically sent by Ethereum to Liquid Collective’s withdrawal address
On the Oracle report following the validator exit, the withdrawn ETH satisfies pending redemption requests
The user can now claim their ETH
Most stakers can complete this process easily via their preferred Liquid Collective Platform (e.g. in the Coinbase Prime app). At the protocol level, at a high level this request process is executed via interacting with the LsETH contract interface.
To indicate whether the request has been satisfied, the redeem request id can be submitted along with calling the resolveRedeemRequests function to return withdrawal events corresponding to that redeem request id.
Once satisfied, the request can be claimed by calling ClaimRedeemRequests along with the redeem request id and corresponding withdrawal event id, which returns a list of claim statuses.
For more technical audiences, a sequence diagram showing the interaction between smart contracts is included below:
When users request to redeem LsETH, they will receive ETH based on the available ETH from exited validators or pending deposits, up to the user's LsETH balance multiplied by the protocol conversion rate at the time of the request. If pending deposits are insufficient to fulfill the redemption request, the protocol initiates validator exits to cover the redemption. At the time of the redemption request, the protocol assumes ownership of the user’s LsETH, and the user will no longer be eligible to receive future network rewards. Once validators have fully exited and their effective balance is available, the final ETH amount is determined by the proportion of LsETH being redeemed relative to the total ETH available to withdraw. This means the user remains exposed to penalties and slashing risks until the validators have fully exited.
Example
Assuming
totalETHSupply = 162 ETH
totalLsETHSupply = 108 LsETH
So conversionRate = 162 / 108 = 1.5
A user converts 8 LsETH and receives 8 * 1.5 = 12 ETH
And the new conversionRate = (162-12) / (108-8) = 1.5 remains unchanged
For more technical audiences, a sequence diagram showing the interaction between smart contracts is included below:
Slashing Coverage enables certain Liquid Collective partners to reimburse LsETH holders following a slashing incident. Liquid Collective's Slashing Coverage Program is included in the ; as such, participation in the program requires no further action than holding LsETH.
includes three layers of coverage: Nexus Mutual Coverage, the Slashing Coverage Treasury, and the Node Operator Commitment. The program covers both network-wide events—such as network outages—and node operator failures.
You can find more details about Liquid Collective's Slashing Coverage Program in .
is the leading provider of decentralized crypto-native protection, having secured billions of dollars in value held in smart contracts. Nexus Mutual’s bespoke Slashing Coverage for Liquid Collective is fully scalable coverage that dynamically adjusts with the protocol's assets on platform (AoP) and provides access to Nexus Mutual's slashing coverage directly from a user's custody account at platforms such as Coinbase or Bitcoin Suisse.
The Slashing Coverage Fund contract enables the . The contract receives the funds to distribute for the slashing coverage, which are used to cover losses that may occur on the consensus layer due to slashing events. The contract acts as a temporary buffer for funds that can be pulled in case of a loss.
Computation and assignation of deductibles following a slashing incident are performed off-chain according to .
Consensus Layer Deposits: River orchestrates the delegation of ETH to validators and deposits to the official .
Each staker retains legal and beneficial ownership of an amount of ETH that is equivalent to the amount of ETH that was deposited by the staker, as evidenced by its . Receipt tokens like LsETH evidence legal and beneficial ownership of the deposited token, and ownership of the token is maintained throughout the life of the receipt token.
The teams building and operating Liquid Collective work together to ensure the smooth functioning of the protocol and provide a seamless and secure Ethereum staking experience. You can learn more about Liquid Collective's approach to working with these roles in our .
In the Liquid Collective protocol's Platforms are also referred to as Allowlisters, as Platforms that enable minting and redemption currently function as the agents responsible for adding users to the Allowlist.
You can learn more about Liquid Collective Platforms in the .
Examples of Liquid Collective Service Providers include , , , and Hypernative.
You can learn more about Liquid Collective Node Operators in the .
Oracles report to Liquid Collective's core contract on the balance of underlying staked tokens plus accrued staking rewards, minus any slashing penalties. This information informs for deposit and withdrawal (when supported, after withdrawals are enabled on Ethereum), alongside supporting DeFi reporting.
Node Operators in Liquid Collective's active set also support the protocol's by providing coverage for deductibles, up to a cap, against slashing incidents and missed rewards incurred due to the fault of their infrastructure.
You can find in-depth technical documentation on Liquid Collective's Ethereum validator infrastructure in .
is a decentralized liquid staking protocol. Multi-chain capable, Liquid Collective launched Ethereum liquid staking first and aims to implement liquid staking for other networks in the future.
For general Liquid Collective documentation, visit Liquid Collective's core documentation .
When a user deposits a token (ETH) into the Liquid Collective protocol, they receive a liquid staking token, that evidences legal and beneficial ownership of the staked ETH as well as any network rewards that accrue to the staked ETH, minus protocol service fees and network slashing penalties, if any. The receipt token can be transferred, stored, traded, and utilized in decentralized finance (DeFi) or supported decentralized apps (dapps).
LsETH is able to represent both staked ETH and any network rewards earned by following the , supporting LsETH's composability while providing participants with the ability to control their network reward flow
Liquid Collective offers to every participant via the to mitigate the risk of Node Operator failures and network outages
Liquid Collective's reduces correlation by spreading stake round-robin across a distributed network of Node Operators
All code deployed to mainnet has been
Liquid Collective is designed to provide users with protections over protocol access via know-your-customer (KYC) and anti-money-laundering (AML) verification with to facilitate compliance
LsETH is a fungible receipt token based on the Ethereum ERC-20 model. When a user deposits ETH to the Liquid Collective protocol, they receive an equivalent amount of LsETH that evidences their legal and beneficial ownership of the deposited ETH, as well as any network rewards that accrue to the ETH as a result of staking minus protocol service fees and network slashing penalties, if any.
Ethereum mainnet: Verify the . The LsETH contract address is: 0x8c1BEd5b9a0928467c9B1341Da1D7BD5e10b6549
Base L2: Verify the . The LsETH contract address is: 0xB29749498954A3A821ec37BdE86e386dF3cE30B6
By obtaining LsETH, participants agree to the terms of the , which remains in effect for as long as the participant holds LsETH.
To ensure open transparency into the agreement's terms, the LsETH User Agreement is additionally both encoded into the metadata of the LsETH smart contract and stored on-chain in IPFS .
You can learn more about the LsETH User Agreement and its innovations in our .
LsETH implements the , which uses a floating conversion rate—a.k.a. the protocol conversion rate—between a receipt token (e.g. LsETH) and the staked tokens to reflect the value of accrued network rewards, penalties, and fees associated with the staked tokens.
Note: Depending on the amount of ETH the protocol's Deposit Buffer, a validator may need to be exited from Ethereum to service a LsETH redemption request. When a validator is exited, it is subject to the Ethereum network's variable exit and withdrawal queues, which can take minutes to days. It's recommended to review the current maximum .
Funds from Liquid Collective’s Slashing Coverage Program enter the Deposit Buffer according to the to be programmatically staked
For those that want to view a stack trace, we recommend using a tool like .
If there is still unsupplied redemption demand, the protocol requests validator exits by signaling Node Operators. Upon receiving this request, the appropriate number of validators are entered to Ethereum’s exit queue, where they are subject to .
When a redemption request is submitted by calling the requestRedeem function, a redeem request id is returned by either using the or subscribing to RequestedRedeem events.
For those that want to view a stack trace, we recommend using a tool like .
Platforms can learn more about this process in the
For those that want to view a stack trace, we recommend using a tool like .
Status Satisfaction
Status Claim
Meaning
PENDING_SATISFACTION
NOT_CLAIMED
Redeem is in process of being satisfied and cannot be claimed yet.
FULLY_SATISFIED
NOT_CLAIMED
Redeem request is fully satisfied thus can be claimed.
FULLY_SATISFIED
FULLY_CLAIMED
Redeem was fully claimed after getting fully satisfied. All funds have been sent to the recipient and redeem can not be claimed again.
PARTIALLY_SATISFIED
NOT_CLAIMED
Redeem request is partially satisfied and thus can be partially claimed and will require to claim again later on. User may decide to either a) claim now to receive part of the funds and proceed with other claim(s) later on, or b) wait for the request to be FULLY_SATISFIED so that only a single claim is required.
PENDING_SATISFACTION
PARTIALLY_CLAIMED
Request was partially claimed and is pending satisfaction for the remaining part. The request can not be claimed yet.
FULLY_SATISFIED
PARTIALLY_CLAIMED
Request was partially claimed and is now fully satisfied so can be claimed again to collect the remaining part.
PARTIALLY_SATISFIED
PARTIALLY_CLAIMED
Request was partially claimed and is now partially satisfied, thus can be partially claimed and will require another claim later.
Oracle operations on Liquid Collective report on consensus layer data
The Oracle holds a list of the Oracle Operators' members who are expected to periodically report Consensus Layer data. These addresses can be checked via an off-chain naive search request.
The Oracle contract is configured such that a representative subset of those Operators are required to report the same Consensus Layer (also referred to as Beacon Chain) data before the Oracle contract reports to the River contract.
The Oracle is set to report Consensus Layer data to the River contract at configurable Consensus Layer epochs. For each reporting epoch, the Oracle contract expects a quorum of Oracle Operators to report the identical Consensus Layer data before reporting to the River contract.
The Oracle contract is configurable so data is reported from a starting epoch and then for every epoch at a given interval.
The Oracle contract holds a configurable quorum value that indicates the minimum number of Oracle Operators that must report identical Consensus Layer data before reporting the data to the River contract.
At each reporting epoch, every Oracle Operator is expected to collect Consensus Layer data and report it to the Oracle contract through a transaction. The Oracle contract counts the reported consensus layer balance sum of Liquid Collective validators, the reported count of validators, and the number of similar reports from Oracle Operators, along with the count of report variants.
Any changes to the quorum, such as removing Oracle Operators from the members list, clears all of the reporting data for that epoch. Remaining Oracle Operators that had already submitted reports for that epoch would need to report again for the same epoch.
Once receiving a quorum of identical reports, the Oracle contract publishes the data to the River contract, at which point the River contract can compute and distribute network rewards.
The Oracle contract aims to report the following data to the River contract:
Epoch - The epoch for which the Consensus Layer data corresponds to.
Validators Count – The count of active Liquid Collective validators on the Consensus Layer (either in status active or active_ongoing). This is necessary so River can compute the number of validators in pending status that have been staked to on the Deposit Contract but are not yet active on the Consensus Layer.
Validators Balance – The total ETH balance of active Liquid Collective validators on the Consensus Layer.
The Oracle contract is responsible for performing certain sanity checks on the reported data, providing a layer of security to the protocol in case Oracle Operators behave maliciously.
First, the Oracle contract makes sure that the Oracle Operator's reported transactions are for the correct expected epoch.
Second, it makes sure that the validators' reported balances are coherent. In particular, the Oracle contract:
Forbids Oracle Operators from reporting earned rewards that would exceed some configurable upper bound of APY. This upper bound takes into account the APY delta between updates extrapolated on a yearly time frame.
Forbids Oracle Operators from reporting a balance that would have decreased more than some configurable lower bound of fees or penalties. This lower bound is based on the relative balance decrease.
The execution layer fees are taken into account in these sanity checks as they are the product of a Node Operator's work, just like consensus layer fees.
The Oracle contract receives reports from the Oracle Operators and updates the following data for the River contract:
Validators Count – The count of active Liquid Collective validators on the Consensus Layer (either in status active or posterior). This count is necessary to compute the count of Liquid Collective validators in pending status that have been funded and deposited to the Deposit Contract but are not yet active on the Consensus Layer.
Validators Balance – The total ETH balance of active Liquid Validators on the Consensus Layer.
Each time a new report is processed, if Liquid Collective's validators have collectively earned a positive network reward, then this network reward is distributed between parties involved in the Liquid Collective protocol by increasing the Conversion Rate for LsETH.
Name
Owner
Role
Activation Queue
Ethereum Consensus Protocol
Exit Queue
Ethereum Consensus Protocol
Redemption Queue
Liquid Collective Protocol
The Liquid Collective protocol’s Redemption Queue facilitates the satisfaction of redemption requests in the same order as they have been requested. The first-in-first-out Redemption Queue is intended to protect against a race for claims in the event of high withdrawal demand.
Withdrawal Stack
Liquid Collective Protocol
The Liquid Collective protocol’s Withdrawal Stack automatically facilitates the movement of ETH to the protocol’s Redemption Buffer. This ETH may be sourced by validator exits from the consensus layer or rebalanced from the protocol’s Deposit Buffer.
Redemption Buffer
Liquid Collective Protocol
The Liquid Collective protocol’s Redemption Buffer holds ETH that is pending to be supplied for redemption satisfactions.
Deposit Buffer
Liquid Collective Protocol
The Liquid Collective protocol’s Deposit Buffer holds ETH pending to be deposited to Ethereum’s consensus layer, or that can be rebalanced to the Withdrawal Stack to programmatically facilitate redemption satisfactions. This ETH may be sourced from user deposits, network rewards (consensus layer & execution layer), the protocol’s Slashing Coverage Program, or rebalanced from the protocol’s Withdrawal Stack.
The collection and socialization of Ethereum network rewards and Liquid Collective protocol fees
Because of LsETH's cToken design, the Conversion Rate may fluctuate. In contrast to other token models, such as aTokens, that issue new net network reward tokens on a unit basis, stakers on the Liquid Collective protocol will not receive more or less tokens as they receive network rewards or penalties.
Instead, the Conversion Rate for each unit of LsETH owned by the depositor will increase or decrease (i.e., the LsETH will evidence legal and beneficial ownership of more or less ETH) in an amount that reflects accrued network rewards.
Every day the Liquid Collective protocol accounts for Ethereum network rewards including consensus layer network rewards and execution layer fees minus possible penalties, which results in updating the data reflecting the total supply of ETH.
If network rewards have been earned on a given day, then the protocol collects the Protocol Service Fee as a percentage of the earned network rewards. The Protocol Service Fee is collected by minting LsETH, which results in an increase in the total supply of LsETH.
Under normal validator operations, the protocol earns network rewards; as such the total supply of ETH increases and the Conversion Rate increases accordingly.
In a scenario where validators are penalized or slashed, depending on the magnitude of the incurred penalties, the total ETH supply could decrease, and the Conversion Rate would decrease accordingly.
Example
Assuming
totalETHSupply = 125 ETH
totalLsETHSupply = 100
protocolFee = 10%
So conversionRate = 125 / 100 = 1.25
Today the protocol earns 10 ETH thus the protocol fee is 10% * 10 ETH / 1.25 = 0.8 LsETH
And the new conversionRate = (125+10) / (108+0.8) = 1.58
Each time the Oracle contract reports consensus layer data to the River contract, the protocol programmatically distributes network rewards including consensus layer network rewards and execution layer fees.
Fees received by validators for the execution of transactions are distributed on the execution layer directly. The Liquid Collective protocol automatically stakes the execution layer fees to increase the protocol’s overall potential reward rate by increasing the number of validators in the protocol's active set.
Each time the Oracle reports consensus layer data, the River smart contract:
Pulls execution layer fees from the EL Fee Recipient contract
Updates consensus layer data including the Liquid Collective active validators count and total Liquid Collective active validators balance
The network reward is computed as:
The EL Fee Recipient Contract receives all of the execution layer fees including transaction fees and MEV priority fees. The River contract periodically pulls that ETH on every Oracle report.
If the earned reward is positive, it is distributed between:
LsETH holders receive 85% of the network rewards, proportional to their LsETH holdings, through an accrual of the Conversion Rate
Collector that receives the Protocol Service Fee via minting LsETH, which is currently set at 10%
Liquid Collective socializes network rewards and penalties between holders proportionally to their LsETH balance. The protocol aims to enforce fairness between participants, making sure that no participant gets treated favorably compared to others.
This means that stakers on Liquid Collective are exposed to the performance of all validators across Liquid Collective as a whole.
Examples:
If a validator receives a massive MEV network reward, then this network reward is socialized amongst every LsETH holder.
If a validator gets slashed, then the penalty is socialized amongst every LsETH holder.
This socialization of network rewards and penalties is realized by the LsETH Conversion Rate which applies to every LsETH holder equally. Every 24 hours, Oracle reports the new balance of staked ETH across the protocol accounting for accrued network rewards and penalties, resulting in updating the Conversion Rate, which applies to every LsETH holder.
Decentralized set of approved enterprise-grade Node Operators reduces the risks of validator operations
The Ethereum protocol requires validators to operate according to a pre-defined set of rules, and Node Operators are economically incentivized to follow those rules.
Under proper operational conditions, validators collect network rewards by proposing blocks and signing attestations
Under improper operational conditions, validators can miss network rewards, get penalized, or in worst case scenarios, get slashed
Liquid Collective is designed to provide a secure and enterprise-grade liquid staking solution which necessitates sanctions checks on the protocol’s active validator set. Liquid Collective works only with security-focused Node Operators that institute best practices to generate network rewards, including operating multi-region and multi-client infrastructure, technical support teams, and security posturing (including double-sign protection).
To reduce the risk impact of validator operations, and to increase decentralization, Liquid Collective delegates tokens to multiple independent validator Node Operators. The staked tokens are distributed across Node Operators in a round-robin manner so that the Liquid Collective protocol is supported by a broad and dispersed active validator set. As a result, the risk is distributed, which should minimize staked ETH exposure.
The Operators Registry contract provides facilities for Node Operators to register and manage validator keys on the Liquid Collective protocol. River regularly delegates ETH to Node Operators by funding and depositing validator keys to the Consensus Layer.
Before submitting validator keys for the first time, a Node Operator must complete Liquid Collective's Node Operator approval to be approved on the Operators Registry contracts. This one-time approval enables the Node Operator to register validator keys.
Generate Validator Key
For each validator key to be submitted to the Operators Registry contract, a Node Operator is required to:
Generate the corresponding DepositMessage and BLS12-381 signature as per the Ethereum 2.0 specifications
Set the fee recipient to the EL Fee Recipient contract, responsible for collecting execution layer network rewards
The protocol sets the validator's withdrawal credentials to the Liquid Collective Withdrawal contract address when the protocol initiates a deposit transaction for the validator.
Operator Registry Check
Once generated, the Node Operator registers one or more validator keys on the Operator Registry. The Liquid Foundation conducts a sanity check on the keys for compliance with the above requirements, before increasing the operator limit to make validator keys eligible to receive ETH to stake from the Liquid Collective protocol.
Activating Validators
Once a validator has been registered as eligible to receive ETH, its validators keys can be funded at any time. The Liquid Collective protocol regularly programmatically selects eligible validator keys, funds them, and deposits them to the official Ethereum deposit contract. Once deposited, validator keys enter the activation queue as per the standard Ethereum staking procedure.
Node Operator CLI
The Node Operator Command Line Interface is part of the tooling Liquid Collective provides to Node Operators to facilitate protocol operations. The application provides various commands to facilitate Node Operators' management of their validator keys.
Liquid Collective protocol metadata
Liquid Collective protocol smart contracts expose a metadata URI that resolves to an IPFS directory containing resource files about the protocol.
Metadata directory contains different public resources such as:
Protocol Terms & Conditions
Marketing resources such as Liquid Collective logo pack
Security Audits reports
etc.
Any user can access the metadata by getting the IPFS URI from the River smart contracts and then retrieving the metadata directory from IPFS.
Operator running Oracle
Oracle Operators are responsible for periodically reporting consensus layer data to the Liquid Collective protocol.
In particular, they are responsible for reporting network rewards earned by validators on the consensus layer so those network rewards can be accounted for, accruing the value of the LsETH token (cToken) by increasing the Conversion Rate.
The Oracle smart contract is responsible for synchronizing Oracle Operators.
Oracle operators are responsible for periodically reporting consensus layer data to the execution layer.
In particular, they are responsible for reporting network rewards earned by validators on the consensus layer so those network rewards can be accounted for, accruing the value of the LsETH token (cToken) by increasing the Conversion Rate.
The Oracle smart contract is responsible for synchronizing Oracle operators. In particular it:
Lists the addresses of Oracle members that are expected to report
Sets the next target epoch to be reported by Oracle members
Expects a quorum of Oracle members to report the same data at the target epoch before forwarding it to the River contract
Oracle reports consist of:
The count of validators on the consensus layer
The total balance of those validators on the consensus layer
Oracle Operators interested in participating in the Oracle set should go through the following procedure:
One-Time Protocol Onboarding
Oracle Operator generates a wallet to be used as Operator members
Oracle member address gets approved on the Oracle smart contract
Ongoing Operations
Oracle Operator configures and runs the Oracle daemon in its infrastructure connecting self-managed Ethereum EL and CL clients
Oracle Operator makes sure that the Operator member account always has a sufficient ETH balance to pay for gas fees implied by report transactions
To facilitate operations, Oracle Operators are recommended to use the Oracle daemon which is an open-source application maintained by Liquid Collective. While the Oracle daemon is recommended, it is not mandatory, and Oracle Operators can opt-out of it and use their own preferred solution.
The Oracle daemon is a long-living application that:
Continuously listens for event logs emitted by the Operators Registry contract
Calls the Oracle contract to get the next target epoch to report
Exposes various metrics about the activity of the Oracle
When the target epoch to report is reached, it:
Collects consensus layer data for the target epoch
Generates a report from the collected data (validators count and total balance on the consensus layer)
Sends the report transaction to the Oracle contract
The Oracle daemon can optionally run in --dry-mode in which case it does not send report transactions to the chain.
The Oracle daemon needs to be connected to:
Ethereum Execution Layer RPC endpoint
to listen for event logs emitted by the Operator registry contract (in particular events when validator keys get funded)
to aggregate all withdrawals data since the Shapella fork
to call the Oracle contract for the next epoch to report
Ethereum Consensus Layer HTTP endpoint
to query validator data
The Oracle Daemon also needs access to a private key for signing report transactions. This wallet corresponds to the oracle member address that has been approved on the oracle contract.
Since the Shapella fork, it has become necessary to retrieve withdrawals for all Liquid Collective validators. However, there is no available API for this task. One solution is to read all blocks, but this consumes a large number of requests. An alternative solution is to implement a stateful approach.
As a result, we have decided to introduce a new flag in the lceth CLI, --data-dir, which stores the state of withdrawals. The stored state encompasses all withdrawals and their corresponding blocks. (The estimated size of the storage is approximately 4 GB.)
A synced Execution Layer client with JSON-RPC endpoint enabled. All implementations are supported (Geth, Erigon, Besu, etc.)
A synced Consensus Layer client with API endpoint enabled. All implementations are supported (Prysm, Teku, Lighthouse, etc.)
The recommended installation is to use the public Docker image public.ecr.aws/alluvial/liquid-collective/lceth:latest
It is also possible to build the binary from sources and run it.
Sending an Oracle report uses about 100,000 gas for a regular report and ~300,000 gas when reaching the quorum.
Let's estimate how much in gas fees an Oracle Operator should pay per year, considering:
the protocol expects 1 report per day
the average gas price is 30 gwei
there are 5 oracle operators
the quorum is 3
all operators use an implementation which alternates submissions order
This means that each day there is a 2/5 probability of sending a regular report and a 1/5 probability of sending a report that reaches quorum:
(365 _ 2/5 _ 100000 + 365 _ 1/5 _ 300000) * 30 = 1 095 000 000 Gwei = 1.09 ETH / year
To generate such a wallet you can use the following command:
Once generated you should securely store the key file and password for later usage, as you will need it each time you will run the Oracle daemon.
Submit the Oracle member address to the administrator to get it approved on the Oracle contract members list.
Oracle has become stateful; be sure to choose an appropriate data directory using the --data-dir flag.
In dry run the Oracle daemon collects data and generates reports but does not send transactions to the Oracle contract.
It is recommended to use dry run mode when:
You are not an Oracle Operator and you are only interested in collecting Oracle metrics data
You are an Oracle Operator and you want to first test in dry run before running in live mode
To run the oracle in dry-run mode, you can run:
In live mode, the daemon runs full capabilities and sends transactions to the chain for every epoch to be reported.
In live mode, you need the daemon to have access to the Oracle member wallet that will be used to sign report transactions.
Top up Oracle Operator account
Before starting the daemon you should make sure that the Oracle Operator account has been topped-up with ETH so it can pay for the gas fees for the report transactions.
After starting the daemon, an Oracle Operator should make sure that the Oracle member account always has a sufficient balance of ETH to send report transactions.
Oracle Operators are responsible for paying for the gas implied by the report transaction.
To run the daemon in live mode, you can run:
The Oracle service exposes a health endpoint that exposes routes for monitoring:
/live Liveness endpoint
/ready Readiness endpoint
/metrics Prometheus metrics
Platforms provide a seamless on-ramp and access for users to interact with the Liquid Collective protocol.
Platforms provide a seamless on-ramp and access for users to interact with the Liquid Collective protocol. There are two types of Liquid Collective Platforms.
These Platforms enable direct Liquid Collective protocol interactions, including depositing ETH to Ethereum's deposit contract and redeeming LsETH for ETH (minting and redeeming).
They conduct know-your-customer (KYC) and anti money laundering (AML) checks on their users, and submit approved user addresses to Liquid Collective's Allowlist.
These Platforms then provide a path to deposit and withdraw staked tokens.
In other words, KYC'd users who utilize a Platform's services can deposit to Liquid Collective and mint LsETH.
[!NOTE] Users, also called stakers, are entities interested in staking ETH using the Liquid Collective protocol to mint the LsETH receipt token in return, evidencing their legal and beneficial ownership of the staked ETH plus rewards accrued and minus any fees or penalties. Before depositing ETH and minting LsETH, a user needs to go through an effective KYC/AML and sanctions screening process. After successfully completing the KYC/AML and sanctions screening process with a Platform, the user's wallet address can be added to Liquid Collective's Allowlist smart contract, authorizing deposit and redemption transactions.
These Platforms do not enable minting, redeeming, or direct Liquid Collective protocol interactions, but do enable secondary protocol interactions such as trading, lending, or other services not required to Allowlist KYC/AML wallet addresses.
Users of these Platforms can seamlessly interact with LsETH, and may accrue Ethereum's consensus and execution layer network rewards simply by holding LsETH.
By default, LsETH holders can transfer LsETH.
Alluvial Finance Inc.
Redeem Manager (v1)
This contract handles the redeem requests of all users
Claims the rewards of the provided redeem request ids
Claims the rewards of the provided redeem request ids
Retrieve the amount of redeemed LsETH pending to be supplied with withdrawn ETH
Retrieve the amount of LsETH waiting to be exited
Retrieve the global count of redeem requests
Retrieve the details of a specific redeem request
Retrieve River address
Retrieve the global count of withdrawal events
Retrieve the details of a specific withdrawal event
Pulls exceeding buffer eth
Reports a withdraw event from River
Creates a redeem request
Creates a redeem request using msg.sender as recipient
Resolves the provided list of redeem request ids
The result is an array of equal length with ids or error code-1 means that the request is not satisfied yet-2 means that the request is out of bounds-3 means that the request has already been claimedThis call was created to be called by an off-chain interface, the output could then be used to perform the claimRewards call in a regular transaction
Retrieves the version of the contract
Emitted when a redeem request claim has been processed and matched at least once and funds are sent to the recipient
Emitted when the contract is properly initialized
Emitted when a withdrawal event is created
Emitted when a redeem request is created
Emitted when a redeem request has been satisfied and filled (even partially) from a withdrawal event
Emitted when the redeem demand is set
Emitted when the River address is set
Thrown when the claim initiator is denied
Thrown when the claim recipient is denied
Thrown when the payment after a claim failed
Thrown when the redeem request and withdrawal event are not matching during claim
Thrown when the provided arrays don't have matching lengths
An error occurred during the initialization
The address is zero
Thrown When a zero value is provided
Thrown when the recipient of redeemRequest is denied
Thrown when the redeem request id is already claimed
Thrown when the provided redeem request id is out of bounds
Thrown when a transfer error occurred with LsETH
The operator is unauthorized for the caller
Thrown when the withdrawal request id if out of bounds
Thrown when the provided withdrawal event exceeds the redeem demand
Liquid Collective deployment addresses
Ethereum’s Activation Queue rate limits the number of new validators that can be activated on the network to protect the network’s stability. The Activation Queue can result in a waiting time to activate stake on Ethereum. Learn more .
Ethereum’s Exit Queue rate limits the speed at which validators can leave the network to protect the network’s stability, and to ensure that slashing penalties are applied as necessary. The Exit Queue can result in a waiting time to withdraw stake from Ethereum. Learn more .
Every 24 hours, Oracles report the new balance of staked ETH from accrued network rewards or fees. The is computed as the total balance of staked ETH over the total supply of LsETH. If accrued network rewards are greater than penalties and fees, the protocol Conversion Rate increases to reflect the net Ethereum network rewards collected by the protocol.
The Liquid Collective protocol charges a Protocol Service Fee set at 10.0% of network rewards. Liquid Collective’s service fee is split amongst split amongst Node Operators, Platforms, Wallet & Custody Providers, Service Providers, the protocol’s , and the Liquid Collective DAO, which comprises a broad and dispersed community of protocol participants. All service fees are distributed in LsTokens, which are the native receipt tokens of the protocol (e.g. LsETH).
Node Operators in Liquid Collective's active set also support the protocol's by providing coverage for deductibles, up to a cap, against slashing incidents and missed rewards incurred due to the fault of their infrastructure.
To see a step by step workflow for the Node Operator CLI, check out the guide.
Below is an example of an RPC call to get Liquid Collective metadata URI using
The Liquid Collective protocol currently uses Alluvial's API services to facilitate Platform onboarding. Platform guides can be found in the .
Platforms offering KYC procedures for their users may submit user wallet addresses using the to register the addresses with the Liquid Collective Allowlist contract.
redeemRequestIds
uint32[]
undefined
withdrawalEventIds
uint32[]
undefined
skipAlreadyClaimed
bool
undefined
_depth
uint16
The maximum recursive depth for the resolution of the redeem requests
claimStatuses
uint8[]
The list of claim statuses. 0 for fully claimed, 1 for partially claimed, 2 for skipped
_redeemRequestIds
uint32[]
The list of redeem requests to claim
_withdrawalEventIds
uint32[]
The list of withdrawal events to use for every redeem request claim
claimStatuses
uint8[]
The list of claim statuses. 0 for fully claimed, 1 for partially claimed, 2 for skipped
_0
uint256
The amount of eth in the buffer
_0
uint256
The amount of LsETH waiting to be exited
_0
uint256
undefined
_redeemRequestId
uint32
The id of the request
_0
RedeemQueueV2.RedeemRequest
The redeem request details
_0
address
The address of River
_0
uint256
undefined
_withdrawalEventId
uint32
The id of the withdrawal event
_0
WithdrawalStack.WithdrawalEvent
The withdrawal event details
_river
address
The address of the River contract
_max
uint256
The maximum amount that should be pulled
_lsETHWithdrawable
uint256
The amount of LsETH that can be redeemed due to this new withdraw event
_lsETHAmount
uint256
The amount of LsETH to redeem
_recipient
address
The recipient owning the redeem request
redeemRequestId
uint32
The id of the redeem request
_lsETHAmount
uint256
The amount of LsETH to redeem
redeemRequestId
uint32
The id of the redeem request
_redeemRequestIds
uint32[]
The list of redeem requests to resolve
withdrawalEventIds
int64[]
The list of withdrawal events matching every redeem request (or error codes)
_0
string
Version of the contract
redeemRequestId indexed
uint32
The id of the redeem request
recipient indexed
address
The address receiving the redeem request funds
ethAmount
uint256
The amount of eth retrieved
lsEthAmount
uint256
The total amount of LsETH used to redeem the eth
remainingLsEthAmount
uint256
The amount of LsETH remaining
version
uint256
New version of the contracts
cdata
bytes
Complete calldata that was used during the initialization
height
uint256
The height of the withdrawal event in LsETH
amount
uint256
The amount of the withdrawal event in LsETH
ethAmount
uint256
The amount of eth to distribute to claimers
id
uint32
The id of the withdrawal event
recipient indexed
address
The recipient of the redeem request
height
uint256
The height of the redeem request in LsETH
amount
uint256
The amount of the redeem request in LsETH
maxRedeemableEth
uint256
The maximum amount of eth that can be redeemed from this request
id
uint32
The id of the new redeem request
redeemRequestId indexed
uint32
The id of the redeem request
withdrawalEventId indexed
uint32
The id of the withdrawal event used to fill the request
lsEthAmountSatisfied
uint256
The amount of LsETH filled
ethAmountSatisfied
uint256
The amount of ETH filled
lsEthAmountRemaining
uint256
The amount of LsETH remaining
ethAmountExceeding
uint256
The amount of eth added to the exceeding buffer
oldRedeemDemand
uint256
The old redeem demand
newRedeemDemand
uint256
The new redeem demand
river
address
The new river address
recipient
address
The recipient of the payment
rdata
bytes
The revert data
redeemRequestId
uint256
The provided redeem request id
withdrawalEventId
uint256
The provided associated withdrawal event id
version
uint256
The version that was attempting to be initialized
expectedVersion
uint256
The version that was expected
id
uint256
The redeem request id
id
uint256
The redeem request id
caller
address
Address performing the call
id
uint256
The withdrawal event id
withdrawalAmount
uint256
The amount of the withdrawal event
redeemDemand
uint256
The current redeem demand
Alluvial Finance Inc.
Execution Layer Fee Recipient (v1)
This contract receives all the execution layer fees from the proposed blocks + bribes
Initialize the fee recipient with the required arguments
_riverAddress
address
Address of River
Pulls ETH to the River contract
Only callable by the River contract
_maxAmount
uint256
The maximum amount to pull into the system
Retrieves the version of the contract
_0
string
Version of the contract
Emitted when the contract is properly initialized
version
uint256
New version of the contracts
cdata
bytes
Complete calldata that was used during the initialization
The storage river address has changed
river indexed
address
The new river address
The fallback has been triggered
An error occurred during the initialization
version
uint256
The version that was attempting to be initialized
expectedVersion
uint256
The version that was expected
The address is zero
The operator is unauthorized for the caller
caller
address
Address performing the call
Figment
Firewall
This contract accepts calls to admin-level functions of an underlying contract, and ensures the caller holds an appropriate role for calling that function. There are two roles:
An Admin can call anything
An Executor can call specific functions
The list of function is customizable. Random callers cannot call anything through this contract, even if the underlying function is unpermissioned in the underlying contract. Calls to non-admin functions should be called at the underlying contract directly.
Accept the transfer of ownership
Only callable by the pending admin. Resets the pending admin if successful.
Sets the permission for a function selector
_functionSelector
bytes4
Method signature on which the permission is changed
_executorCanCall
bool
True if selector is callable by the executor
Retrieve the destination address
_0
address
The destination address
Retrieve the executor address
_0
address
The executor address
Returns true if the executor is allowed to perform a call on the given selector
_0
bytes4
undefined
_0
bool
True if executor is allowed to call
Retrieves the current admin address
_0
address
The admin address
Retrieve the current pending admin address
_0
address
The pending admin address
Proposes a new address as admin
This security prevents setting an invalid address as an admin. The pending admin has to claim its ownership of the contract, and prove that the new address is able to perform regular transactions.
_newAdmin
address
New admin address
Sets the executor address
_newExecutor
address
New address for the executor
Retrieves the version of the contract
_0
string
Version of the contract
The admin address changed
admin indexed
address
New admin address
The stored destination address has been changed
destination indexed
address
The new destination address
The stored executor address has been changed
executor indexed
address
The new executor address
The storage permission for a selector has been changed
selector
bytes4
The 4 bytes method selector
status
bool
True if executor is allowed
The pending admin address changed
pendingAdmin indexed
address
New pending admin address
The address is zero
The operator is unauthorized for the caller
caller
address
Address performing the call
Alluvial Finance Inc.
Coverage Fund (v1)
This contract receive donations for the slashing coverage fund and pull the funds into riverThis contract acts as a temporary buffer for funds that should be pulled in case of a loss of money on the consensus layer due to slashing events.There is no fee taken on these funds, they are entirely distributed to the LsETH holders, and no shares will get minted.Funds will be distributed by increasing the underlying value of every LsETH share.The fund will be called on every report and if eth is available in the contract, River will attempt to pull as much ETH as possible. This maximum is defined by the upper bound allowed by the Oracle. This means that it might take multiple reports for funds to be pulled entirely into the system due to this upper bound, ensuring a lower secondary market impact.The value provided to this contract is computed off-chain and provided manually by Alluvial or any authorized insurance entity.The Coverage funds are pulled upon an oracle report, after the ELFees have been pulled in the system, if there is a margin left before crossing the upper bound. The reason behind this is to favor the revenue stream, that depends on market and network usage, while the coverage fund will be pulled after the revenue stream, and there won't be any commission on the eth pulled.Once a Slashing event occurs, the team will do its best to inject the recovery funds in at maximum 365 days. The entities allowed to donate are selected by the team. It will mainly be treasury entities or insurance protocols able to fill this coverage fund properly.
Donates ETH to the coverage fund contract
Initialize the coverage fund with the required arguments
_riverAddress
address
Address of River
Pulls ETH into the River contract
Only callable by the River contract
_maxAmount
uint256
The maximum amount to pull into the system
Retrieves the version of the contract
_0
string
Version of the contract
A donation has been made to the coverage fund
donator indexed
address
Address that performed the donation
amount
uint256
The amount donated
Emitted when the contract is properly initialized
version
uint256
New version of the contracts
cdata
bytes
Complete calldata that was used during the initialization
The storage river address has changed
river indexed
address
The new river address
A donation with 0 ETH has been performed
The fallback or receive callback has been triggered
An error occurred during the initialization
version
uint256
The version that was attempting to be initialized
expectedVersion
uint256
The version that was expected
The address is zero
The operator is unauthorized for the caller
caller
address
Address performing the call
Alluvial Finance Inc.
Administrable
This contract handles the administration of the contracts
Accept the transfer of ownership
Only callable by the pending admin. Resets the pending admin if successful.
Retrieves the current admin address
_0
address
The admin address
Retrieve the current pending admin address
_0
address
The pending admin address
Proposes a new address as admin
This security prevents setting an invalid address as an admin. The pending admin has to claim its ownership of the contract, and prove that the new address is able to perform regular transactions.
_newAdmin
address
New admin address
The admin address changed
admin indexed
address
New admin address
The pending admin address changed
pendingAdmin indexed
address
New pending admin address
The address is zero
The operator is unauthorized for the caller
caller
address
Address performing the call
Alluvial Finance Inc.
TLC (v1)
The TLC token has a max supply of 1,000,000,000 and 18 decimal places.Upon deployment, all minted tokens are send to account provided at construction, in charge of creating the vesting schedulesThe contract is based on ERC20Votes by OpenZeppelin. Users need to delegate their voting power to someone or themselves to be able to vote.The contract contains vesting logics allowing vested users to still be able to delegate their voting power while their tokens are held in an escrow
Description of the clock
_0
string
undefined
See {IERC20Permit-DOMAIN_SEPARATOR}.
_0
bytes32
undefined
See {IERC20-allowance}.
owner
address
undefined
spender
address
undefined
_0
uint256
undefined
See {IERC20-approve}. NOTE: If amount is the maximum uint256, the allowance is not updated on transferFrom. This is semantically equivalent to an infinite approval. Requirements: - spender cannot be the zero address.
spender
address
undefined
amount
uint256
undefined
_0
bool
undefined
See {IERC20-balanceOf}.
account
address
undefined
_0
uint256
undefined
Get the pos-th checkpoint for account.
account
address
undefined
pos
uint32
undefined
_0
ERC20VotesUpgradeable.Checkpoint
undefined
Clock used for flagging checkpoints. Can be overridden to implement timestamp based checkpoints (and voting).
_0
uint48
undefined
Computes the releasable amount of tokens for a vesting schedule.
_index
uint256
index of the vesting schedule
_0
uint256
amount of releasable tokens
Computes the vested amount of tokens for a vesting schedule.
_index
uint256
index of the vesting schedule
_0
uint256
amount of vested tokens
Creates a new vesting scheduleThere may delay between the time a user should start vesting tokens and the time the vesting schedule is actually created on the contract.Typically a user joins the Liquid Collective but some weeks pass before the user gets all legal agreements in place and signed for the token grant emission to happen. In this case, the vesting schedule created for the token grant would start on the join date which is in the past.
As vesting schedules can be created in the past, this means that you should be careful when creating a vesting schedule and what duration parameters you use as this contract would allow creating a vesting schedule in the past and even a vesting schedule that has already ended.
_start
uint64
start time of the vesting
_cliffDuration
uint32
duration to vesting cliff (in seconds)
_duration
uint32
total vesting schedule duration after which all tokens are vested (in seconds)
_periodDuration
uint32
duration of a period after which new tokens unlock (in seconds)
_lockDuration
uint32
duration during which tokens are locked (in seconds)
_revocable
bool
whether the vesting schedule is revocable or not
_amount
uint256
amount of token attributed by the vesting schedule
_beneficiary
address
address of the beneficiary of the tokens
_delegatee
address
address to delegate escrow voting power to
_ignoreGlobalUnlockSchedule
bool
whether the vesting schedule should ignore the global lock
_0
uint256
index of the created vesting schedule
Returns the number of decimals used to get its user representation. For example, if decimals equals 2, a balance of 505 tokens should be displayed to a user as 5.05 (505 / 10 ** 2). Tokens usually opt for a value of 18, imitating the relationship between Ether and Wei. This is the default value returned by this function, unless it's overridden. NOTE: This information is only used for display purposes: it in no way affects any of the arithmetic of the contract, including {IERC20-balanceOf} and {IERC20-transfer}.
_0
uint8
undefined
Atomically decreases the allowance granted to spender by the caller. This is an alternative to {approve} that can be used as a mitigation for problems described in {IERC20-approve}. Emits an {Approval} event indicating the updated allowance. Requirements: - spender cannot be the zero address. - spender must have allowance for the caller of at least subtractedValue.
spender
address
undefined
subtractedValue
uint256
undefined
_0
bool
undefined
Delegate votes from the sender to delegatee.
delegatee
address
undefined
Delegates votes from signer to delegatee
delegatee
address
undefined
nonce
uint256
undefined
expiry
uint256
undefined
v
uint8
undefined
r
bytes32
undefined
s
bytes32
undefined
Delegate vesting escrowed tokens
_index
uint256
index of the vesting schedule
_delegatee
address
address to delegate the token to
_0
bool
True on success
Get the address account is currently delegating to.
account
address
undefined
_0
address
undefined
See {EIP-5267}. Available since v4.9.
fields
bytes1
undefined
name
string
undefined
version
string
undefined
chainId
uint256
undefined
verifyingContract
address
undefined
salt
bytes32
undefined
extensions
uint256[]
undefined
Retrieve the totalSupply at the end of timepoint. Note, this value is the sum of all balances. It is NOT the sum of all the delegated votes! Requirements: - timepoint must be in the past
timepoint
uint256
undefined
_0
uint256
undefined
Retrieve the number of votes for account at the end of timepoint. Requirements: - timepoint must be in the past
account
address
undefined
timepoint
uint256
undefined
_0
uint256
undefined
Get vesting schedule
The vesting schedule structure represents a static configuration used to compute the desired vesting details of a beneficiary at all times. The values won't change even after tokens are released.The only dynamic field of the structure is end, and is updated whenever a vesting schedule is revoked
_index
uint256
Index of the vesting schedule
_0
VestingSchedulesV2.VestingSchedule
undefined
Get count of vesting schedules
_0
uint256
count of vesting schedules
Gets the current votes balance for account
account
address
undefined
_0
uint256
undefined
Atomically increases the allowance granted to spender by the caller. This is an alternative to {approve} that can be used as a mitigation for problems described in {IERC20-approve}. Emits an {Approval} event indicating the updated allowance. Requirements: - spender cannot be the zero address.
spender
address
undefined
addedValue
uint256
undefined
_0
bool
undefined
Initializes the TLC Token
_account
address
The initial account to grant all the minted tokens
Get vesting global unlock schedule activation status for a vesting schedule
_index
uint256
Index of the vesting schedule
_0
bool
true if the vesting schedule should ignore the global unlock schedule
Migrates the vesting schedule state structures
Returns the name of the token.
_0
string
undefined
See {IERC20Permit-nonces}.
owner
address
undefined
_0
uint256
undefined
Get number of checkpoints for account.
account
address
undefined
_0
uint32
undefined
See {IERC20Permit-permit}.
owner
address
undefined
spender
address
undefined
value
uint256
undefined
deadline
uint256
undefined
v
uint8
undefined
r
bytes32
undefined
s
bytes32
undefined
Release vesting scheduleWhen tokens are released from the escrow, the delegated address of the escrow will see its voting power decrease.The beneficiary has to make sure its delegation parameters are set properly to be able to use/delegate the voting power of its balance.
_index
uint256
Index of the vesting schedule to release
_0
uint256
released amount
Revoke vesting schedule
_index
uint256
Index of the vesting schedule to revoke
_end
uint64
End date for the schedule
_0
uint256
amount returned to the vesting schedule creator
Returns the symbol of the token, usually a shorter version of the name.
_0
string
undefined
See {IERC20-totalSupply}.
_0
uint256
undefined
See {IERC20-transfer}. Requirements: - to cannot be the zero address. - the caller must have a balance of at least amount.
to
address
undefined
amount
uint256
undefined
_0
bool
undefined
See {IERC20-transferFrom}. Emits an {Approval} event indicating the updated allowance. This is not required by the EIP. See the note at the beginning of {ERC20}. NOTE: Does not update the allowance if the current allowance is the maximum uint256. Requirements: - from and to cannot be the zero address. - from must have a balance of at least amount. - the caller must have allowance for from's tokens of at least amount.
from
address
undefined
to
address
undefined
amount
uint256
undefined
_0
bool
undefined
Get the address of the escrow for a vesting schedule
_index
uint256
Index of the vesting schedule
_0
address
address of the escrow
Emitted when the allowance of a spender for an owner is set by a call to {approve}. value is the new allowance.
owner indexed
address
undefined
spender indexed
address
undefined
value
uint256
undefined
A new vesting schedule has been created
index
uint256
Vesting schedule index
creator indexed
address
Creator of the vesting schedule
beneficiary indexed
address
Vesting beneficiary address
amount
uint256
Vesting schedule amount
Emitted when an account changes their delegate.
delegator indexed
address
undefined
fromDelegate indexed
address
undefined
toDelegate indexed
address
undefined
Emitted when a token transfer or delegate change results in changes to a delegate's number of votes.
delegate indexed
address
undefined
previousBalance
uint256
undefined
newBalance
uint256
undefined
Vesting escrow has been delegated
index
uint256
Vesting schedule index
oldDelegatee indexed
address
old delegatee
newDelegatee indexed
address
new delegatee
beneficiary indexed
address
vesting schedule beneficiary
MAY be emitted to signal that the domain could have changed.
Triggered when the contract has been initialized or reinitialized.
version
uint8
undefined
Vesting schedule has been released
index
uint256
Vesting schedule index
releasedAmount
uint256
Amount of tokens released to the beneficiary
Vesting schedule has been revoked
index
uint256
Vesting schedule index
returnedAmount
uint256
Amount of tokens returned to the creator
newEnd
uint256
New end timestamp after revoke action
Emitted when value tokens are moved from one account (from) to another (to). Note that value may be zero.
from indexed
address
undefined
to indexed
address
undefined
value
uint256
undefined
Underflow in global unlock logic (should never happen)
Attempt to revoke a vesting schedule with an invalid end parameter
Invalid parameter for a vesting schedule
msg
string
undefined
The address is zero
The operator is unauthorized for the caller
caller
address
Address performing the call
Vesting schedule creator has unsufficient balance to create vesting schedule
The vesting schedule is locked
The VestingSchedule was not found
index
uint256
vesting schedule index
The vesting schedule is not revocable
Attempt to revoke a schedule in the past
No token to release
Alluvial Finance Inc.
Allowlist (v1)
This contract handles the list of allowed recipients.All accounts have an uint256 value associated with their addresses where each bit represents a right in the system. The DENY_MASK defined the mask used to identify if the denied bit is on, preventing users from interacting with the system
Accept the transfer of ownership
Only callable by the pending admin. Resets the pending admin if successful.
Retrieves the current admin address
Retrieves the allower address
Retrieves the denier address
Retrieve the current pending admin address
This method retrieves the raw permission value
This method returns true if the user has the expected permission ignoring any deny list membership
Initializes the allowlist
Initializes the allowlist denier
This method returns true if the user has the expected permission and is not in the deny list
This method returns true if the user is in the deny list
This method should be used as a modifier and is expected to revert if the user hasn't got the required permission or if the user is in the deny list.
Proposes a new address as admin
This security prevents setting an invalid address as an admin. The pending admin has to claim its ownership of the contract, and prove that the new address is able to perform regular transactions.
Sets the allow permissions for one or more accounts
This function is for allocating or removing deposit, redeem or donate permissions. This function could be used to give any permissions that we come up with in the future. An address which was denied has to be undenied first before they could be given any permission(s).
Changes the allower address
Changes the denier address
Sets the deny permissions for one or more accounts
This function is for allocating or removing deny permissions. An address which is undenied has to be given permissions again for them to be able to deposit, donate or redeem.
Retrieves the version of the contract
Emitted when the contract is properly initialized
The admin address changed
The stored allower address has been changed
The permissions of several accounts have changed
The stored denier address has been changed
The pending admin address changed
Allower can't remove deny permission
Allower can't set deny permission
The account is denied access
The provided accounts list is empty
An error occurred during the initialization
The address is zero
The provided accounts and permissions list have different lengths
The operator is unauthorized for the caller
Alluvial Finance Inc.
River (v1)
This contract merges all the manager contracts and implements all the virtual methods stitching all components together.
Operators add BLS Public Keys of validators running in their infrastructure.
User deposits ETH to the system and gets LsTokens minted in exchange.
Upon deposit, the system verifies if the User is allowed to deposit by querying the Allowlist.
When the system has enough funds to deposit validators, keys are pulled from the Operators Registry.
The deposit data is computed and the validators are funded via the OfficialDeposit contract.
Oracles report the total balance of the running validators and the total count of running validators.
The running validators propose blocks that reward the EL Fee Recipient. The funds are pulled back in the system.
Size of a deposit in ETH
Size of a BLS Public key in bytes
Size of a BLS Signature in bytes
Size of a deposit in ETH
Accept the transfer of ownership
Only callable by the pending admin. Resets the pending admin if successful.
Retrieve the allowance value for a spender
Approves an account for future spendings
An approved account can use transferFrom to transfer funds on behalf of the token owner
Retrieve the balance of an account
Retrieve the underlying asset balance of an account
Claims several redeem requests
Retrieve the decimal count
Decrease allowance to another account
Explicit deposit method to mint on msg.sender
Explicit deposit method to mint on msg.sender and transfer to _recipient
Deposits current balance to the Consensus Layer by batches of 32 ETH
Retrieves the current admin address
Retrieve the allowlist address
Returns the amount of ETH not yet committed for deposit
Retrieve the current balance to redeem
Retrieve the current cl spec
Get CL validator count (the amount of validator reported by the oracles)
Get CL validator total balance
Retrieve the collector address
Returns the amount of ETH committed for deposit
Retrieve the coverage fund
Retrieve the current epoch id based on block timestamp
Retrieve the current frame details
Retrieve the configured daily committable limits
Get the deposited validator count (the count of deposits made by the contract)
Retrieve the execution layer fee recipient
Retrieve expected epoch id
Retrieve the first epoch id of the frame of the provided epoch id
Get the current global fee
Get the keeper address
Retrieve the last completed epoch id
Retrieve the last consensus layer report
Retrieve the metadata uri string value
Retrieve the operators registry
Get oracle address
Retrieve the current pending admin address
Retrieve the redeem manager
Retrieve the report bounds
Retrieve the block timestamp
Retrieve the withdrawal credentials
Increase allowance to another account
Initializes the River system
Initialized version 1.1 of the River System
Initializes version 1.2 of the River System
Verifies if the provided epoch is valid
Retrieve the token name
Proposes a new address as admin
This security prevents setting an invalid address as an admin. The pending admin has to claim its ownership of the contract, and prove that the new address is able to perform regular transactions.
Performs a redeem request on the redeem manager
Resolves the provided redeem requests by calling the redeem manager
Input for consensus layer funds, containing both exit and skimming
Input for coverage funds
Input for execution layer fee earnings
Input for the redeem manager funds
Changes the allowlist address
Changes the collector address
Changes the coverage fund
Changes the execution layer fee recipient
Changes the global fee parameter
Sets the metadata uri string value
Set the oracle address
Retrieve the shares count from an underlying asset amount
Retrieve the token symbol
Retrieve the total token supply
Retrieve the total underlying asset supply
Performs a transfer from the message sender to the provided account
Performs a transfer between two recipients
Retrieve the underlying asset balance from an amount of shares
Retrieves the version of the contract
Emitted when the allowance of a spender for an owner is set by a call to {approve}. value is the new allowance.
The consensus layer data provided by the oracle has been updated
Emitted when the contract is properly initialized
The provided report has been processed
Emitted when funds are pulled from the CL recipient
Funds have been pulled from the Coverage Fund
Funds have been pulled from the Execution Layer Fee Recipient
Emitted when funds are pulled from the redeem manager
Emitted when the redeem manager received a withdraw event report
The system underlying supply increased. This is a snapshot of the balances for accounting purposes
The admin address changed
The stored Allowlist has been changed
Emitted when the balance committed to deposit
Emitted when the balance to deposit is updated
Emitted when the balance to redeem is updated
The Report Bounds are changed
The stored Collector has been changed
The stored Coverage Fund has been changed
The stored deposit contract address changed
Emitted when the deposited validator count is updated
The stored Execution Layer Fee Recipient has been changed
The stored Global Fee has been changed
Emitted when the daily committable limits are changed
The stored Metadata URI string has been changed
The stored Operators Registry has been changed
The stored oracle address changed
The pending admin address changed
Emitted when the redeem manager address is changed
The Consensus Layer Spec is changed
Emitted when the total supply is changed
The stored withdrawal credentials changed
Emitted when value tokens are moved from one account (from) to another (to). Note that value may be zero.
User deposited ETH in the system
Allowance too low to perform operation
Balance too low to perform operation
The access was denied
And empty deposit attempt was made
An error occurred during the deposit
The length of the BLS Public key is invalid during deposit
The length of the BLS Signature is invalid during deposit
The argument was invalid
The call was invalid
The total exited balance decreased
The total skimmed balance decreased
Invalid deposit root
The string is empty
Thrown when an invalid epoch was reported
The fee is invalid
An error occurred during the initialization
The received count of public keys to deposit is invalid
Thrown when the amount received from the Withdraw contract doe not match the requested amount
The received count of signatures to deposit is invalid
The reported validator count is invalid
The withdrawal credentials value is null
The address is zero
The internal key retrieval returned no keys
Not enough funds to deposit one validator
Invalid empty transfer
The slice is outside of the initial bytes bounds
The length overflows an uint
The balance decrease is higher than the maximum allowed by the lower bound
The balance increase is higher than the maximum allowed by the upper bound
The operator is unauthorized for the caller
Invalid transfer recipients
The computed amount of shares to mint is 0
Alluvial Finance Inc.
TUPProxy (Transparent Upgradeable Pausable Proxy)
This contract extends the Transparent Upgradeable proxy and adds a system wide pause feature. When the system is paused, the fallback will fail no matter what calls are made. Address Zero is allowed to perform calls even if paused to allow view calls made from RPC providers to properly work.
Pauses system
Retrieves Paused state
Unpauses system
Emitted when the admin account has changed.
Emitted when the beacon is changed.
The system is now paused
The system is now unpaused
Emitted when the implementation is upgraded.
A call happened while the system was paused
Alluvial Finance Inc.
Withdraw (v1)
This contract is in charge of holding the exit and skimming funds and allow river to pull these funds
Retrieve the withdrawal credentials to use
Retrieve the linked River address
Callable by River, sends the specified amount of ETH to River
Retrieves the version of the contract
Emitted when the contract is properly initialized
Emitted when the linked River address is changed
An error occurred during the initialization
The address is zero
The operator is unauthorized for the caller
Alluvial Finance Inc.
Wrapped LsETH (v1)
This contract wraps the LsETH token into a rebase token, more suitable for some DeFi use-cases like stable swaps.
Retrieves the token allowance given from one address to another
Approves another account to transfer tokens
Retrieves the token balance of the specified user
Burn tokens and retrieve underlying LsETH tokens
The message sender burns shares from its balance for the LsETH equivalent valueThe message sender doesn't need to approve the contract to burn the sharesThe freed LsETH is sent to the specified recipient
Retrieves the token decimal count
Decrease allowance to another account
Increase allowance to another account
Initializes the wrapped token contract
Mint tokens by providing LsETH tokens
The message sender locks LsETH tokens and received wrapped LsETH tokens in exchangeThe message sender needs to approve the contract to mint the wrapped tokensThe minted wrapped LsETH is sent to the specified recipient
Retrieves the token full name
Retrieves the raw shares count of the user
Retrieves the token symbol
Retrieves the token total supply
Transfers tokens between the message sender and a recipient
Transfers tokens between two accounts
It is expected that _from has given at least _value allowance to msg.sender
An approval has been made
Tokens have been burned
Triggered when the contract has been initialized or reinitialized.
Tokens have been minted
The stored value of river has been changed
A transfer has been made
Allowance too low to perform operation
Balance too low to perform operation
The address is zero
Invalid empty transfer
The token transfer failed during the minting or burning process
Invalid transfer recipients
Alluvial Finance Inc.
Oracle (v1)
This contract handles the input from the allowed oracle members. Highly inspired by Lido's implementation.
Accept the transfer of ownership
Only callable by the pending admin. Resets the pending admin if successful.
Adds new address as oracle member, giving the ability to push cl reports.
Only callable by the administrator. Modifying the quorum clears all the reporting data
Retrieves the current admin address
Retrieve member report status
Retrieve the last reported epoch id
The Oracle contracts expects reports on an epoch id >= that the returned value
Retrieve member report status
Retrieve the list of oracle members
Retrieve the current pending admin address
Retrieve the current quorum
Retrieve the details of a report variant
Retrieve report variants count
Retrieve River address
Initializes the oracle
Initializes the oracle
Returns true if address is member
Performs a naive search, do not call this on-chain, used as an off-chain helper
Proposes a new address as admin
This security prevents setting an invalid address as an admin. The pending admin has to claim its ownership of the contract, and prove that the new address is able to perform regular transactions.
Removes an address from the oracle members.
Only callable by the administrator. Modifying the quorum clears all the reporting dataRemaining members that have already voted should vote again for the same frame.
Changes the address of an oracle member
Only callable by the administrator or the member itselfCannot use an address already in use
Edits the quorum required to forward cl data to River
Modifying the quorum clears all the reporting data
Retrieves the version of the contract
A member has been added to the oracle member list
Cleared reporting data
Emitted when the contract is properly initialized
A member has been removed from the oracle member list
An oracle member performed a report
The admin address changed
The report bounds have been changed
The last reported epoch has changed
A member address has been edited
The pending admin address changed
The storage quorum value has been changed
The storage river address value has been changed
The consensus layer spec has been changed
The address is already in use by an oracle member
The member already reported on the given epoch id
The provided epoch is too old compared to the expected epoch id
The argument was invalid
The call was invalid
Thrown when the reported epoch is invalid
An error occurred during the initialization
The address is zero
Thrown when the report indexes fetched is out of bounds
The operator is unauthorized for the caller
River (LsETH)
OperatorsRegistry
Oracle
Allowlist
Withdraw
ELFeeRecipient
RedeemManager
version
uint256
New version of the contracts
cdata
bytes
Complete calldata that was used during the initialization
version
uint256
The version that was attempting to be initialized
expectedVersion
uint256
The version that was expected
_0
address
The admin address
_0
address
The address of the allower
_0
address
The address of the denier
_0
address
The pending admin address
_account
address
Recipient to verify
_0
uint256
The raw permissions value of the account
_account
address
Recipient to verify
_mask
uint256
Combination of permissions to verify
_0
bool
True if mask is respected
_admin
address
Address of the Allowlist administrator
_allower
address
Address of the allower
_denier
address
Address of the denier
_account
address
Recipient to verify
_mask
uint256
Combination of permissions to verify
_0
bool
True if mask is respected and user is allowed
_account
address
Recipient to verify
_0
bool
True if user is denied access
_account
address
Recipient to verify
_mask
uint256
Combination of permissions to verify
_newAdmin
address
New admin address
_accounts
address[]
Accounts to update
_permissions
uint256[]
New permission values
_newAllowerAddress
address
New address allowed to edit the allowlist
_newDenierAddress
address
New address allowed to edit the allowlist
_accounts
address[]
Accounts to update
_permissions
uint256[]
New permission values
_0
string
Version of the contract
version
uint256
New version of the contracts
cdata
bytes
Complete calldata that was used during the initialization
admin indexed
address
New admin address
allower indexed
address
The new allower address
accounts
address[]
List of accounts
permissions
uint256[]
New permissions for each account at the same index
denier indexed
address
The new denier address
pendingAdmin indexed
address
New pending admin address
_account
address
The denied account
version
uint256
The version that was attempting to be initialized
expectedVersion
uint256
The version that was expected
caller
address
Address performing the call
_0
uint256
undefined
_0
uint256
undefined
_0
uint256
undefined
_0
uint256
undefined
_owner
address
Address that issued the allowance
_spender
address
Address that received the allowance
_0
uint256
The allowance in shares for a given spender
_spender
address
Address that is allowed to spend the tokens
_value
uint256
The allowed amount in shares, will override previous value
_0
bool
True if success
_owner
address
Address to be checked
_0
uint256
The balance of the account in shares
_owner
address
Address to be checked
_0
uint256
The underlying balance of the account
_redeemRequestIds
uint32[]
The list of redeem requests to claim
_withdrawalEventIds
uint32[]
The list of resolved withdrawal event ids
claimStatuses
uint8[]
The operation status results
_0
uint8
The decimal count
_spender
address
Spender that receives the allowance
_subtractableValue
uint256
Amount of shares to subtract
_0
bool
True if success
_recipient
address
Address receiving the minted LsETH
_maxCount
uint256
The maximum amount of validator keys to fund
_depositRoot
bytes32
The root of the deposit tree
_0
address
The admin address
_0
address
The allowlist address
_0
uint256
The amount of ETH not yet committed for deposit
_0
uint256
The current balance to redeem
_0
CLSpec.CLSpecStruct
The Consensus Layer Specification
_0
uint256
The CL validator count
_0
uint256
The CL Validator total balance
_0
address
The collector address
_0
uint256
The amount of ETH committed for deposit
_0
address
The coverage fund address
_0
uint256
The current epoch id
_startEpochId
uint256
The epoch at the beginning of the frame
_startTime
uint256
The timestamp of the beginning of the frame in seconds
_endTime
uint256
The timestamp of the end of the frame in seconds
_0
DailyCommittableLimits.DailyCommittableLimitsStruct
The daily committable limits structure
_0
uint256
The deposited validator count
_0
address
The execution layer fee recipient address
_0
uint256
The current expected epoch id
_epochId
uint256
Epoch id used to get the frame
_0
uint256
The first epoch id of the frame containing the given epoch id
_0
uint256
The global fee
_0
address
The keeper address
_0
uint256
The last completed epoch id
_0
IOracleManagerV1.StoredConsensusLayerReport
The stored consensus layer report
_0
string
The metadata uri string value
_0
address
The operators registry address
_0
address
The oracle address
_0
address
The pending admin address
_0
address
The redeem manager address
_0
ReportBounds.ReportBoundsStruct
The report bounds
_0
uint256
The current timestamp from the EVM context
_0
bytes32
The withdrawal credentials
_spender
address
Spender that receives the allowance
_additionalValue
uint256
Amount of shares to add
_0
bool
True if success
_depositContractAddress
address
Address to make Consensus Layer deposits
_elFeeRecipientAddress
address
Address that receives the execution layer fees
_withdrawalCredentials
bytes32
Credentials to use for every validator deposit
_oracleAddress
address
The address of the Oracle contract
_systemAdministratorAddress
address
Administrator address
_allowlistAddress
address
Address of the allowlist contract
_operatorRegistryAddress
address
Address of the operator registry
_collectorAddress
address
Address receiving the the global fee on revenue
_globalFee
uint256
Amount retained when the ETH balance increases and sent to the collector
_redeemManager
address
The redeem manager address
_epochsPerFrame
uint64
The amounts of epochs in a frame
_slotsPerEpoch
uint64
The slots inside an epoch
_secondsPerSlot
uint64
The seconds inside a slot
_genesisTime
uint64
The genesis timestamp
_epochsToAssumedFinality
uint64
The number of epochs before an epoch is considered final on-chain
_annualAprUpperBound
uint256
The reporting upper bound
_relativeLowerBound
uint256
The reporting lower bound
minDailyNetCommittableAmount
uint128
undefined
maxDailyRelativeCommittableAmount
uint128
The relative daily committable limit
_epoch
uint256
undefined
_0
bool
True if valid
_0
string
The token name
_newAdmin
address
New admin address
_lsETHAmount
uint256
The amount of LsETH to redeem
_recipient
address
The address that will own the redeem request
_redeemRequestId
uint32
The ID of the newly created redeem request
_redeemRequestIds
uint32[]
The list of redeem requests to resolve
withdrawalEventIds
int64[]
The list of matching withdrawal events, or error codes
_newAllowlist
address
New address for the allowlist
_newValue
CLSpec.CLSpecStruct
undefined
_newCollector
address
New address for the collector
_report
IOracleManagerV1.ConsensusLayerReport
undefined
_newCoverageFund
address
New address for the fund
_dcl
DailyCommittableLimits.DailyCommittableLimitsStruct
undefined
_newELFeeRecipient
address
New address for the recipient
_newFee
uint256
New fee value
_keeper
address
undefined
_metadataURI
string
The new metadata uri string value
_oracleAddress
address
Address of the oracle
_newValue
ReportBounds.ReportBoundsStruct
undefined
_underlyingAssetAmount
uint256
Amount of underlying asset to convert
_0
uint256
The amount of shares worth the underlying asset amount
_0
string
The token symbol
_0
uint256
The total supply in shares
_0
uint256
The total underlying asset supply
_to
address
Address receiving the tokens
_value
uint256
Amount of shares to be sent
_0
bool
True if success
_from
address
Address sending the tokens
_to
address
Address receiving the tokens
_value
uint256
Amount of shares to be sent
_0
bool
True if success
_shares
uint256
Amount of shares to convert
_0
uint256
The underlying asset balance represented by the shares
_0
string
Version of the contract
owner indexed
address
undefined
spender indexed
address
undefined
value
uint256
undefined
validatorCount
uint256
The new count of validators running on the consensus layer
validatorTotalBalance
uint256
The new total balance sum of all validators
roundId
bytes32
Round identifier
version
uint256
New version of the contracts
cdata
bytes
Complete calldata that was used during the initialization
report
IOracleManagerV1.ConsensusLayerReport
The report that was provided
trace
IOracleManagerV1.ConsensusLayerDataReportingTrace
The trace structure providing more insights on internals
pulledSkimmedEthAmount
uint256
The amount of skimmed ETH pulled
pullExitedEthAmount
uint256
The amount of exited ETH pulled
amount
uint256
The amount pulled
amount
uint256
The amount pulled
amount
uint256
The amount pulled
redeemManagerDemand
uint256
The total demand in LsETH of the redeem manager
suppliedRedeemManagerDemand
uint256
The amount of LsETH demand actually supplied
suppliedRedeemManagerDemandInEth
uint256
The amount in ETH of the supplied demand
_collector indexed
address
The address of the collector during this event
_oldTotalUnderlyingBalance
uint256
Old total ETH balance under management by River
_oldTotalSupply
uint256
Old total supply in shares
_newTotalUnderlyingBalance
uint256
New total ETH balance under management by River
_newTotalSupply
uint256
New total supply in shares
admin indexed
address
New admin address
allowlist indexed
address
The new Allowlist
oldAmount
uint256
The old balance committed to deposit
newAmount
uint256
The new balance committed to deposit
oldAmount
uint256
The old balance to deposit
newAmount
uint256
The new balance to deposit
oldAmount
uint256
The old balance to redeem
newAmount
uint256
The new balance to redeem
annualAprUpperBound
uint256
The reporting upper bound
relativeLowerBound
uint256
The reporting lower bound
collector indexed
address
The new Collector
coverageFund indexed
address
The new Coverage Fund
depositContract indexed
address
Address of the deposit contract
oldDepositedValidatorCount
uint256
The old deposited validator count value
newDepositedValidatorCount
uint256
The new deposited validator count value
elFeeRecipient indexed
address
The new Execution Layer Fee Recipient
fee
uint256
The new Global Fee
minNetAmount
uint256
The minimum amount that must be used as the daily committable amount
maxRelativeAmount
uint256
The maximum amount that can be used as the daily committable amount, relative to the total underlying supply
metadataURI
string
The new Metadata URI string
operatorRegistry indexed
address
The new Operators Registry
oracleAddress indexed
address
The new oracle address
pendingAdmin indexed
address
New pending admin address
redeemManager
address
The address of the redeem manager
epochsPerFrame
uint64
The number of epochs inside a frame
slotsPerEpoch
uint64
The number of slots inside an epoch
secondsPerSlot
uint64
The number of seconds inside a slot
genesisTime
uint64
The genesis timestamp
epochsToAssumedFinality
uint64
The number of epochs before an epoch is considered final
totalSupply
uint256
undefined
withdrawalCredentials
bytes32
The withdrawal credentials to use for deposits
from indexed
address
undefined
to indexed
address
undefined
value
uint256
undefined
depositor indexed
address
Address performing the deposit
recipient indexed
address
Address receiving the minted shares
amount
uint256
Amount in ETH deposited
_from
address
Account where funds are sent from
_operator
address
Account attempting the transfer
_allowance
uint256
Current allowance
_value
uint256
Requested transfer value in shares
account
address
The account that was denied
currentValidatorsExitedBalance
uint256
The current exited balance
newValidatorsExitedBalance
uint256
The new exited balance
currentValidatorsSkimmedBalance
uint256
The current exited balance
newValidatorsSkimmedBalance
uint256
The new exited balance
epoch
uint256
Invalid epoch
version
uint256
The version that was attempting to be initialized
expectedVersion
uint256
The version that was expected
requested
uint256
The amount that was requested
received
uint256
The amount that was received
providedValidatorCount
uint256
The received validator count value
depositedValidatorCount
uint256
The number of deposits performed by the system
lastReportedValidatorCount
uint256
The last reported validator count
prevTotalEthIncludingExited
uint256
The previous total balance, including all exited balance
postTotalEthIncludingExited
uint256
The post-report total balance, including all exited balance
timeElapsed
uint256
The time in seconds since last report
relativeLowerBound
uint256
The lower bound value that was used
prevTotalEthIncludingExited
uint256
The previous total balance, including all exited balance
postTotalEthIncludingExited
uint256
The post-report total balance, including all exited balance
timeElapsed
uint256
The time in seconds since last report
annualAprUpperBound
uint256
The upper bound value that was used
caller
address
Address performing the call
_from
address
Account sending the funds in the invalid transfer
_to
address
Account receiving the funds in the invalid transfer
_0
bool
Paused state
previousAdmin
address
undefined
newAdmin
address
undefined
beacon indexed
address
undefined
admin
address
The admin at the time of the pause event
admin
address
The admin at the time of the unpause event
implementation indexed
address
undefined
_0
bytes32
The withdrawal credentials
_0
address
The River address
_river
address
The address of the River contract
_max
uint256
undefined
_0
string
Version of the contract
version
uint256
New version of the contracts
cdata
bytes
Complete calldata that was used during the initialization
river
address
The new River address
version
uint256
The version that was attempting to be initialized
expectedVersion
uint256
The version that was expected
caller
address
Address performing the call
_owner
address
Owner that gave the allowance
_spender
address
Spender that received the allowance
_0
uint256
The allowance of the owner to the spender
_spender
address
Spender that receives the allowance
_value
uint256
Amount to allow
_0
bool
True if success
_owner
address
Owner to check the balance
_0
uint256
The balance of the owner
_recipient
address
The account receiving the underlying LsETH tokens after shares are burned
_shares
uint256
Amount of LsETH to free by burning wrapped LsETH
_0
uint8
The decimal count
_spender
address
Spender that receives the allowance
_subtractableValue
uint256
Amount to subtract
_0
bool
True if success
_spender
address
Spender that receives the allowance
_additionalValue
uint256
Amount to add
_0
bool
True if success
_river
address
Address of the River contract
_recipient
address
The account receiving the new minted wrapped LsETH
_shares
uint256
The amount of LsETH to wrap
_0
string
The name of the token
_owner
address
Owner to check the shares balance
_0
uint256
The shares of the owner
_0
string
The symbol of the token
_0
uint256
The total supply
_to
address
Recipient of the transfer
_value
uint256
Amount to transfer
_0
bool
True if success
_from
address
Sender account
_to
address
Recipient of the transfer
_value
uint256
Amount to transfer
_0
bool
True if success
owner indexed
address
The token owner
spender indexed
address
The account allowed by the owner
value
uint256
The amount allowed
recipient indexed
address
The account that receive the underlying LsETH
shares
uint256
The amount of LsETH that got sent back
version
uint8
undefined
recipient indexed
address
The account receiving the new tokens
shares
uint256
The amount of LsETH provided
river indexed
address
The new address of river
from indexed
address
The transfer sender
to indexed
address
The transfer recipient
value
uint256
The amount transferred
_from
address
Account where funds are sent from
_operator
address
Account attempting the transfer
_allowance
uint256
Current allowance
_value
uint256
Requested transfer value
_from
address
Account sending the funds in the invalid transfer
_to
address
Account receiving the funds in the invalid transfer
_newOracleMember
address
Address of the new member
_newQuorum
uint256
New quorum value
_0
address
The admin address
_0
uint256
The raw report status value
_0
uint256
The last reported epoch id
_oracleMember
address
Address of member to check
_0
bool
True if member has reported
_0
address[]
The oracle members
_0
address
The pending admin address
_0
uint256
The current quorum
_idx
uint256
The index of the report variant
_0
ReportsVariants.ReportVariantDetails
The report variant details
_0
uint256
The count of report variants
_0
address
The address of River
_riverAddress
address
undefined
_administratorAddress
address
Address able to call administrative methods
_epochsPerFrame
uint64
CL spec parameter. Number of epochs in a frame.
_slotsPerEpoch
uint64
CL spec parameter. Number of slots in one epoch.
_secondsPerSlot
uint64
CL spec parameter. Number of seconds between slots.
_genesisTime
uint64
CL spec parameter. Timestamp of the genesis slot.
_annualAprUpperBound
uint256
CL bound parameter. Maximum apr allowed for balance increase. Delta between updates is extrapolated on a year time frame.
_relativeLowerBound
uint256
CL bound parameter. Maximum relative balance decrease.
_memberAddress
address
Address of the member
_0
bool
True if address is a member
_newAdmin
address
New admin address
_oracleMember
address
Address to remove
_newQuorum
uint256
New quorum value
_report
IOracleManagerV1.ConsensusLayerReport
undefined
_oracleMember
address
Address to change
_newAddress
address
New address for the member
_newQuorum
uint256
New quorum parameter
_0
string
Version of the contract
member indexed
address
The address of the member
version
uint256
New version of the contracts
cdata
bytes
Complete calldata that was used during the initialization
member indexed
address
The address of the member
member indexed
address
The oracle member
variant indexed
bytes32
The variant of the report
report
IOracleManagerV1.ConsensusLayerReport
The raw report structure
voteCount
uint256
The vote count
quorum
uint256
undefined
admin indexed
address
New admin address
annualAprUpperBound
uint256
The maximum allowed apr. 10% means increases in balance extrapolated to a year should not exceed 10%.
relativeLowerBound
uint256
The maximum allowed balance decrease as a relative % of the total balance
lastReportedEpoch
uint256
undefined
oldAddress indexed
address
The previous member address
newAddress indexed
address
The new member address
pendingAdmin indexed
address
New pending admin address
newQuorum
uint256
The new quorum value
_river
address
The new river address
epochsPerFrame
uint64
The number of epochs inside a frame (225 = 24 hours)
slotsPerEpoch
uint64
The number of slots inside an epoch (32 on ethereum mainnet)
secondsPerSlot
uint64
The time between two slots (12 seconds on ethereum mainnet)
genesisTime
uint64
The timestamp of block #0
newAddress
address
The address already in use
epochId
uint256
The epoch id provided as input
member
address
The oracle member
providedEpochId
uint256
The epoch id provided as input
minExpectedEpochId
uint256
The minimum epoch id expected
epoch
uint256
The invalid epoch
version
uint256
The version that was attempting to be initialized
expectedVersion
uint256
The version that was expected
index
uint256
Requested index
length
uint256
Size of the variant array
caller
address
Address performing the call
Alluvial Finance Inc.
Shares Manager (v1)
This contract handles the shares of the depositor and the ERC20 interface
Retrieve the allowance value for a spender
_owner
address
Address that issued the allowance
_spender
address
Address that received the allowance
_0
uint256
The allowance in shares for a given spender
Approves an account for future spendings
An approved account can use transferFrom to transfer funds on behalf of the token owner
_spender
address
Address that is allowed to spend the tokens
_value
uint256
The allowed amount in shares, will override previous value
_0
bool
True if success
Retrieve the balance of an account
_owner
address
Address to be checked
_0
uint256
The balance of the account in shares
Retrieve the underlying asset balance of an account
_owner
address
Address to be checked
_0
uint256
The underlying balance of the account
Retrieve the decimal count
_0
uint8
The decimal count
Decrease allowance to another account
_spender
address
Spender that receives the allowance
_subtractableValue
uint256
Amount of shares to subtract
_0
bool
True if success
Increase allowance to another account
_spender
address
Spender that receives the allowance
_additionalValue
uint256
Amount of shares to add
_0
bool
True if success
Retrieve the token name
_0
string
The token name
Retrieve the shares count from an underlying asset amount
_underlyingAssetAmount
uint256
Amount of underlying asset to convert
_0
uint256
The amount of shares worth the underlying asset amount
Retrieve the token symbol
_0
string
The token symbol
Retrieve the total token supply
_0
uint256
The total supply in shares
Retrieve the total underlying asset supply
_0
uint256
The total underlying asset supply
Performs a transfer from the message sender to the provided account
_to
address
Address receiving the tokens
_value
uint256
Amount of shares to be sent
_0
bool
True if success
Performs a transfer between two recipients
_from
address
Address sending the tokens
_to
address
Address receiving the tokens
_value
uint256
Amount of shares to be sent
_0
bool
True if success
Retrieve the underlying asset balance from an amount of shares
_shares
uint256
Amount of shares to convert
_0
uint256
The underlying asset balance represented by the shares
Emitted when the allowance of a spender for an owner is set by a call to {approve}. value is the new allowance.
owner indexed
address
undefined
spender indexed
address
undefined
value
uint256
undefined
Emitted when the total supply is changed
totalSupply
uint256
undefined
Emitted when value tokens are moved from one account (from) to another (to). Note that value may be zero.
from indexed
address
undefined
to indexed
address
undefined
value
uint256
undefined
Allowance too low to perform operation
_from
address
Account where funds are sent from
_operator
address
Account attempting the transfer
_allowance
uint256
Current allowance
_value
uint256
Requested transfer value in shares
Balance too low to perform operation
The address is zero
Invalid empty transfer
Invalid transfer recipients
_from
address
Account sending the funds in the invalid transfer
_to
address
Account receiving the funds in the invalid transfer
Alluvial Finance Inc.
User Deposit Manager (v1)
This contract handles the inbound transfers cases or the explicit submissions
Explicit deposit method to mint on msg.sender
Explicit deposit method to mint on msg.sender and transfer to _recipient
_recipient
address
Address receiving the minted LsETH
User deposited ETH in the system
depositor indexed
address
Address performing the deposit
recipient indexed
address
Address receiving the minted shares
amount
uint256
Amount in ETH deposited
And empty deposit attempt was made
The call was invalid
The address is zero
Alluvial Finance Inc.
Consensus Layer Deposit Manager (v1)
This contract handles the interactions with the official deposit contract, funding all validatorsWhenever a deposit to the consensus layer is requested, this contract computed the amount of keys that could be deposited depending on the amount available in the contract. It then tries to retrieve validator keys by calling its internal virtual method _getNextValidators. This method should be overridden by the implementing contract to provide [0; _keyCount] keys when invoked.
Size of a deposit in ETH
_0
uint256
undefined
Size of a BLS Public key in bytes
_0
uint256
undefined
Size of a BLS Signature in bytes
_0
uint256
undefined
Deposits current balance to the Consensus Layer by batches of 32 ETH
_maxCount
uint256
The maximum amount of validator keys to fund
_depositRoot
bytes32
The root of the deposit tree
Returns the amount of ETH not yet committed for deposit
_0
uint256
The amount of ETH not yet committed for deposit
Returns the amount of ETH committed for deposit
_0
uint256
The amount of ETH committed for deposit
Get the deposited validator count (the count of deposits made by the contract)
_0
uint256
The deposited validator count
Get the keeper address
_0
address
The keeper address
Retrieve the withdrawal credentials
_0
bytes32
The withdrawal credentials
The stored deposit contract address changed
depositContract indexed
address
Address of the deposit contract
Emitted when the deposited validator count is updated
oldDepositedValidatorCount
uint256
The old deposited validator count value
newDepositedValidatorCount
uint256
The new deposited validator count value
The stored withdrawal credentials changed
withdrawalCredentials
bytes32
The withdrawal credentials to use for deposits
An error occurred during the deposit
The length of the BLS Public key is invalid during deposit
The length of the BLS Signature is invalid during deposit
Invalid deposit root
The received count of public keys to deposit is invalid
The received count of signatures to deposit is invalid
The withdrawal credentials value is null
The internal key retrieval returned no keys
Not enough funds to deposit one validator
The slice is outside of the initial bytes bounds
The length overflows an uint
_0
uint256
undefined
river
address
undefined
Emitted when the contract is properly initialized
version
uint256
New version of the contracts
cdata
bytes
Complete calldata that was used during the initialization
An error occurred during the initialization
version
uint256
The version that was attempting to be initialized
expectedVersion
uint256
The version that was expected
The address is zero
Alluvial Finance Inc.
Allowlist Interface (v1)
This interface exposes methods to handle the list of allowed recipients.
Retrieves the allower address
_0
address
The address of the allower
Retrieves the denier address
_0
address
The address of the denier
This method retrieves the raw permission value
_account
address
Recipient to verify
_0
uint256
The raw permissions value of the account
This method returns true if the user has the expected permission ignoring any deny list membership
_account
address
Recipient to verify
_mask
uint256
Combination of permissions to verify
_0
bool
True if mask is respected
Initializes the allowlist
_admin
address
Address of the Allowlist administrator
_allower
address
Address of the allower
Initializes the allowlist denier
_denier
address
Address of the denier
This method returns true if the user has the expected permission and is not in the deny list
_account
address
Recipient to verify
_mask
uint256
Combination of permissions to verify
_0
bool
True if mask is respected and user is allowed
This method returns true if the user is in the deny list
_account
address
Recipient to verify
_0
bool
True if user is denied access
This method should be used as a modifier and is expected to revert if the user hasn't got the required permission or if the user is in the deny list.
_account
address
Recipient to verify
_mask
uint256
Combination of permissions to verify
Sets the allow permissions for one or more accounts
This function is for allocating or removing deposit, redeem or donate permissions. This function could be used to give any permissions that we come up with in the future. An address which was denied has to be undenied first before they could be given any permission(s).
_accounts
address[]
Accounts to update
_permissions
uint256[]
New permission values
Changes the allower address
_newAllowerAddress
address
New address allowed to edit the allowlist
Changes the denier address
_newDenierAddress
address
New address allowed to edit the allowlist
Sets the deny permissions for one or more accounts
This function is for allocating or removing deny permissions. An address which is undenied has to be given permissions again for them to be able to deposit, donate or redeem.
_accounts
address[]
Accounts to update
_permissions
uint256[]
New permission values
The stored allower address has been changed
allower indexed
address
The new allower address
The permissions of several accounts have changed
accounts
address[]
List of accounts
permissions
uint256[]
New permissions for each account at the same index
The stored denier address has been changed
denier indexed
address
The new denier address
Allower can't remove deny permission
Allower can't set deny permission
The account is denied access
_account
address
The denied account
The provided accounts list is empty
The provided accounts and permissions list have different lengths
Alluvial Finance Inc.
Oracle Manager (v1)
This contract handles the inputs provided by the oracle. The Oracle contract is plugged to this contract and is in charge of pushing data whenever a new report has been deemed valid. The report consists in two values: the sum of all balances of all deposited validators and the count of validators that have been activated on the consensus layer.
Size of a deposit in ETH
_0
uint256
undefined
Retrieve the current cl spec
_0
CLSpec.CLSpecStruct
The Consensus Layer Specification
Get CL validator count (the amount of validator reported by the oracles)
_0
uint256
The CL validator count
Get CL validator total balance
_0
uint256
The CL Validator total balance
Retrieve the current epoch id based on block timestamp
_0
uint256
The current epoch id
Retrieve the current frame details
_startEpochId
uint256
The epoch at the beginning of the frame
_startTime
uint256
The timestamp of the beginning of the frame in seconds
_endTime
uint256
The timestamp of the end of the frame in seconds
Retrieve expected epoch id
_0
uint256
The current expected epoch id
Retrieve the first epoch id of the frame of the provided epoch id
_epochId
uint256
Epoch id used to get the frame
_0
uint256
The first epoch id of the frame containing the given epoch id
Retrieve the last completed epoch id
_0
uint256
The last completed epoch id
Retrieve the last consensus layer report
_0
IOracleManagerV1.StoredConsensusLayerReport
The stored consensus layer report
Get oracle address
_0
address
The oracle address
Retrieve the report bounds
_0
ReportBounds.ReportBoundsStruct
The report bounds
Retrieve the block timestamp
_0
uint256
The current timestamp from the EVM context
Verifies if the provided epoch is valid
_epoch
uint256
undefined
_0
bool
True if valid
_newValue
CLSpec.CLSpecStruct
undefined
_report
IOracleManagerV1.ConsensusLayerReport
undefined
Set the oracle address
_oracleAddress
address
Address of the oracle
_newValue
ReportBounds.ReportBoundsStruct
undefined
The consensus layer data provided by the oracle has been updated
validatorCount
uint256
The new count of validators running on the consensus layer
validatorTotalBalance
uint256
The new total balance sum of all validators
roundId
bytes32
Round identifier
The provided report has been processed
report
IOracleManagerV1.ConsensusLayerReport
The report that was provided
trace
IOracleManagerV1.ConsensusLayerDataReportingTrace
The trace structure providing more insights on internals
The Report Bounds are changed
annualAprUpperBound
uint256
The reporting upper bound
relativeLowerBound
uint256
The reporting lower bound
The stored oracle address changed
oracleAddress indexed
address
The new oracle address
The Consensus Layer Spec is changed
epochsPerFrame
uint64
The number of epochs inside a frame
slotsPerEpoch
uint64
The number of slots inside an epoch
secondsPerSlot
uint64
The number of seconds inside a slot
genesisTime
uint64
The genesis timestamp
epochsToAssumedFinality
uint64
The number of epochs before an epoch is considered final
The total exited balance decreased
currentValidatorsExitedBalance
uint256
The current exited balance
newValidatorsExitedBalance
uint256
The new exited balance
The total skimmed balance decreased
currentValidatorsSkimmedBalance
uint256
The current exited balance
newValidatorsSkimmedBalance
uint256
The new exited balance
Thrown when an invalid epoch was reported
epoch
uint256
Invalid epoch
The reported validator count is invalid
providedValidatorCount
uint256
The received validator count value
depositedValidatorCount
uint256
The number of deposits performed by the system
lastReportedValidatorCount
uint256
The last reported validator count
The address is zero
The balance decrease is higher than the maximum allowed by the lower bound
prevTotalEthIncludingExited
uint256
The previous total balance, including all exited balance
postTotalEthIncludingExited
uint256
The post-report total balance, including all exited balance
timeElapsed
uint256
The time in seconds since last report
relativeLowerBound
uint256
The lower bound value that was used
The balance increase is higher than the maximum allowed by the upper bound
prevTotalEthIncludingExited
uint256
The previous total balance, including all exited balance
postTotalEthIncludingExited
uint256
The post-report total balance, including all exited balance
timeElapsed
uint256
The time in seconds since last report
annualAprUpperBound
uint256
The upper bound value that was used
The operator is unauthorized for the caller
caller
address
Address performing the call
Alluvial Finance Inc.
Administrable Interface
This interface exposes methods to handle the ownership of the contracts
Accept the transfer of ownership
Only callable by the pending admin. Resets the pending admin if successful.
Retrieves the current admin address
_0
address
The admin address
Retrieve the current pending admin address
_0
address
The pending admin address
Proposes a new address as admin
This security prevents setting an invalid address as an admin. The pending admin has to claim its ownership of the contract, and prove that the new address is able to perform regular transactions.
_newAdmin
address
New admin address
The admin address changed
admin indexed
address
New admin address
The pending admin address changed
pendingAdmin indexed
address
New pending admin address
Alluvial Finance Inc.
Shares Manager Interface (v1)
This interface exposes methods to handle the shares of the depositor and the ERC20 interface
Retrieve the allowance value for a spender
_owner
address
Address that issued the allowance
_spender
address
Address that received the allowance
_0
uint256
The allowance in shares for a given spender
Approves an account for future spendings
An approved account can use transferFrom to transfer funds on behalf of the token owner
_spender
address
Address that is allowed to spend the tokens
_value
uint256
The allowed amount in shares, will override previous value
_0
bool
True if success
Retrieve the balance of an account
_owner
address
Address to be checked
_0
uint256
The balance of the account in shares
Retrieve the underlying asset balance of an account
_owner
address
Address to be checked
_0
uint256
The underlying balance of the account
Retrieve the decimal count
_0
uint8
The decimal count
Decrease allowance to another account
_spender
address
Spender that receives the allowance
_subtractableValue
uint256
Amount of shares to subtract
_0
bool
True if success
Increase allowance to another account
_spender
address
Spender that receives the allowance
_additionalValue
uint256
Amount of shares to add
_0
bool
True if success
Retrieve the token name
_0
string
The token name
Retrieve the shares count from an underlying asset amount
_underlyingAssetAmount
uint256
Amount of underlying asset to convert
_0
uint256
The amount of shares worth the underlying asset amount
Retrieve the token symbol
_0
string
The token symbol
Retrieve the total token supply
_0
uint256
The total supply in shares
Retrieve the total underlying asset supply
_0
uint256
The total underlying asset supply
Performs a transfer from the message sender to the provided account
_to
address
Address receiving the tokens
_value
uint256
Amount of shares to be sent
_0
bool
True if success
Performs a transfer between two recipients
_from
address
Address sending the tokens
_to
address
Address receiving the tokens
_value
uint256
Amount of shares to be sent
_0
bool
True if success
Retrieve the underlying asset balance from an amount of shares
_shares
uint256
Amount of shares to convert
_0
uint256
The underlying asset balance represented by the shares
Emitted when the allowance of a spender for an owner is set by a call to {approve}. value is the new allowance.
owner indexed
address
undefined
spender indexed
address
undefined
value
uint256
undefined
Emitted when the total supply is changed
totalSupply
uint256
undefined
Emitted when value tokens are moved from one account (from) to another (to). Note that value may be zero.
from indexed
address
undefined
to indexed
address
undefined
value
uint256
undefined
Allowance too low to perform operation
_from
address
Account where funds are sent from
_operator
address
Account attempting the transfer
_allowance
uint256
Current allowance
_value
uint256
Requested transfer value in shares
Balance too low to perform operation
Invalid empty transfer
Invalid transfer recipients
_from
address
Account sending the funds in the invalid transfer
_to
address
Account receiving the funds in the invalid transfer
Alluvial Finance Inc.
ERC20 Vestable Votes Upgradeable Interface(v1)
This interface exposes methods to manage vestings
Computes the releasable amount of tokens for a vesting schedule.
_index
uint256
index of the vesting schedule
_0
uint256
amount of releasable tokens
Computes the vested amount of tokens for a vesting schedule.
_index
uint256
index of the vesting schedule
_0
uint256
amount of vested tokens
Creates a new vesting scheduleThere may delay between the time a user should start vesting tokens and the time the vesting schedule is actually created on the contract.Typically a user joins the Liquid Collective but some weeks pass before the user gets all legal agreements in place and signed for the token grant emission to happen. In this case, the vesting schedule created for the token grant would start on the join date which is in the past.
As vesting schedules can be created in the past, this means that you should be careful when creating a vesting schedule and what duration parameters you use as this contract would allow creating a vesting schedule in the past and even a vesting schedule that has already ended.
_start
uint64
start time of the vesting
_cliffDuration
uint32
duration to vesting cliff (in seconds)
_duration
uint32
total vesting schedule duration after which all tokens are vested (in seconds)
_periodDuration
uint32
duration of a period after which new tokens unlock (in seconds)
_lockDuration
uint32
duration during which tokens are locked (in seconds)
_revocable
bool
whether the vesting schedule is revocable or not
_amount
uint256
amount of token attributed by the vesting schedule
_beneficiary
address
address of the beneficiary of the tokens
_delegatee
address
address to delegate escrow voting power to
_ignoreGlobalUnlockSchedule
bool
whether the vesting schedule should ignore the global lock
_0
uint256
index of the created vesting schedule
Delegate vesting escrowed tokens
_index
uint256
index of the vesting schedule
_delegatee
address
address to delegate the token to
_0
bool
True on success
Get vesting schedule
The vesting schedule structure represents a static configuration used to compute the desired vesting details of a beneficiary at all times. The values won't change even after tokens are released.The only dynamic field of the structure is end, and is updated whenever a vesting schedule is revoked
_index
uint256
Index of the vesting schedule
_0
VestingSchedulesV2.VestingSchedule
undefined
Get count of vesting schedules
_0
uint256
count of vesting schedules
Get vesting global unlock schedule activation status for a vesting schedule
_index
uint256
Index of the vesting schedule
_0
bool
true if the vesting schedule should ignore the global unlock schedule
Release vesting scheduleWhen tokens are released from the escrow, the delegated address of the escrow will see its voting power decrease.The beneficiary has to make sure its delegation parameters are set properly to be able to use/delegate the voting power of its balance.
_index
uint256
Index of the vesting schedule to release
_0
uint256
released amount
Revoke vesting schedule
_index
uint256
Index of the vesting schedule to revoke
_end
uint64
End date for the schedule
returnedAmount
uint256
amount returned to the vesting schedule creator
Get the address of the escrow for a vesting schedule
_index
uint256
Index of the vesting schedule
_0
address
address of the escrow
A new vesting schedule has been created
index
uint256
Vesting schedule index
creator indexed
address
Creator of the vesting schedule
beneficiary indexed
address
Vesting beneficiary address
amount
uint256
Vesting schedule amount
Vesting escrow has been delegated
index
uint256
Vesting schedule index
oldDelegatee indexed
address
old delegatee
newDelegatee indexed
address
new delegatee
beneficiary indexed
address
vesting schedule beneficiary
Vesting schedule has been released
index
uint256
Vesting schedule index
releasedAmount
uint256
Amount of tokens released to the beneficiary
Vesting schedule has been revoked
index
uint256
Vesting schedule index
returnedAmount
uint256
Amount of tokens returned to the creator
newEnd
uint256
New end timestamp after revoke action
Underflow in global unlock logic (should never happen)
Attempt to revoke a vesting schedule with an invalid end parameter
Invalid parameter for a vesting schedule
msg
string
undefined
Vesting schedule creator has unsufficient balance to create vesting schedule
The vesting schedule is locked
The vesting schedule is not revocable
Attempt to revoke a schedule in the past
No token to release
Alluvial Finance Inc.
ERC20VestableVotesUpgradeableV1
Description of the clock
_0
string
undefined
See {IERC20Permit-DOMAIN_SEPARATOR}.
_0
bytes32
undefined
See {IERC20-allowance}.
owner
address
undefined
spender
address
undefined
_0
uint256
undefined
See {IERC20-approve}. NOTE: If amount is the maximum uint256, the allowance is not updated on transferFrom. This is semantically equivalent to an infinite approval. Requirements: - spender cannot be the zero address.
spender
address
undefined
amount
uint256
undefined
_0
bool
undefined
See {IERC20-balanceOf}.
account
address
undefined
_0
uint256
undefined
Get the pos-th checkpoint for account.
account
address
undefined
pos
uint32
undefined
_0
ERC20VotesUpgradeable.Checkpoint
undefined
Clock used for flagging checkpoints. Can be overridden to implement timestamp based checkpoints (and voting).
_0
uint48
undefined
Computes the releasable amount of tokens for a vesting schedule.
_index
uint256
index of the vesting schedule
_0
uint256
amount of releasable tokens
Computes the vested amount of tokens for a vesting schedule.
_index
uint256
index of the vesting schedule
_0
uint256
amount of vested tokens
Creates a new vesting scheduleThere may delay between the time a user should start vesting tokens and the time the vesting schedule is actually created on the contract.Typically a user joins the Liquid Collective but some weeks pass before the user gets all legal agreements in place and signed for the token grant emission to happen. In this case, the vesting schedule created for the token grant would start on the join date which is in the past.
As vesting schedules can be created in the past, this means that you should be careful when creating a vesting schedule and what duration parameters you use as this contract would allow creating a vesting schedule in the past and even a vesting schedule that has already ended.
_start
uint64
start time of the vesting
_cliffDuration
uint32
duration to vesting cliff (in seconds)
_duration
uint32
total vesting schedule duration after which all tokens are vested (in seconds)
_periodDuration
uint32
duration of a period after which new tokens unlock (in seconds)
_lockDuration
uint32
duration during which tokens are locked (in seconds)
_revocable
bool
whether the vesting schedule is revocable or not
_amount
uint256
amount of token attributed by the vesting schedule
_beneficiary
address
address of the beneficiary of the tokens
_delegatee
address
address to delegate escrow voting power to
_ignoreGlobalUnlockSchedule
bool
whether the vesting schedule should ignore the global lock
_0
uint256
index of the created vesting schedule
Returns the number of decimals used to get its user representation. For example, if decimals equals 2, a balance of 505 tokens should be displayed to a user as 5.05 (505 / 10 ** 2). Tokens usually opt for a value of 18, imitating the relationship between Ether and Wei. This is the default value returned by this function, unless it's overridden. NOTE: This information is only used for display purposes: it in no way affects any of the arithmetic of the contract, including {IERC20-balanceOf} and {IERC20-transfer}.
_0
uint8
undefined
Atomically decreases the allowance granted to spender by the caller. This is an alternative to {approve} that can be used as a mitigation for problems described in {IERC20-approve}. Emits an {Approval} event indicating the updated allowance. Requirements: - spender cannot be the zero address. - spender must have allowance for the caller of at least subtractedValue.
spender
address
undefined
subtractedValue
uint256
undefined
_0
bool
undefined
Delegate votes from the sender to delegatee.
delegatee
address
undefined
Delegates votes from signer to delegatee
delegatee
address
undefined
nonce
uint256
undefined
expiry
uint256
undefined
v
uint8
undefined
r
bytes32
undefined
s
bytes32
undefined
Delegate vesting escrowed tokens
_index
uint256
index of the vesting schedule
_delegatee
address
address to delegate the token to
_0
bool
True on success
Get the address account is currently delegating to.
account
address
undefined
_0
address
undefined
See {EIP-5267}. Available since v4.9.
fields
bytes1
undefined
name
string
undefined
version
string
undefined
chainId
uint256
undefined
verifyingContract
address
undefined
salt
bytes32
undefined
extensions
uint256[]
undefined
Retrieve the totalSupply at the end of timepoint. Note, this value is the sum of all balances. It is NOT the sum of all the delegated votes! Requirements: - timepoint must be in the past
timepoint
uint256
undefined
_0
uint256
undefined
Retrieve the number of votes for account at the end of timepoint. Requirements: - timepoint must be in the past
account
address
undefined
timepoint
uint256
undefined
_0
uint256
undefined
Get vesting schedule
The vesting schedule structure represents a static configuration used to compute the desired vesting details of a beneficiary at all times. The values won't change even after tokens are released.The only dynamic field of the structure is end, and is updated whenever a vesting schedule is revoked
_index
uint256
Index of the vesting schedule
_0
VestingSchedulesV2.VestingSchedule
undefined
Get count of vesting schedules
_0
uint256
count of vesting schedules
Gets the current votes balance for account
account
address
undefined
_0
uint256
undefined
Atomically increases the allowance granted to spender by the caller. This is an alternative to {approve} that can be used as a mitigation for problems described in {IERC20-approve}. Emits an {Approval} event indicating the updated allowance. Requirements: - spender cannot be the zero address.
spender
address
undefined
addedValue
uint256
undefined
_0
bool
undefined
Get vesting global unlock schedule activation status for a vesting schedule
_index
uint256
Index of the vesting schedule
_0
bool
true if the vesting schedule should ignore the global unlock schedule
Returns the name of the token.
_0
string
undefined
See {IERC20Permit-nonces}.
owner
address
undefined
_0
uint256
undefined
Get number of checkpoints for account.
account
address
undefined
_0
uint32
undefined
See {IERC20Permit-permit}.
owner
address
undefined
spender
address
undefined
value
uint256
undefined
deadline
uint256
undefined
v
uint8
undefined
r
bytes32
undefined
s
bytes32
undefined
Release vesting scheduleWhen tokens are released from the escrow, the delegated address of the escrow will see its voting power decrease.The beneficiary has to make sure its delegation parameters are set properly to be able to use/delegate the voting power of its balance.
_index
uint256
Index of the vesting schedule to release
_0
uint256
released amount
Revoke vesting schedule
_index
uint256
Index of the vesting schedule to revoke
_end
uint64
End date for the schedule
_0
uint256
amount returned to the vesting schedule creator
Returns the symbol of the token, usually a shorter version of the name.
_0
string
undefined
See {IERC20-totalSupply}.
_0
uint256
undefined
See {IERC20-transfer}. Requirements: - to cannot be the zero address. - the caller must have a balance of at least amount.
to
address
undefined
amount
uint256
undefined
_0
bool
undefined
See {IERC20-transferFrom}. Emits an {Approval} event indicating the updated allowance. This is not required by the EIP. See the note at the beginning of {ERC20}. NOTE: Does not update the allowance if the current allowance is the maximum uint256. Requirements: - from and to cannot be the zero address. - from must have a balance of at least amount. - the caller must have allowance for from's tokens of at least amount.
from
address
undefined
to
address
undefined
amount
uint256
undefined
_0
bool
undefined
Get the address of the escrow for a vesting schedule
_index
uint256
Index of the vesting schedule
_0
address
address of the escrow
Emitted when the allowance of a spender for an owner is set by a call to {approve}. value is the new allowance.
owner indexed
address
undefined
spender indexed
address
undefined
value
uint256
undefined
A new vesting schedule has been created
index
uint256
Vesting schedule index
creator indexed
address
Creator of the vesting schedule
beneficiary indexed
address
Vesting beneficiary address
amount
uint256
Vesting schedule amount
Emitted when an account changes their delegate.
delegator indexed
address
undefined
fromDelegate indexed
address
undefined
toDelegate indexed
address
undefined
Emitted when a token transfer or delegate change results in changes to a delegate's number of votes.
delegate indexed
address
undefined
previousBalance
uint256
undefined
newBalance
uint256
undefined
Vesting escrow has been delegated
index
uint256
Vesting schedule index
oldDelegatee indexed
address
old delegatee
newDelegatee indexed
address
new delegatee
beneficiary indexed
address
vesting schedule beneficiary
MAY be emitted to signal that the domain could have changed.
Triggered when the contract has been initialized or reinitialized.
version
uint8
undefined
Vesting schedule has been released
index
uint256
Vesting schedule index
releasedAmount
uint256
Amount of tokens released to the beneficiary
Vesting schedule has been revoked
index
uint256
Vesting schedule index
returnedAmount
uint256
Amount of tokens returned to the creator
newEnd
uint256
New end timestamp after revoke action
Emitted when value tokens are moved from one account (from) to another (to). Note that value may be zero.
from indexed
address
undefined
to indexed
address
undefined
value
uint256
undefined
Underflow in global unlock logic (should never happen)
Attempt to revoke a vesting schedule with an invalid end parameter
Invalid parameter for a vesting schedule
msg
string
undefined
The operator is unauthorized for the caller
caller
address
Address performing the call
Vesting schedule creator has unsufficient balance to create vesting schedule
The vesting schedule is locked
The VestingSchedule was not found
index
uint256
vesting schedule index
The vesting schedule is not revocable
Attempt to revoke a schedule in the past
No token to release
Alluvial Finance Inc.
Operators Registry Interface (v1)
This interface exposes methods to handle the list of operators and their keys
Adds an operator to the registry
Only callable by the administrator
Adds new keys for an operator
Only callable by the administrator or the operator address
Increases the exit request demand
This method is only callable by the river contract, and to actually forward the information to the node operators via event emission, the unprotected requestValidatorExits method must be called
Get the current exit request demand waiting to be triggeredThis value is the amount of exit requests that are demanded and not yet performed by the contract
Get the next validators that would be funded
Get operator details
Get operator count
Retrieve the stopped validator count for an operator index
Retrieve the River address
Retrieve the total stopped and requested exit count
Retrieve the raw stopped validators array from storage
Retrieve the total stopped validator count
Retrieve the total requested exit countThis value is the amount of exit requests that have been performed, emitting an event for operators to catch
Get the details of a validator
Initializes the operators registry
Initializes the operators registry for V1_1
Retrieve the active operator set
Retrieve validator keys based on operator statuses
Remove validator keys
Only callable by the administrator or the operator address. The indexes must be provided sorted in decreasing order and duplicate-free, otherwise the method will revertThe operator limit will be set to the lowest deleted key index if the operator's limit wasn't equal to its total key count. The operator or the admin cannot remove funded keysWhen removing validators, the indexes of specific unfunded keys can be changed in order to properly remove the keys from the storage array. Beware of this specific behavior when chaining calls as the targeted public key indexes can point to a different key after a first call was made and performed some swaps
Allows river to override the stopped validators arrayThis actions happens during the Oracle report processing
Public endpoint to consume the exit request demand and perform the actual exit requestsThe selection algorithm will pick validators based on their active validator countsThis value is computed by using the count of funded keys and taking into account the stopped validator counts and exit requests
Changes the operator address of an operator
Only callable by the administrator or the previous operator address
Changes the operator staking limit
Only callable by the administratorThe operator indexes must be in increasing order and contain no duplicateThe limit cannot exceed the total key count of the operatorThe _indexes and _newLimits must have the same length.Each limit value is applied to the operator index at the same index in the _indexes array.
Changes the operator name
Only callable by the administrator or the operator
Changes the operator status
Only callable by the administrator
A new operator has been added to the registry
The operator or the admin added new validator keys and signatures
The public keys and signatures are concatenatedA public key is 48 bytes longA signature is 96 bytes long[P1, S1, P2, S2, ..., PN, SN] where N is the bytes length divided by (96 + 48)
A validator key got funded on the deposit contract. This event was introduced during a contract upgrade, in order to cover all possible public keys, this event will be replayed for past funded keys in order to have a complete coverage of all the funded public keys.In this particular scenario, the deferred value will be set to true, to indicate that we are not going to have the expected additional events and side effects in the same transaction (deposit to official DepositContract etc ...) because the event was synthetically crafted.
The operator edited its keys after the snapshot block
This means that we cannot assume that its key set is checked by the snapshotThis happens only if the limit was meant to be increased
The call didn't alter the limit of the operator
The operator or the admin removed a public key and its signature from the registry
The requested exit count has been updated
The exit request demand has been updated
The operator address has been changed
The operator limit has been changed
The operator display name has been changed
The operator status has been changed
The operator stopped validator count has been changed
The stored river address has been changed
The total requested exit has been updated
The requested exit count has been update to fill the gap with the reported stopped count
The stopped validator array has been changedA validator is considered stopped if exiting, exited or slashedThis event is emitted when the oracle reports new stopped validators counts
The calling operator is inactive
The provided operator and limits array have different lengths
The provided operator and limits array are empty
Thrown when an invalid empty stopped validator array is provided
A funded key deletion has been attempted
The index that is removed is out of bounds
The provided key count is 0
The provided concatenated keys do not have the expected length
Thrown when the sum of stopped validators is invalid
The index provided are not sorted properly (descending order)
Thrown when no exit requests can be performed
The value for the operator limit is too high
The value for the limit is too low
The provided stopped validator count of an operator is above its funded validator count
The provided stopped validator count array is shrinking
Throw when an element in the stopped validator array is decreasing
Thrown when the number of elements in the array is too high compared to operator count
The provided list of operators is not in increasing order
Alluvial Finance Inc.
Oracle Interface (v1)
This interface exposes methods to handle the input from the allowed oracle members.Highly inspired by Lido's implementation.
Adds new address as oracle member, giving the ability to push cl reports.
Only callable by the administrator. Modifying the quorum clears all the reporting data
Retrieve member report status
Retrieve the last reported epoch id
The Oracle contracts expects reports on an epoch id >= that the returned value
Retrieve member report status
Retrieve the list of oracle members
Retrieve the current quorum
Retrieve the details of a report variant
Retrieve report variants count
Retrieve River address
Initializes the oracle
Initializes the oracle
Returns true if address is member
Performs a naive search, do not call this on-chain, used as an off-chain helper
Removes an address from the oracle members.
Only callable by the administrator. Modifying the quorum clears all the reporting data. Remaining members that have already voted should vote again for the same frame.
Changes the address of an oracle member
Only callable by the administrator or the member itselfCannot use an address already in use
Edits the quorum required to forward cl data to River
Modifying the quorum clears all the reporting data
A member has been added to the oracle member list
Cleared reporting data
A member has been removed from the oracle member list
An oracle member performed a report
The report bounds have been changed
The last reported epoch has changed
A member address has been edited
The storage quorum value has been changed
The storage river address value has been changed
The consensus layer spec has been changed
The address is already in use by an oracle member
The member already reported on the given epoch id
The provided epoch is too old compared to the expected epoch id
Thrown when the reported epoch is invalid
Thrown when the report indexes fetched is out of bounds
Alluvial Finance Inc.
Coverage Fund Interface (v1)
This interface exposes methods to receive donations for the slashing coverage fund and pull the funds into river
Donates ETH to the coverage fund contract
Initialize the coverage fund with the required arguments
Pulls ETH into the River contract
Only callable by the River contract
A donation has been made to the coverage fund
The storage river address has changed
A donation with 0 ETH has been performed
The fallback or receive callback has been triggered
Alluvial Finance Inc.
TLC Interface (v1)
TLC token interface
Returns the remaining number of tokens that spender will be allowed to spend on behalf of owner through {transferFrom}. This is zero by default. This value changes when {approve} or {transferFrom} are called.
Sets amount as the allowance of spender over the caller's tokens. Returns a boolean value indicating whether the operation succeeded. IMPORTANT: Beware that changing an allowance with this method brings the risk that someone may use both the old and the new allowance by unfortunate transaction ordering. One possible solution to mitigate this race condition is to first reduce the spender's allowance to 0 and set the desired value afterwards: https://github.com/ethereum/EIPs/issues/20#issuecomment-263524729 Emits an {Approval} event.
Returns the amount of tokens owned by account.
Computes the releasable amount of tokens for a vesting schedule.
Computes the vested amount of tokens for a vesting schedule.
Creates a new vesting scheduleThere may delay between the time a user should start vesting tokens and the time the vesting schedule is actually created on the contract.Typically a user joins the Liquid Collective but some weeks pass before the user gets all legal agreements in place and signed for the token grant emission to happen. In this case, the vesting schedule created for the token grant would start on the join date which is in the past.
As vesting schedules can be created in the past, this means that you should be careful when creating a vesting schedule and what duration parameters you use as this contract would allow creating a vesting schedule in the past and even a vesting schedule that has already ended.
Delegates votes from the sender to delegatee.
Delegates votes from signer to delegatee.
Delegate vesting escrowed tokens
Returns the delegate that account has chosen.
Returns the total supply of votes available at a specific moment in the past. If the clock() is configured to use block numbers, this will return the value at the end of the corresponding block. NOTE: This value is the sum of all available votes, which is not necessarily the sum of all delegated votes. Votes that have not been delegated are still part of total supply, even though they would not participate in a vote.
Returns the amount of votes that account had at a specific moment in the past. If the clock() is configured to use block numbers, this will return the value at the end of the corresponding block.
Get vesting schedule
The vesting schedule structure represents a static configuration used to compute the desired vesting details of a beneficiary at all times. The values won't change even after tokens are released. The only dynamic field of the structure is end, and is updated whenever a vesting schedule is revoked
Get count of vesting schedules
Returns the current amount of votes that account has.
Initializes the TLC Token
Get vesting global unlock schedule activation status for a vesting schedule
Migrates the vesting schedule state structures
Release vesting scheduleWhen tokens are released from the escrow, the delegated address of the escrow will see its voting power decrease.The beneficiary has to make sure its delegation parameters are set properly to be able to use/delegate the voting power of its balance.
Revoke vesting schedule
Returns the amount of tokens in existence.
Moves amount tokens from the caller's account to to. Returns a boolean value indicating whether the operation succeeded. Emits a {Transfer} event.
Moves amount tokens from from to to using the allowance mechanism. amount is then deducted from the caller's allowance. Returns a boolean value indicating whether the operation succeeded. Emits a {Transfer} event.
Get the address of the escrow for a vesting schedule
Emitted when the allowance of a spender for an owner is set by a call to {approve}. value is the new allowance.
A new vesting schedule has been created
Emitted when an account changes their delegate.
Emitted when a token transfer or delegate change results in changes to a delegate's number of votes.
Vesting escrow has been delegated
Vesting schedule has been released
Vesting schedule has been revoked
Emitted when value tokens are moved from one account (from) to another (to). Note that value may be zero.
Underflow in global unlock logic (should never happen)
Attempt to revoke a vesting schedule with an invalid end parameter
Invalid parameter for a vesting schedule
Vesting schedule creator has unsufficient balance to create vesting schedule
The vesting schedule is locked
The vesting schedule is not revocable
Attempt to revoke a schedule in the past
No token to release
Alluvial Finance Inc.
Wrapped LsETH Interface (v1)
This interface exposes methods to wrap the LsETH token into a rebase token.
Retrieves the token allowance given from one address to another
Approves another account to transfer tokens
Retrieves the token balance of the specified user
Burn tokens and retrieve underlying LsETH tokens
The message sender burns shares from its balance for the LsETH equivalent valueThe message sender doesn't need to approve the contract to burn the sharesThe freed LsETH is sent to the specified recipient
Retrieves the token decimal count
Decrease allowance to another account
Increase allowance to another account
Initializes the wrapped token contract
Mint tokens by providing LsETH tokens
The message sender locks LsETH tokens and received wrapped LsETH tokens in exchangeThe message sender needs to approve the contract to mint the wrapped tokensThe minted wrapped LsETH is sent to the specified recipient
Retrieves the token full name
Retrieves the raw shares count of the user
Retrieves the token symbol
Retrieves the token total supply
Transfers tokens between the message sender and a recipient
Transfers tokens between two accounts
It is expected that _from has given at least _value allowance to msg.sender
An approval has been made
Tokens have been burned
Tokens have been minted
The stored value of river has been changed
A transfer has been made
Allowance too low to perform operation
Balance too low to perform operation
Invalid empty transfer
The token transfer failed during the minting or burning process
Invalid transfer recipients
Alluvial Finance Inc.
Withdraw Interface (V1)
This contract is in charge of holding the exit and skimming funds and allow river to pull these funds
Retrieve the withdrawal credentials to use
Retrieve the linked River address
Callable by River, sends the specified amount of ETH to River
Emitted when the linked River address is changed
This is an ERC20 extension that- can be used as source of vote power (inherited from OpenZeppelin ERC20VotesUpgradeable)- can delegate vote power from an account to another account (inherited from OpenZeppelin ERC20VotesUpgradeable)- can manage token vestings: ownership is progressively transferred to a beneficiary according to a vesting schedule- keeps a history (checkpoints) of each account's vote power@notice Notes from OpenZeppelin - vote power can be delegated either by calling the {delegate} function, or by providing a signature to be used with {delegateBySig}- keeps a history (checkpoints) of each account's vote power- power can be queried through the public accessors {getVotes} and {getPastVotes}.- by default, token balance does not account for voting power. This makes transfers cheaper. The downside is that it requires users to delegate to themselves in order to activate checkpoints and have their voting power tracked.@notice Notes about token vesting- any token holder can call the method {createVestingSchedule} in order to transfer tokens to a beneficiary according to a vesting schedule. When creating a vesting schedule, tokens are transferred to an escrow that holds the token while the vesting progresses. Voting power of the escrowed token is delegated to the beneficiary or a delegatee account set by the vesting schedule creator- the schedule beneficiary call {releaseVestingSchedule} to get vested tokens transferred from escrow- the schedule creator can revoke a revocable schedule by calling {revokeVestingSchedule} in which case the non-vested tokens are transferred from the escrow back to the creator- the schedule beneficiary can delegate escrow voting power to any account by calling {delegateVestingEscrow}@notice Vesting schedule attributes are- start : start time of the vesting period- cliff duration: duration before which first tokens gets ownable- total duration: duration of the entire vesting (sum of all vesting period durations)- period duration: duration of a single period of vesting- lock duration: duration before tokens gets unlocked. can exceed the duration of the vesting schedule- amount: amount of tokens granted by the vesting schedule- beneficiary: beneficiary of tokens after they are releaseVestingScheduled- revocable: whether the schedule can be revoked- ignoreGlobalUnlockSchedule: whether the schedule should ignore the global unlock schedule@notice Vesting schedule- if currentTime < cliff: vestedToken = 0- if cliff <= currentTime < end: vestedToken = (vestedPeriodCount(currentTime) _ periodDuration _ amount) / totalDuration- if end < currentTime: vestedToken = amount@notice Global unlock schedule- the global unlock schedule releases 1/24th of the total scheduled amount every month after the local lock end- the local lock end is the end of the lock period of the vesting schedule- the global unlock schedule is ignored if the vesting schedule has the ignoreGlobalUnlockSchedule flag set to true- the global unlock schedule is only a cap on the vested funds that can be withdrawn, it does not alter the vesting@notice Remark: After cliff new tokens get vested at the end of each period@notice Vested token & lock period- a vested token is a token that will be eventually releasable from the escrow to the beneficiary once the lock period is over- lock period prevents beneficiary from releasing vested tokens before the lock period ends. Vested tokens will eventually be releasable once the lock period is over@notice Example: Joe gets a vesting starting on Jan 1st 2022 with duration of 1 year and a lock period of 2 years.On Jan 1st 2023, Joe will have all tokens vested but can not yet release it due to the lock period.On Jan 1st 2024, lock period is over and Joe can release all tokens.
_name
string
The name identifying the operator
_operator
address
The address representing the operator, receiving the rewards
_0
uint256
The index of the new operator
_index
uint256
The operator index
_keyCount
uint32
The amount of keys provided
_publicKeysAndSignatures
bytes
Public keys of the validator, concatenated
_count
uint256
The amount of exit requests to add to the demand
_depositedValidatorCount
uint256
The total deposited validator count
_0
uint256
The current exit request demand
_count
uint256
Count of validators that would be funded next
publicKeys
bytes[]
An array of fundable public keys
signatures
bytes[]
An array of signatures linked to the public keys
_index
uint256
The index of the operator
_0
OperatorsV2.Operator
The details of the operator
_0
uint256
The operator count
_idx
uint256
The index of the operator
_0
uint32
The stopped validator count of the operator
_0
address
The address of River
_0
uint32
The total stopped count
_1
uint256
The total requested exit count
_0
uint32[]
The stopped validator array
_0
uint32
The total stopped validator count
_0
uint256
The total requested exit count
_operatorIndex
uint256
The index of the operator
_validatorIndex
uint256
The index of the validator
publicKey
bytes
The public key of the validator
signature
bytes
The signature used during deposit
funded
bool
True if validator has been funded
_admin
address
Admin in charge of managing operators
_river
address
Address of River system
_0
OperatorsV2.Operator[]
The list of active operators and their details
_count
uint256
Max amount of keys requested
publicKeys
bytes[]
An array of public keys
signatures
bytes[]
An array of signatures linked to the public keys
_index
uint256
The operator index
_indexes
uint256[]
The indexes of the keys to remove
_stoppedValidatorCounts
uint32[]
The new stopped validators array
_depositedValidatorCount
uint256
The total deposited validator count
_count
uint256
Max amount of exits to request
_index
uint256
The operator index
_newOperatorAddress
address
The new address of the operator
_operatorIndexes
uint256[]
The operator indexes, in increasing order and duplicate free
_newLimits
uint32[]
The new staking limit of the operators
_snapshotBlock
uint256
The block number at which the snapshot was computed
_index
uint256
The operator index
_newName
string
The new operator name
_index
uint256
The operator index
_newStatus
bool
The new status of the operator
index indexed
uint256
The operator index
name
string
The operator display name
operatorAddress indexed
address
The operator address
index indexed
uint256
The operator index
publicKeysAndSignatures
bytes
The concatenated public keys and signatures
index indexed
uint256
The operator index
publicKeys
bytes[]
BLS Public key that got funded
deferred
bool
True if event has been replayed in the context of a migration
index indexed
uint256
The operator index
currentLimit
uint256
The current operator limit
newLimit
uint256
The new operator limit that was attempted to be set
latestKeysEditBlockNumber indexed
uint256
The last block number at which the operator changed its keys
snapshotBlock indexed
uint256
The block number of the snapshot
index indexed
uint256
The operator index
limit
uint256
The limit of the operator
index indexed
uint256
The operator index
publicKey
bytes
The BLS public key that has been removed
index indexed
uint256
The operator index
count
uint256
The count of requested exits
previousValidatorExitsDemand
uint256
The previous exit request demand
nextValidatorExitsDemand
uint256
The new exit request demand
index indexed
uint256
The operator index
newOperatorAddress indexed
address
The new operator address
index indexed
uint256
The operator index
newLimit
uint256
The new operator staking limit
index indexed
uint256
The operator index
newName
string
The new display name
index indexed
uint256
The operator index
active
bool
True if the operator is active
index indexed
uint256
The operator index
newStoppedValidatorCount
uint256
The new stopped validator count
river indexed
address
The new river address
previousTotalValidatorExitsRequested
uint256
The previous total requested exit
newTotalValidatorExitsRequested
uint256
The new total requested exit
index indexed
uint256
The operator index
oldRequestedExits
uint32
The old requested exit count
newRequestedExits
uint32
The new requested exit count
stoppedValidatorCounts
uint32[]
The new stopped validator counts
index
uint256
The operator index
index
uint256
The operator index
limit
uint256
The new limit provided
keyCount
uint256
The operator key count
index
uint256
The operator index
limit
uint256
The new limit provided
fundedKeyCount
uint256
The operator funded key count
operatorIndex
uint256
undefined
stoppedCount
uint32
undefined
fundedCount
uint32
undefined
_newOracleMember
address
Address of the new member
_newQuorum
uint256
New quorum value
_0
uint256
The raw report status value
_0
uint256
The last reported epoch id
_oracleMember
address
Address of member to check
_0
bool
True if member has reported
_0
address[]
The oracle members
_0
uint256
The current quorum
_idx
uint256
The index of the report variant
_0
ReportsVariants.ReportVariantDetails
The report variant details
_0
uint256
The count of report variants
_0
address
The address of River
_river
address
Address of the River contract, able to receive oracle input data after quorum is met
_administratorAddress
address
Address able to call administrative methods
_epochsPerFrame
uint64
CL spec parameter. Number of epochs in a frame.
_slotsPerEpoch
uint64
CL spec parameter. Number of slots in one epoch.
_secondsPerSlot
uint64
CL spec parameter. Number of seconds between slots.
_genesisTime
uint64
CL spec parameter. Timestamp of the genesis slot.
_annualAprUpperBound
uint256
CL bound parameter. Maximum apr allowed for balance increase. Delta between updates is extrapolated on a year time frame.
_relativeLowerBound
uint256
CL bound parameter. Maximum relative balance decrease.
_memberAddress
address
Address of the member
_0
bool
True if address is a member
_oracleMember
address
Address to remove
_newQuorum
uint256
New quorum value
_report
IOracleManagerV1.ConsensusLayerReport
undefined
_oracleMember
address
Address to change
_newAddress
address
New address for the member
_newQuorum
uint256
New quorum parameter
member indexed
address
The address of the member
member indexed
address
The address of the member
member indexed
address
The oracle member
variant indexed
bytes32
The variant of the report
report
IOracleManagerV1.ConsensusLayerReport
The raw report structure
voteCount
uint256
The vote count
quorum
uint256
undefined
annualAprUpperBound
uint256
The maximum allowed apr. 10% means increases in balance extrapolated to a year should not exceed 10%.
relativeLowerBound
uint256
The maximum allowed balance decrease as a relative % of the total balance
lastReportedEpoch
uint256
undefined
oldAddress indexed
address
The previous member address
newAddress indexed
address
The new member address
newQuorum
uint256
The new quorum value
_river
address
The new river address
epochsPerFrame
uint64
The number of epochs inside a frame (225 = 24 hours)
slotsPerEpoch
uint64
The number of slots inside an epoch (32 on ethereum mainnet)
secondsPerSlot
uint64
The time between two slots (12 seconds on ethereum mainnet)
genesisTime
uint64
The timestamp of block #0
newAddress
address
The address already in use
epochId
uint256
The epoch id provided as input
member
address
The oracle member
providedEpochId
uint256
The epoch id provided as input
minExpectedEpochId
uint256
The minimum epoch id expected
epoch
uint256
The invalid epoch
index
uint256
Requested index
length
uint256
Size of the variant array
_riverAddress
address
Address of River
_maxAmount
uint256
The maximum amount to pull into the system
donator indexed
address
Address that performed the donation
amount
uint256
The amount donated
river indexed
address
The new river address
owner
address
undefined
spender
address
undefined
_0
uint256
undefined
spender
address
undefined
amount
uint256
undefined
_0
bool
undefined
account
address
undefined
_0
uint256
undefined
_index
uint256
index of the vesting schedule
_0
uint256
amount of releasable tokens
_index
uint256
index of the vesting schedule
_0
uint256
amount of vested tokens
_start
uint64
start time of the vesting
_cliffDuration
uint32
duration to vesting cliff (in seconds)
_duration
uint32
total vesting schedule duration after which all tokens are vested (in seconds)
_periodDuration
uint32
duration of a period after which new tokens unlock (in seconds)
_lockDuration
uint32
duration during which tokens are locked (in seconds)
_revocable
bool
whether the vesting schedule is revocable or not
_amount
uint256
amount of token attributed by the vesting schedule
_beneficiary
address
address of the beneficiary of the tokens
_delegatee
address
address to delegate escrow voting power to
_ignoreGlobalUnlockSchedule
bool
whether the vesting schedule should ignore the global lock
_0
uint256
index of the created vesting schedule
delegatee
address
undefined
delegatee
address
undefined
nonce
uint256
undefined
expiry
uint256
undefined
v
uint8
undefined
r
bytes32
undefined
s
bytes32
undefined
_index
uint256
index of the vesting schedule
_delegatee
address
address to delegate the token to
_0
bool
True on success
account
address
undefined
_0
address
undefined
timepoint
uint256
undefined
_0
uint256
undefined
account
address
undefined
timepoint
uint256
undefined
_0
uint256
undefined
_index
uint256
Index of the vesting schedule
_0
VestingSchedulesV2.VestingSchedule
undefined
_0
uint256
count of vesting schedules
account
address
undefined
_0
uint256
undefined
_account
address
The initial account to grant all the minted tokens
_index
uint256
Index of the vesting schedule
_0
bool
true if the vesting schedule should ignore the global unlock schedule
_index
uint256
Index of the vesting schedule to release
_0
uint256
released amount
_index
uint256
Index of the vesting schedule to revoke
_end
uint64
End date for the schedule
returnedAmount
uint256
amount returned to the vesting schedule creator
_0
uint256
undefined
to
address
undefined
amount
uint256
undefined
_0
bool
undefined
from
address
undefined
to
address
undefined
amount
uint256
undefined
_0
bool
undefined
_index
uint256
Index of the vesting schedule
_0
address
address of the escrow
owner indexed
address
undefined
spender indexed
address
undefined
value
uint256
undefined
index
uint256
Vesting schedule index
creator indexed
address
Creator of the vesting schedule
beneficiary indexed
address
Vesting beneficiary address
amount
uint256
Vesting schedule amount
delegator indexed
address
undefined
fromDelegate indexed
address
undefined
toDelegate indexed
address
undefined
delegate indexed
address
undefined
previousBalance
uint256
undefined
newBalance
uint256
undefined
index
uint256
Vesting schedule index
oldDelegatee indexed
address
old delegatee
newDelegatee indexed
address
new delegatee
beneficiary indexed
address
vesting schedule beneficiary
index
uint256
Vesting schedule index
releasedAmount
uint256
Amount of tokens released to the beneficiary
index
uint256
Vesting schedule index
returnedAmount
uint256
Amount of tokens returned to the creator
newEnd
uint256
New end timestamp after revoke action
from indexed
address
undefined
to indexed
address
undefined
value
uint256
undefined
msg
string
undefined
_owner
address
Owner that gave the allowance
_spender
address
Spender that received the allowance
_0
uint256
The allowance of the owner to the spender
_spender
address
Spender that receives the allowance
_value
uint256
Amount to allow
_0
bool
True if success
_owner
address
Owner to check the balance
_0
uint256
The balance of the owner
_recipient
address
The account receiving the underlying LsETH tokens after shares are burned
_shares
uint256
Amount of LsETH to free by burning wrapped LsETH
_0
uint8
The decimal count
_spender
address
Spender that receives the allowance
_subtractableValue
uint256
Amount to subtract
_0
bool
True if success
_spender
address
Spender that receives the allowance
_additionalValue
uint256
Amount to add
_0
bool
True if success
_river
address
Address of the River contract
_recipient
address
The account receiving the new minted wrapped LsETH
_shares
uint256
The amount of LsETH to wrap
_0
string
The name of the token
_owner
address
Owner to check the shares balance
_0
uint256
The shares of the owner
_0
string
The symbol of the token
_0
uint256
The total supply
_to
address
Recipient of the transfer
_value
uint256
Amount to transfer
_0
bool
True if success
_from
address
Sender account
_to
address
Recipient of the transfer
_value
uint256
Amount to transfer
_0
bool
True if success
owner indexed
address
The token owner
spender indexed
address
The account allowed by the owner
value
uint256
The amount allowed
recipient indexed
address
The account that receive the underlying LsETH
shares
uint256
The amount of LsETH that got sent back
recipient indexed
address
The account receiving the new tokens
shares
uint256
The amount of LsETH provided
river indexed
address
The new address of river
from indexed
address
The transfer sender
to indexed
address
The transfer recipient
value
uint256
The amount transferred
_from
address
Account where funds are sent from
_operator
address
Account attempting the transfer
_allowance
uint256
Current allowance
_value
uint256
Requested transfer value
_from
address
Account sending the funds in the invalid transfer
_to
address
Account receiving the funds in the invalid transfer
_0
bytes32
The withdrawal credentials
_0
address
The River address
_river
address
The address of the River contract
_amount
uint256
The amount to pull
river
address
The new River address
Lib Basis Points
Holds the basis points max value
Lib Errors
Library of common errors
The argument was invalid
The call was invalid
The string is empty
The fee is invalid
The address is zero
The operator is unauthorized for the caller
caller
address
Address performing the call
Deposit Contract Interface
This interface exposes methods to perform validator deposits
Official deposit method to activate a validator on the consensus layer
pubkey
bytes
The 48 bytes long BLS Public key representing the validator
withdrawalCredentials
bytes
The 32 bytes long withdrawal credentials, configures the withdrawal recipient
signature
bytes
The 96 bytes long BLS Signature performed by the pubkey's private key
depositDataRoot
bytes32
The root hash of the whole deposit data structure
Query the current deposit root hash.
_0
bytes32
The deposit root hash.
Lib Unstructured Storage
Utilities to work with unstructured storage
Lib Sanitize
Utilities to sanitize input values
Alluvial Finance Inc.
Execution Layer Fee Recipient Interface (v1)
This interface exposes methods to receive all the execution layer fees from the proposed blocks + bribes
Initialize the fee recipient with the required arguments
_riverAddress
address
Address of River
Pulls ETH to the River contract
Only callable by the River contract
_maxAmount
uint256
The maximum amount to pull into the system
The storage river address has changed
river indexed
address
The new river address
The fallback has been triggered
Alluvial Finance Inc.
Lib Administrable
This library handles the admin and pending admin storage vars
CurrentValidatorExitsDemand Storage
This value controls the current demand for exits that still need to be triggered in order to notify the operatorsUtility to manage the CurrentValidatorExitsDemand in storage
TotalValidatorExitsRequested Storage
This value is the amount of performed exit requests, only increased when there is current exit demandUtility to manage the TotalValidatorExitsRequested in storage
Lib Uint256
Utilities to perform uint operations
Lib Allowlist Masks
Holds all the mask values
Allower Address Storage
Utility to manage the Allower Address in storage
Denier Address Storage
Utility to manage the Denier Address in storage
Last Epoch Id Storage
Utility to manage the Last Epoch Id in storage
Quorum Storage
Utility to manage the Quorum in storage
Allowlist Storage
Utility to manage the Allowlist mapping in storage
Reports Positions Storage
Utility to manage the Reports Positions in storage
Each bit in the stored uint256 value tells if the member at a given index has reported
Redeem Demand storage
Redeem Manager utility to store the current demand in LsETH
Reports Variants Storage
Utility to manage the Reports Variants in storage
Redeem Manager Redeem Queue storage
Utility to manage the Redeem Queue in the Redeem Manager
Redeem Manager Withdrawal Stack storage
Utility to manage the Withdrawal Stack in the Redeem Manager
Consensus Layer Spec Storage
Utility to manage the Consensus Layer Spec in storage
Provide users with protections over protocol access for compliance, while ensuring composability with the rest of the DeFi ecosystem
Liquid Collective is designed to provide users with protections over protocol access via know-your-customer (KYC) and anti-money-laundering (AML) verification, while still ensuring composability with the rest of the DeFi ecosystem.
This facilitates compliance by providing the level of counterparty risk management required for enterprises and institutions to participate in staking on the protocol.
The Liquid Collective protocol:
Requires users to be on the Allowlist before they can deposit ETH or redeem LsETH
Enables users to transfer LsETH freely
Liquid Collective works with a variety of Platforms, including trading venues and custodians, to provide a seamless on-ramp for the protocol’s stakers. KYC’d users who utilize a Platform’s services to allowlist their wallet can deposit to Liquid Collective and mint LsTokens.
Participation in Liquid Collective's smart contracts is restricted to allowlisted wallet addresses. This is meant for compliance purposes, ensuring that any user who wants to stake first completes a review and approval process (typically a know-your-business (KYB)/ know-your-customer (KYC) process).
The Liquid Collective Allowlist smart contract holds:
An Allowlist of depositors with their permissions over the protocol (deposit, withdraw)
To meet the compliance needs of Liquid Collective participants, the Liquid Collective protocol has an "access denial" mechanism for blocking individual Ethereum addresses from sending, receiving, minting, redeeming or claiming LsETH. The protocol does not have any mechanism for forcing a transfer of LsETH, reversing a transfer of LsETH or otherwise altering the balance of LsETH at an address.
The Liquid Collective's policy is that access will only be denied where there is a determination that not denying access to an address presents a threat to the security, integrity or reliability of the protocol. Examples of such circumstances include security breaches or legal requirements.
This guide is intended for Node Operators participating in the Liquid Collective protocol.
Node Operators receive ETH delegation from the protocol and they are remunerated proportionally to the delegation they receive.
Node Operators interested in receiving ETH delegation should go through the following flow.
One-time protocol onboarding
Node operator generates Node Operator wallet
Node Operator address gets approved on the Node Operator registry contracts
On-going operations
Pre-registration of validator keys
Node Operator generates validator keys in its infrastructure with expected configuration (withdrawal credentials, execution layer fee recipient, etc.)
Node Operator submits validator keys to the Node Operators registry contract by sending a transaction using the Node Operator wallet
From this point in time, validator keys should be ready to get funded
Protocol administrator reviews and confirms added keys are valid
Validates validator keys, ensuring withdrawal credentials, deposit data, and signatures are correct
Administrator increases operator limit making validator keys eligible for funding. From this point in time, validators keys can be funded at any time
Validator keys are funded and activated
Protocol regularly picks eligible validator keys and deposits them to the official Ethereum deposit contract
Once deposited, validator keys enter the activation queue as per the standard Ethereum staking procedure
Run the Exit Daemon
Node Operators are responsible for exiting their own validators
Node Operators have the possibility of running the lceth exit daemon in order to be notified when they should exit their validators
The recommended installation is to use the public Docker image public.ecr.aws/alluvial/liquid-collective/lceth:latest
It is also possible to build the binary from sources.
Generate (or Import) Node Operator Wallet
The Node Operator needs a wallet to submit validator keys. The wallet must be approved on the Node Operator Registry Contract.
To generate such a wallet you can use the following command:
Once generated or imported you should securely store the key file and password for later usage, as you will need it each time you need to register keys.
It is also possible to import an existing wallet:
Approve Node Operator Wallet
A Node Operator should provide administrators with:
name: As the Node Operator will be publicly listed on the Node Operator contract
address: The Node Operator wallet address previously generated
Node Operator Index
Once approved, a Node Operator will get its operator index on the Node Operators Registry. This index will never change over time.
To get your node operator index, run the below command and find your name in the returned list.
Pre-registering validators consists of submitting new validators keys to the Node Operators registry contract so they can be picked for validation and funded.
As a Node Operator, you should typically pre-register new validators keys when:
It is the first time you pre-register keys
Most of the keys that you have pre-registered have been funded
It is the responsibility of the Node Operator to make sure validator keys are available for funding.
In the case that a Node Operator has no validator keys available, it will not receive an ETH delegation from the protocol.
Generate validator keys, deposit data and signatures
A Node Operator is responsible for generating validator keys in its own infrastructure.
Node Operators are required to set withdrawal credentials to the address of Withdrawal contract.
To get withdrawal credentials you can run:
As a result of the validator key generation, a Node Operator should obtain a JSON file matching the following format:
Configure validator exec layer fee recipient address
Node Operators are required to set the fee recipient of the validators to the ELFeeRecipient contract that is responsible to flow the execution layer network rewards to the core River contract.
To get the ELFeeRecipient address you can run:
Exec layer fee recipient address and withdrawal address are not the same.
Submit validator keys
Submit validator keys consists of sending a addValidatorKeys(...) transaction to the OperatorsRegistry contract. The transactions should be signed by the Node Operator address:
To submit validator keys you can run the following command:
Once the transaction has been sent to the network and validated, the validator keys are listed on the Node Operators Registry contract and will be reviewed by the administrator.
Node Operators should be careful that validator keys can be picked, funded, and deposited to the official Ethereum Deposit Contract at any time.
Once a validator key has been funded and deposited, it enters the activation queue. When this happens, the Node Operator should make sure that the corresponding validator key gets properly deployed to its validator infrastructure so the validator is ready when validator activation occurs.
We strongly recommend Node Operators effectively monitor the Deposit Contract, in particular watching DepositEvent to never miss an activation.
Node Operators are responsible for exiting their own validators
Node Operators can use the provided Exit Daemon
Useful events:
FundedValidatorKeys
RequestedValidatorExits
The Validator Exit Daemon is an off-chain application designed to help Liquid Collective Node Operators exit validator keys with ease.
Node Operators are responsible for exiting validator keys from the Consensus Layer, allowing withdrawn funds to be used for satisfying conversions of LsETH for ETH.
LsETH holders convert LsETH for ETH through the protocol, creating a request for ETH.
The protocol regularly rebalance's ETH positions. When it needs ETH funds to fulfill redeem demands, it withdraws funds from the Consensus Layer and signals Node Operators by emitting an event requesting validator keys to be exited. The protocol is responsible for selecting the Node Operators that need to exit keys, depending on the current validator key allocation.
Upon receiving a validator exit request event, the Node Operator exits the requested number of validator keys, which results in broadcasting ValidatorExit messages to the Consensus Layer. This step is facilitated by the Validator Exit Daemon application.
After validator keys pass through the exit queue, funds are withdrawn to the LC Withdraw contract, and the Liquid Collective protocol takes over the ETH to satisfy the LsETH conversion requests.
Validator exit is triggered by broadcasting a ValidatorExit message signed with the validator's private key on the Consensus Layer.
We cannot rely on the Dual-Key exit design to also allow triggering the validator key exit from the withdrawal_credentials. Even if this option is preferred, it is not expected to be available on day 1 of the withdrawals.
Validator keys may be slashed, resulting in the keys undergoing the Consensus Layer slashing process and eventually leading to the withdrawal of funds after incurring penalties (this takes at least 36 days).
Existing Liquid Collective validator keys have all been set with a 0x1 prefix and point to the Withdraw contract.
Liquid Collective Node Operators use diverse infrastructure base layers (clouds, bare metal, containers/orchestration), client software (Prysm, Lighthouse, etc.), and may use or not use signers (e.g., Web3Signer). This diversity is expected to grow with staking innovations (e.g., DVT).
Liquid Collective Node Operators have (or are building) infrastructure & processes
The Validator Exit Daemon is a long-lived application containerized in a Docker image designed to be run by Node Operators in their infrastructure.
It accesses data from both the Execution Layer and Consensus Layer connected to nodes in the Node Operator infrastructure.
It assumes that Node Operators have an existing system and process in place for proceeding with validator key exits.
The Daemon can interact with the existing exit system through one or both of the following methods:
HTTP hook: Called by the Daemon each time a validator request exit event is emitted, and a validator key should be exited. Node Operators can configure the callback to match any endpoint.
API polling: The Daemon exposes an API that Node Operators can poll to retrieve the key to exit.
The Validator Exit Daemon will provide the following information to the Node Operator:
Number of validator keys to exit
Recommended keys to exit
Diagram
Sequence diagram
A synced Execution Layer client with a JSON-RPC endpoint enabled. All implementations are supported (Geth, Erigon, Besu, etc.)
A synced Consensus Layer client with an API endpoint enabled. All implementations are supported (Prysm, Teku, Lighthouse, etc.)
The recommended installation is to use the public Docker image public.ecr.aws/alluvial/liquid-collective/lceth:latest
API
By default, the Exit daemon exposes an API route that Node Operators can use, either in conjunction with or without the HTTP hook.
This allows an operator to retrieve the recommended keys to exit at the current time.
The API meets the following requirements:
Webhook
The Exit daemon can run an HTTP hook system that sends validator exit request callbacks to the operator's existing systems when it receives a Validator Exit request event from the Consensus Layer.
The Exit daemon is stateless. If the webhook is enabled, it will send a call at each start if there is a pending exit request.
Operators can customize the webhook call by providing a template for the body, endpoint, and headers, and use the following macros to pass data related to the exit event:
total_requested_exits represents the total requested exits since the beginning of the contract. It’s a incremental-only counter emitted by the RequestedValidatorExits event.
validators_to_exit (as well as validators_to_exit_pubkeys & validators_to_exit_indexes) is an array of the validators to exit at a given time. To get them, the exit daemon fetches all the keys of an operator (via the FundedValidatorKeys event), check their status on the consensus layer to know those already exited, and then make a diff with total_requested_exits to know how many keys are remaining to exit.
Example of webhook template:
Usage output:
An Allowlister, which is a trusted party responsible for allowing users to participate in the Liquid Collective protocol. Typically (ex. a custodial Platform performing KYC/AML checks on their customers) submit a user's wallet address to the Allowlister for subsequent addition to the Allowlist
When a depositor wants to stake with the Liquid Collective protocol, their address must first be added to the Allowlist and be granted the corresponding permissions. Learn more about the type of Platforms that add users to the Allowlist in the .
Requests by third parties for denial of access to an address must be submitted in writing to . This policy and compliance with a request do not constitute acknowledgment or attornment by The Liquid Foundation or any other participant in the Liquid Collective to laws to which that participant is not already subject.
Node Operators are validator infrastructure providers responsible for running validator nodes on the Ethereum consensus layer in the name of the protocol. Node Operators must have the capacity to scale to a large number of validator nodes, meet certain compliance requirements, and meet certain performance requirements, including Liquid Collective's .
provides various commands to facilitate Node Operators in the process of managing validator keys.
CLI is compatible with the and can be used in conjunction with it.
For each generated key, a Node Operator is also expected to generate the corresponding DepositMessage and BLS12-381 signature as per the
Per , once a Type 1 (0x01) withdrawal address is set those withdrawal credentials cannot be changed.
It is possible to use the to generate keys, which produces a file in the above format.
The webhook templating imports the . Which means additional functions are available to format the output.
Figment
Firewall
This interface exposes methods to accept calls to admin-level functions of an underlying contract.
Sets the permission for a function selector
_functionSelector
bytes4
Method signature on which the permission is changed
_executorCanCall
bool
True if selector is callable by the executor
Retrieve the destination address
_0
address
The destination address
Retrieve the executor address
_0
address
The executor address
Returns true if the executor is allowed to perform a call on the given selector
_selector
bytes4
The selector to verify
_0
bool
True if executor is allowed to call
Sets the executor address
_newExecutor
address
New address for the executor
The stored destination address has been changed
destination indexed
address
The new destination address
The stored executor address has been changed
executor indexed
address
The new executor address
The storage permission for a selector has been changed
selector
bytes4
The 4 bytes method selector
status
bool
True if executor is allowed
Alluvial Finance Inc.
Operators Registry (v1)
This contract handles the list of operators and their keys
Accept the transfer of ownership
Only callable by the pending admin. Resets the pending admin if successful.
Adds an operator to the registry
Only callable by the administrator
_name
string
The name identifying the operator
_operator
address
The address representing the operator, receiving the rewards
_0
uint256
The index of the new operator
Adds new keys for an operator
Only callable by the administrator or the operator address
_index
uint256
The operator index
_keyCount
uint32
The amount of keys provided
_publicKeysAndSignatures
bytes
Public keys of the validator, concatenated
Increases the exit request demand
This method is only callable by the river contract, and to actually forward the information to the node operators via event emission, the unprotected requestValidatorExits method must be called
_count
uint256
The amount of exit requests to add to the demand
_depositedValidatorCount
uint256
The total deposited validator count
Utility to force the broadcasting of events. Will keep its progress in storage to prevent being DoSed by the number of keys
_amountToEmit
uint256
The amount of events to emit at maximum in this call
Retrieves the current admin address
_0
address
The admin address
Get the current exit request demand waiting to be triggeredThis value is the amount of exit requests that are demanded and not yet performed by the contract
_0
uint256
The current exit request demand
Get the next validators that would be funded
_count
uint256
Count of validators that would be funded next
publicKeys
bytes[]
An array of fundable public keys
signatures
bytes[]
An array of signatures linked to the public keys
Get operator details
_index
uint256
The index of the operator
_0
OperatorsV2.Operator
The details of the operator
Get operator count
_0
uint256
The operator count
Retrieve the stopped validator count for an operator index
_idx
uint256
The index of the operator
_0
uint32
The stopped validator count of the operator
Retrieve the current pending admin address
_0
address
The pending admin address
Retrieve the River address
_0
address
The address of River
Retrieve the total stopped and requested exit count
_0
uint32
The total stopped count
_1
uint256
The total requested exit count
Retrieve the raw stopped validators array from storage
_0
uint32[]
The stopped validator array
Retrieve the total stopped validator count
_0
uint32
The total stopped validator count
Retrieve the total requested exit countThis value is the amount of exit requests that have been performed, emitting an event for operators to catch
_0
uint256
The total requested exit count
Get the details of a validator
_operatorIndex
uint256
The index of the operator
_validatorIndex
uint256
The index of the validator
publicKey
bytes
The public key of the validator
signature
bytes
The signature used during deposit
funded
bool
True if validator has been funded
Initializes the operators registry
_admin
address
Admin in charge of managing operators
_river
address
Address of River system
Initializes the operators registry for V1_1
Retrieve the active operator set
_0
OperatorsV2.Operator[]
The list of active operators and their details
Retrieve validator keys based on operator statuses
_count
uint256
Max amount of keys requested
publicKeys
bytes[]
An array of public keys
signatures
bytes[]
An array of signatures linked to the public keys
Proposes a new address as admin
This security prevents setting an invalid address as an admin. The pending admin has to claim its ownership of the contract, and prove that the new address is able to perform regular transactions.
_newAdmin
address
New admin address
Remove validator keys
Only callable by the administrator or the operator address. The indexes must be provided sorted in decreasing order and duplicate-free, otherwise the method will revert. The operator limit will be set to the lowest deleted key index if the operator's limit wasn't equal to its total key countThe operator or the admin cannot remove funded keysWhen removing validators, the indexes of specific unfunded keys can be changed in order to properly remove the keys from the storage array. Beware of this specific behavior when chaining calls as the targeted public key indexes can point to a different key after a first call was made and performed some swaps
_index
uint256
The operator index
_indexes
uint256[]
The indexes of the keys to remove
Allows river to override the stopped validators arrayThis actions happens during the Oracle report processing
_stoppedValidatorCounts
uint32[]
The new stopped validators array
_depositedValidatorCount
uint256
The total deposited validator count
Public endpoint to consume the exit request demand and perform the actual exit requestsThe selection algorithm will pick validators based on their active validator countsThis value is computed by using the count of funded keys and taking into account the stopped validator counts and exit requests
_count
uint256
Max amount of exits to request
Changes the operator address of an operator
Only callable by the administrator or the previous operator address
_index
uint256
The operator index
_newOperatorAddress
address
The new address of the operator
Changes the operator staking limit
Only callable by the administratorThe operator indexes must be in increasing order and contain no duplicateThe limit cannot exceed the total key count of the operatorThe _indexes and _newLimits must have the same length.Each limit value is applied to the operator index at the same index in the _indexes array.
_operatorIndexes
uint256[]
The operator indexes, in increasing order and duplicate free
_newLimits
uint32[]
The new staking limit of the operators
_snapshotBlock
uint256
The block number at which the snapshot was computed
Changes the operator name
Only callable by the administrator or the operator
_index
uint256
The operator index
_newName
string
The new operator name
Changes the operator status
Only callable by the administrator
_index
uint256
The operator index
_newStatus
bool
The new status of the operator
Retrieves the version of the contract
_0
string
Version of the contract
A new operator has been added to the registry
index indexed
uint256
The operator index
name
string
The operator display name
operatorAddress indexed
address
The operator address
The operator or the admin added new validator keys and signatures
The public keys and signatures are concatenatedA public key is 48 bytes longA signature is 96 bytes long[P1, S1, P2, S2, ..., PN, SN] where N is the bytes length divided by (96 + 48)
index indexed
uint256
The operator index
publicKeysAndSignatures
bytes
The concatenated public keys and signatures
A validator key got funded on the deposit contract. This event was introduced during a contract upgrade, in order to cover all possible public keys, this event will be replayed for past funded keys in order to have a complete coverage of all the funded public keys. In this particular scenario, the deferred value will be set to true, to indicate that we are not going to have the expected additional events and side effects in the same transaction (deposit to official DepositContract etc ...) because the event was synthetically crafted.
index indexed
uint256
The operator index
publicKeys
bytes[]
BLS Public key that got funded
deferred
bool
True if event has been replayed in the context of a migration
Emitted when the contract is properly initialized
version
uint256
New version of the contracts
cdata
bytes
Complete calldata that was used during the initialization
The operator edited its keys after the snapshot block
This means that we cannot assume that its key set is checked by the snapshotThis happens only if the limit was meant to be increased
index indexed
uint256
The operator index
currentLimit
uint256
The current operator limit
newLimit
uint256
The new operator limit that was attempted to be set
latestKeysEditBlockNumber indexed
uint256
The last block number at which the operator changed its keys
snapshotBlock indexed
uint256
The block number of the snapshot
The call didn't alter the limit of the operator
index indexed
uint256
The operator index
limit
uint256
The limit of the operator
The operator or the admin removed a public key and its signature from the registry
index indexed
uint256
The operator index
publicKey
bytes
The BLS public key that has been removed
The requested exit count has been updated
index indexed
uint256
The operator index
count
uint256
The count of requested exits
The admin address changed
admin indexed
address
New admin address
The exit request demand has been updated
previousValidatorExitsDemand
uint256
The previous exit request demand
nextValidatorExitsDemand
uint256
The new exit request demand
The operator address has been changed
index indexed
uint256
The operator index
newOperatorAddress indexed
address
The new operator address
The operator limit has been changed
index indexed
uint256
The operator index
newLimit
uint256
The new operator staking limit
The operator display name has been changed
index indexed
uint256
The operator index
newName
string
The new display name
The operator status has been changed
index indexed
uint256
The operator index
active
bool
True if the operator is active
The operator stopped validator count has been changed
index indexed
uint256
The operator index
newStoppedValidatorCount
uint256
The new stopped validator count
The pending admin address changed
pendingAdmin indexed
address
New pending admin address
The stored river address has been changed
river indexed
address
The new river address
The total requested exit has been updated
previousTotalValidatorExitsRequested
uint256
The previous total requested exit
newTotalValidatorExitsRequested
uint256
The new total requested exit
The requested exit count has been update to fill the gap with the reported stopped count
index indexed
uint256
The operator index
oldRequestedExits
uint32
The old requested exit count
newRequestedExits
uint32
The new requested exit count
The stopped validator array has been changedA validator is considered stopped if exiting, exited or slashedThis event is emitted when the oracle reports new stopped validators counts
stoppedValidatorCounts
uint32[]
The new stopped validator counts
Emitted when the event rebroadcasting is done and we attempt to broadcast new events
The calling operator is inactive
index
uint256
The operator index
The provided operator and limits array have different lengths
The provided operator and limits array are empty
Thrown when an invalid empty stopped validator array is provided
The string is empty
A funded key deletion has been attempted
The index that is removed is out of bounds
An error occurred during the initialization
version
uint256
The version that was attempting to be initialized
expectedVersion
uint256
The version that was expected
The provided key count is 0
The provided concatenated keys do not have the expected length
Thrown when the sum of stopped validators is invalid
The index provided are not sorted properly (descending order)
The address is zero
Thrown when no exit requests can be performed
The value for the operator limit is too high
index
uint256
The operator index
limit
uint256
The new limit provided
keyCount
uint256
The operator key count
The value for the limit is too low
index
uint256
The operator index
limit
uint256
The new limit provided
fundedKeyCount
uint256
The operator funded key count
The operator was not found
index
uint256
The provided index
The slice is outside of the initial bytes bounds
The length overflows an uint
The provided stopped validator count of an operator is above its funded validator count
operatorIndex
uint256
undefined
stoppedCount
uint32
undefined
fundedCount
uint32
undefined
The provided stopped validator count array is shrinking
Throw when an element in the stopped validator array is decreasing
Thrown when the number of elements in the array is too high compared to operator count
The operator is unauthorized for the caller
caller
address
Address performing the call
The provided list of operators is not in increasing order
Alluvial Finance Inc.
User Deposit Manager (v1)
This interface exposes methods to handle the inbound transfers cases or the explicit submissions
Explicit deposit method to mint on msg.sender
Explicit deposit method to mint on msg.sender and transfer to _recipient
User deposited ETH in the system
And empty deposit attempt was made
Alluvial Finance Inc.
Consensys Layer Deposit Manager Interface (v1)
This interface exposes methods to handle the interactions with the official deposit contract
Deposits current balance to the Consensus Layer by batches of 32 ETH
Returns the amount of ETH not yet committed for deposit
Returns the amount of ETH committed for deposit
Get the deposited validator count (the count of deposits made by the contract)
Get the keeper address
Retrieve the withdrawal credentials
The stored deposit contract address changed
Emitted when the deposited validator count is updated
The stored withdrawal credentials changed
An error occurred during the deposit
The length of the BLS Public key is invalid during deposit
The length of the BLS Signature is invalid during deposit
Invalid deposit root
The received count of public keys to deposit is invalid
The received count of signatures to deposit is invalid
The withdrawal credentials value is null
The internal key retrieval returned no keys
Not enough funds to deposit one validator
Alluvial Finance Inc.
Oracle Manager (v1)
This interface exposes methods to handle the inputs provided by the oracle
Retrieve the current cl spec
Get CL validator count (the amount of validator reported by the oracles)
Get CL validator total balance
Retrieve the current epoch id based on block timestamp
Retrieve the current frame details
Retrieve expected epoch id
Retrieve the first epoch id of the frame of the provided epoch id
Retrieve the last completed epoch id
Retrieve the last consensus layer report
Get oracle address
Retrieve the report bounds
Retrieve the block timestamp
Verifies if the provided epoch is valid
Set the oracle address
The consensus layer data provided by the oracle has been updated
The provided report has been processed
The Report Bounds are changed
The stored oracle address changed
The Consensus Layer Spec is changed
The total exited balance decreased
The total skimmed balance decreased
Thrown when an invalid epoch was reported
The reported validator count is invalid
The balance decrease is higher than the maximum allowed by the lower bound
The balance increase is higher than the maximum allowed by the upper bound
_recipient
address
Address receiving the minted LsETH
depositor indexed
address
Address performing the deposit
recipient indexed
address
Address receiving the minted shares
amount
uint256
Amount in ETH deposited
_maxCount
uint256
The maximum amount of validator keys to fund
_depositRoot
bytes32
The root of the deposit tree
_0
uint256
The amount of ETH not yet committed for deposit
_0
uint256
The amount of ETH committed for deposit
_0
uint256
The deposited validator count
_0
address
The keeper address
_0
bytes32
The withdrawal credentials
depositContract indexed
address
Address of the deposit contract
oldDepositedValidatorCount
uint256
The old deposited validator count value
newDepositedValidatorCount
uint256
The new deposited validator count value
withdrawalCredentials
bytes32
The withdrawal credentials to use for deposits
_0
CLSpec.CLSpecStruct
The Consensus Layer Specification
_0
uint256
The CL validator count
_0
uint256
The CL Validator total balance
_0
uint256
The current epoch id
_startEpochId
uint256
The epoch at the beginning of the frame
_startTime
uint256
The timestamp of the beginning of the frame in seconds
_endTime
uint256
The timestamp of the end of the frame in seconds
_0
uint256
The current expected epoch id
_epochId
uint256
Epoch id used to get the frame
_0
uint256
The first epoch id of the frame containing the given epoch id
_0
uint256
The last completed epoch id
_0
IOracleManagerV1.StoredConsensusLayerReport
The stored consensus layer report
_0
address
The oracle address
_0
ReportBounds.ReportBoundsStruct
The report bounds
_0
uint256
The current timestamp from the EVM context
epoch
uint256
The epoch to lookup
_0
bool
True if valid
_newValue
CLSpec.CLSpecStruct
undefined
_report
IOracleManagerV1.ConsensusLayerReport
undefined
_oracleAddress
address
Address of the oracle
_newValue
ReportBounds.ReportBoundsStruct
undefined
validatorCount
uint256
The new count of validators running on the consensus layer
validatorTotalBalance
uint256
The new total balance sum of all validators
roundId
bytes32
Round identifier
report
IOracleManagerV1.ConsensusLayerReport
The report that was provided
trace
IOracleManagerV1.ConsensusLayerDataReportingTrace
The trace structure providing more insights on internals
annualAprUpperBound
uint256
The reporting upper bound
relativeLowerBound
uint256
The reporting lower bound
oracleAddress indexed
address
The new oracle address
epochsPerFrame
uint64
The number of epochs inside a frame
slotsPerEpoch
uint64
The number of slots inside an epoch
secondsPerSlot
uint64
The number of seconds inside a slot
genesisTime
uint64
The genesis timestamp
epochsToAssumedFinality
uint64
The number of epochs before an epoch is considered final
currentValidatorsExitedBalance
uint256
The current exited balance
newValidatorsExitedBalance
uint256
The new exited balance
currentValidatorsSkimmedBalance
uint256
The current exited balance
newValidatorsSkimmedBalance
uint256
The new exited balance
epoch
uint256
Invalid epoch
providedValidatorCount
uint256
The received validator count value
depositedValidatorCount
uint256
The number of deposits performed by the system
lastReportedValidatorCount
uint256
The last reported validator count
prevTotalEthIncludingExited
uint256
The previous total balance, including all exited balance
postTotalEthIncludingExited
uint256
The post-report total balance, including all exited balance
timeElapsed
uint256
The time in seconds since last report
relativeLowerBound
uint256
The lower bound value that was used
prevTotalEthIncludingExited
uint256
The previous total balance, including all exited balance
postTotalEthIncludingExited
uint256
The post-report total balance, including all exited balance
timeElapsed
uint256
The time in seconds since last report
annualAprUpperBound
uint256
The upper bound value that was used
Alluvial Finance Inc.
River Interface (v1)
The main system interface
Retrieve the allowance value for a spender
_owner
address
Address that issued the allowance
_spender
address
Address that received the allowance
_0
uint256
The allowance in shares for a given spender
Approves an account for future spendings
An approved account can use transferFrom to transfer funds on behalf of the token owner
_spender
address
Address that is allowed to spend the tokens
_value
uint256
The allowed amount in shares, will override previous value
_0
bool
True if success
Retrieve the balance of an account
_owner
address
Address to be checked
_0
uint256
The balance of the account in shares
Retrieve the underlying asset balance of an account
_owner
address
Address to be checked
_0
uint256
The underlying balance of the account
Claims several redeem requests
_redeemRequestIds
uint32[]
The list of redeem requests to claim
_withdrawalEventIds
uint32[]
The list of resolved withdrawal event ids
claimStatuses
uint8[]
The operation status results
Retrieve the decimal count
_0
uint8
The decimal count
Decrease allowance to another account
_spender
address
Spender that receives the allowance
_subtractableValue
uint256
Amount of shares to subtract
_0
bool
True if success
Explicit deposit method to mint on msg.sender
Explicit deposit method to mint on msg.sender and transfer to _recipient
_recipient
address
Address receiving the minted LsETH
Deposits current balance to the Consensus Layer by batches of 32 ETH
_maxCount
uint256
The maximum amount of validator keys to fund
_depositRoot
bytes32
The root of the deposit tree
Retrieve the allowlist address
_0
address
The allowlist address
Returns the amount of ETH not yet committed for deposit
_0
uint256
The amount of ETH not yet committed for deposit
Retrieve the current balance to redeem
_0
uint256
The current balance to redeem
Retrieve the current cl spec
_0
CLSpec.CLSpecStruct
The Consensus Layer Specification
Get CL validator count (the amount of validator reported by the oracles)
_0
uint256
The CL validator count
Get CL validator total balance
_0
uint256
The CL Validator total balance
Retrieve the collector address
_0
address
The collector address
Returns the amount of ETH committed for deposit
_0
uint256
The amount of ETH committed for deposit
Retrieve the coverage fund
_0
address
The coverage fund address
Retrieve the current epoch id based on block timestamp
_0
uint256
The current epoch id
Retrieve the current frame details
_startEpochId
uint256
The epoch at the beginning of the frame
_startTime
uint256
The timestamp of the beginning of the frame in seconds
_endTime
uint256
The timestamp of the end of the frame in seconds
Retrieve the configured daily committable limits
_0
DailyCommittableLimits.DailyCommittableLimitsStruct
The daily committable limits structure
Get the deposited validator count (the count of deposits made by the contract)
_0
uint256
The deposited validator count
Retrieve the execution layer fee recipient
_0
address
The execution layer fee recipient address
Retrieve expected epoch id
_0
uint256
The current expected epoch id
Retrieve the first epoch id of the frame of the provided epoch id
_epochId
uint256
Epoch id used to get the frame
_0
uint256
The first epoch id of the frame containing the given epoch id
Get the current global fee
_0
uint256
The global fee
Get the keeper address
_0
address
The keeper address
Retrieve the last completed epoch id
_0
uint256
The last completed epoch id
Retrieve the last consensus layer report
_0
IOracleManagerV1.StoredConsensusLayerReport
The stored consensus layer report
Retrieve the metadata uri string value
_0
string
The metadata uri string value
Retrieve the operators registry
_0
address
The operators registry address
Get oracle address
_0
address
The oracle address
Retrieve the redeem manager
_0
address
The redeem manager address
Retrieve the report bounds
_0
ReportBounds.ReportBoundsStruct
The report bounds
Retrieve the block timestamp
_0
uint256
The current timestamp from the EVM context
Retrieve the withdrawal credentials
_0
bytes32
The withdrawal credentials
Increase allowance to another account
_spender
address
Spender that receives the allowance
_additionalValue
uint256
Amount of shares to add
_0
bool
True if success
Initializes the River system
_depositContractAddress
address
Address to make Consensus Layer deposits
_elFeeRecipientAddress
address
Address that receives the execution layer fees
_withdrawalCredentials
bytes32
Credentials to use for every validator deposit
_oracleAddress
address
The address of the Oracle contract
_systemAdministratorAddress
address
Administrator address
_allowlistAddress
address
Address of the allowlist contract
_operatorRegistryAddress
address
Address of the operator registry
_collectorAddress
address
Address receiving the the global fee on revenue
_globalFee
uint256
Amount retained when the ETH balance increases and sent to the collector
Initialized version 1.1 of the River System
_redeemManager
address
The redeem manager address
_epochsPerFrame
uint64
The amounts of epochs in a frame
_slotsPerEpoch
uint64
The slots inside an epoch
_secondsPerSlot
uint64
The seconds inside a slot
_genesisTime
uint64
The genesis timestamp
_epochsToAssumedFinality
uint64
The number of epochs before an epoch is considered final on-chain
_annualAprUpperBound
uint256
The reporting upper bound
_relativeLowerBound
uint256
The reporting lower bound
maxDailyNetCommittableAmount
uint128
The net daily committable limit
maxDailyRelativeCommittableAmount
uint128
The relative daily committable limit
Initializes version 1.2 of the River System
Verifies if the provided epoch is valid
epoch
uint256
The epoch to lookup
_0
bool
True if valid
Retrieve the token name
_0
string
The token name
Performs a redeem request on the redeem manager
_lsETHAmount
uint256
The amount of LsETH to redeem
_recipient
address
The address that will own the redeem request
redeemRequestId
uint32
The ID of the newly created redeem request
Resolves the provided redeem requests by calling the redeem manager
_redeemRequestIds
uint32[]
The list of redeem requests to resolve
withdrawalEventIds
int64[]
The list of matching withdrawal events, or error codes
Input for consensus layer funds, containing both exit and skimming
Input for coverage funds
Input for execution layer fee earnings
Input for the redeem manager funds
Changes the allowlist address
_newAllowlist
address
New address for the allowlist
_newValue
CLSpec.CLSpecStruct
undefined
Changes the collector address
_newCollector
address
New address for the collector
_report
IOracleManagerV1.ConsensusLayerReport
undefined
Changes the coverage fund
_newCoverageFund
address
New address for the fund
_dcl
DailyCommittableLimits.DailyCommittableLimitsStruct
undefined
Changes the execution layer fee recipient
_newELFeeRecipient
address
New address for the recipient
Changes the global fee parameter
_newFee
uint256
New fee value
Sets the metadata uri string value
_metadataURI
string
The new metadata uri string value
Set the oracle address
_oracleAddress
address
Address of the oracle
_newValue
ReportBounds.ReportBoundsStruct
undefined
Retrieve the shares count from an underlying asset amount
_underlyingAssetAmount
uint256
Amount of underlying asset to convert
_0
uint256
The amount of shares worth the underlying asset amount
Retrieve the token symbol
_0
string
The token symbol
Retrieve the total token supply
_0
uint256
The total supply in shares
Retrieve the total underlying asset supply
_0
uint256
The total underlying asset supply
Performs a transfer from the message sender to the provided account
_to
address
Address receiving the tokens
_value
uint256
Amount of shares to be sent
_0
bool
True if success
Performs a transfer between two recipients
_from
address
Address sending the tokens
_to
address
Address receiving the tokens
_value
uint256
Amount of shares to be sent
_0
bool
True if success
Retrieve the underlying asset balance from an amount of shares
_shares
uint256
Amount of shares to convert
_0
uint256
The underlying asset balance represented by the shares
Emitted when the allowance of a spender for an owner is set by a call to {approve}. value is the new allowance.
owner indexed
address
undefined
spender indexed
address
undefined
value
uint256
undefined
The consensus layer data provided by the oracle has been updated
validatorCount
uint256
The new count of validators running on the consensus layer
validatorTotalBalance
uint256
The new total balance sum of all validators
roundId
bytes32
Round identifier
The provided report has been processed
report
IOracleManagerV1.ConsensusLayerReport
The report that was provided
trace
IOracleManagerV1.ConsensusLayerDataReportingTrace
The trace structure providing more insights on internals
Emitted when funds are pulled from the CL recipient
pulledSkimmedEthAmount
uint256
The amount of skimmed ETH pulled
pullExitedEthAmount
uint256
The amount of exited ETH pulled
Funds have been pulled from the Coverage Fund
amount
uint256
The amount pulled
Funds have been pulled from the Execution Layer Fee Recipient
amount
uint256
The amount pulled
Emitted when funds are pulled from the redeem manager
amount
uint256
The amount pulled
Emitted when the redeem manager received a withdraw event report
redeemManagerDemand
uint256
The total demand in LsETH of the redeem manager
suppliedRedeemManagerDemand
uint256
The amount of LsETH demand actually supplied
suppliedRedeemManagerDemandInEth
uint256
The amount in ETH of the supplied demand
The system underlying supply increased. This is a snapshot of the balances for accounting purposes
_collector indexed
address
The address of the collector during this event
_oldTotalUnderlyingBalance
uint256
Old total ETH balance under management by River
_oldTotalSupply
uint256
Old total supply in shares
_newTotalUnderlyingBalance
uint256
New total ETH balance under management by River
_newTotalSupply
uint256
New total supply in shares
The stored Allowlist has been changed
allowlist indexed
address
The new Allowlist
Emitted when the balance committed to deposit
oldAmount
uint256
The old balance committed to deposit
newAmount
uint256
The new balance committed to deposit
Emitted when the balance to deposit is updated
oldAmount
uint256
The old balance to deposit
newAmount
uint256
The new balance to deposit
Emitted when the balance to redeem is updated
oldAmount
uint256
The old balance to redeem
newAmount
uint256
The new balance to redeem
The Report Bounds are changed
annualAprUpperBound
uint256
The reporting upper bound
relativeLowerBound
uint256
The reporting lower bound
The stored Collector has been changed
collector indexed
address
The new Collector
The stored Coverage Fund has been changed
coverageFund indexed
address
The new Coverage Fund
The stored deposit contract address changed
depositContract indexed
address
Address of the deposit contract
Emitted when the deposited validator count is updated
oldDepositedValidatorCount
uint256
The old deposited validator count value
newDepositedValidatorCount
uint256
The new deposited validator count value
The stored Execution Layer Fee Recipient has been changed
elFeeRecipient indexed
address
The new Execution Layer Fee Recipient
The stored Global Fee has been changed
fee
uint256
The new Global Fee
Emitted when the daily committable limits are changed
minNetAmount
uint256
The minimum amount that must be used as the daily committable amount
maxRelativeAmount
uint256
The maximum amount that can be used as the daily committable amount, relative to the total underlying supply
The stored Metadata URI string has been changed
metadataURI
string
The new Metadata URI string
The stored Operators Registry has been changed
operatorRegistry indexed
address
The new Operators Registry
The stored oracle address changed
oracleAddress indexed
address
The new oracle address
Emitted when the redeem manager address is changed
redeemManager
address
The address of the redeem manager
The Consensus Layer Spec is changed
epochsPerFrame
uint64
The number of epochs inside a frame
slotsPerEpoch
uint64
The number of slots inside an epoch
secondsPerSlot
uint64
The number of seconds inside a slot
genesisTime
uint64
The genesis timestamp
epochsToAssumedFinality
uint64
The number of epochs before an epoch is considered final
Emitted when the total supply is changed
totalSupply
uint256
undefined
The stored withdrawal credentials changed
withdrawalCredentials
bytes32
The withdrawal credentials to use for deposits
Emitted when value tokens are moved from one account (from) to another (to). Note that value may be zero.
from indexed
address
undefined
to indexed
address
undefined
value
uint256
undefined
User deposited ETH in the system
depositor indexed
address
Address performing the deposit
recipient indexed
address
Address receiving the minted shares
amount
uint256
Amount in ETH deposited
Allowance too low to perform operation
_from
address
Account where funds are sent from
_operator
address
Account attempting the transfer
_allowance
uint256
Current allowance
_value
uint256
Requested transfer value in shares
Balance too low to perform operation
The access was denied
account
address
The account that was denied
And empty deposit attempt was made
An error occurred during the deposit
The length of the BLS Public key is invalid during deposit
The length of the BLS Signature is invalid during deposit
The total exited balance decreased
currentValidatorsExitedBalance
uint256
The current exited balance
newValidatorsExitedBalance
uint256
The new exited balance
The total skimmed balance decreased
currentValidatorsSkimmedBalance
uint256
The current exited balance
newValidatorsSkimmedBalance
uint256
The new exited balance
Invalid deposit root
Thrown when an invalid epoch was reported
epoch
uint256
Invalid epoch
The received count of public keys to deposit is invalid
Thrown when the amount received from the Withdraw contract doe not match the requested amount
requested
uint256
The amount that was requested
received
uint256
The amount that was received
The received count of signatures to deposit is invalid
The reported validator count is invalid
providedValidatorCount
uint256
The received validator count value
depositedValidatorCount
uint256
The number of deposits performed by the system
lastReportedValidatorCount
uint256
The last reported validator count
The withdrawal credentials value is null
The internal key retrieval returned no keys
Not enough funds to deposit one validator
Invalid empty transfer
The balance decrease is higher than the maximum allowed by the lower bound
prevTotalEthIncludingExited
uint256
The previous total balance, including all exited balance
postTotalEthIncludingExited
uint256
The post-report total balance, including all exited balance
timeElapsed
uint256
The time in seconds since last report
relativeLowerBound
uint256
The lower bound value that was used
The balance increase is higher than the maximum allowed by the upper bound
prevTotalEthIncludingExited
uint256
The previous total balance, including all exited balance
postTotalEthIncludingExited
uint256
The post-report total balance, including all exited balance
timeElapsed
uint256
The time in seconds since last report
annualAprUpperBound
uint256
The upper bound value that was used
Invalid transfer recipients
_from
address
Account sending the funds in the invalid transfer
_to
address
Account receiving the funds in the invalid transfer
The computed amount of shares to mint is 0
Oracle Members Storage
Utility to manage the Oracle Members in storage
There can only be up to 256 oracle members. This is due to how report statuses are stored in Reports Positions
Allowlist Address Storage
Utility to manage the Allowlist Address in storage
Buffered Exceeding Eth storage
Redeem Manager utility to manage the exceeding ETH with a redeem request
Consensus Layer Validator Count Storage
Utility to manage the Consensus Layer Validator Count in storageThis state variable is deprecated and was kept due to migration logic needs