Summary
Authorize the PoolRecoveryHelper contract to put Weighted and ComposableStable pools in Recovery Mode
Authorize Balancer Labs Ops Multisig to manage the RecoveryModeEnabler contract
Motivation
It has recently come to our attention that rate providers can cause some operations to revert if the call to getRate reverts. This goes undetected by most order routing algorithms, which assume rates change slowly and only use the pool’s internal rate cache for estimating the expected outputs of a transaction.
In order to prevent pools with faulty rate providers from interfering with order routing algorithms, Balancer Labs has developed the PoolRecoveryHelper, a smart contract which performs checks on all rate providers of a given pool and puts the pool into Recovery Mode if one of the rate providers reverts.
The notion of Recovery Mode was introduced in recent pool factories. Only addresses authorized by Balancer Governance can put pools in Recovery Mode.
When a pool enters Recovery Mode, any protocol fees it owes at that time are forfeited and a new exit kind is enabled, that bypasses updating the rate cache.
When a pool is put in Recovery Mode, this fact is recorded in the subgraph and order routing algorithms can ignore the pool.
The PoolRecoveryHelper contract is permissionless. Anyone can trigger a check, but the pool will only be put in Recovery Mode in the event that the rate provider required for that pool to work properly reverts.
The contract can only interact with pools deployed from a set of factories. The initial set includes the ComposableStable and Weighted pool factories deployed in September. If approved, this proposal will also authorize the Balancer Labs Ops Multisig to add/remove factories to/from this set - but in addition to that safety mechanism, permissions will still have to be granted by Governance for each new factory individually just like in this proposal.
Specification
Grant the following roles to the PoolRecoveryHelpers on each network
| Network | Pool | Function | Role (action ID) | PoolRecoveryHelper |
|---|---|---|---|---|
| Mainnet | ComposableStable | enableRecoveryMode | 0xf6ef25118c39f2bdb1d07df32f8b885c2bb50bddc0ab9594195de1e669da06c1 | 0x1b300C86980a5195bCF49bD419A068D98dC133Db |
| Mainnet | Weighted | enableRecoveryMode | 0x55abd0742bbd2833fbad5758d69eacae7376eacf1d04bcdfe8f77321d0673677 | 0x1b300C86980a5195bCF49bD419A068D98dC133Db |
| Polygon | ComposableStable | enableRecoveryMode | 0xcd992f1bd63b3928b4bd25a59ac9561f702f6a144e2ec542a0f923ddffb79722 | 0x495F696430F4A51F7fcB98FbE68a9Cb7A07fB1bA |
| Polygon | Weighted | enableRecoveryMode | 0x9436cac93d8367398a12c7c8d6f93997dbc9979098589424940bead9f87bcb59 | 0x495F696430F4A51F7fcB98FbE68a9Cb7A07fB1bA |
| Arbitrum | ComposableStable | enableRecoveryMode | 0xcbe9cebc4f91f7165ea5e4f69b52df3f2ece32ffa2ea75701ece149b4ab59b28 | 0xb5e56CC3d2e38e53b1166175C59e921A37cDC1E2 |
| Arbitrum | Weighted | enableRecoveryMode | 0xe677a5af244fbd50b51cf114dd0bdbf7b73c262382c7704c359c6c2148820d33 | 0xb5e56CC3d2e38e53b1166175C59e921A37cDC1E2 |
| Optimism | ComposableStable | enableRecoveryMode | 0xa0bf4d17d2c334481887d815db60045ccbed929ffaf7204b103fdaf02da1165e | 0x26743984e3357eFC59f2fd6C1aFDC310335a61c9 |
| Optimism | Weighted | enableRecoveryMode | 0x72ac4e6734d7f5c8438012f806375e41f179f0b682e4a0f03a91a82daed5e459 | 0x26743984e3357eFC59f2fd6C1aFDC310335a61c9 |
Grant the following roles to the Balancer Labs Ops Multisigs on each network
| Network | Function | Role (action ID) | BLabs Ops Multisig |
|---|---|---|---|
| Mainnet | addPoolFactory | 0xbc33dd383590d6f85727901da00e6971ba3af5561e93a485f41a82a94137cf47 | 0x02f35dA6A02017154367Bc4d47bb6c7D06C7533B |
| Mainnet | removePoolFactory | 0x2ee7ebfa3c3d2e030256ae85768e5434350a58e9284ac5bec2d6b7efa01819e3 | 0x02f35dA6A02017154367Bc4d47bb6c7D06C7533B |
| Polygon | addPoolFactory | 0xf8c9fae4bc5fe8eb74e5f0fb4987c5acea8dc1f798738132ea5a3ac3e5018eeb | 0xf9D6BdE5c2eef334AC88204CB2eEc07111DCBA97 |
| Polygon | removePoolFactory | 0xea0664145ce82f191154e8809da2fda36a9dcb1175dea294fc0e712e6f1ea6ad | 0xf9D6BdE5c2eef334AC88204CB2eEc07111DCBA97 |
| Arbitrum | addPoolFactory | 0xda62096c4d8f1d48218270a8cfece514fe2fb09e756e8d76aa98186a68f5c35c | 0x56ebA8dcDcEC3161Dd220c4B4131c27aF201F892 |
| Arbitrum | removePoolFactory | 0xa450560b4243ca4b627c589e0f1f51c3022ac250bb247dc70009744aee0fe13b | 0x56ebA8dcDcEC3161Dd220c4B4131c27aF201F892 |
| Optimism | addPoolFactory | 0x9e87510ecbff1f510fd37073c7c39868559afdb91e4876854c8b6b0e3d2cb6fb | 0xFB2ac3989B6AD0e043a8958004484d6BAAb2c6Ab |
| Optimism | removePoolFactory | 0x4c27b95c60e628aa279735e55e6480657fc5766bb0b6b583b8ecccbc07930c1d | 0xFB2ac3989B6AD0e043a8958004484d6BAAb2c6Ab |
edit: fixed the description of recovery mode