Skip to content
/ mtoken-fixes Public

Upgrades to mToken contracts on Moonbeam to support Nomad remediation

License

BSD-3-Clause license
3 stars 2 forks Branches Tags Activity
Star
Notifications You must be signed in to change notification settings

moonwell-fi/mtoken-fixes

BranchesTags

Folders and files

NameName
Last commit message
Last commit date

Latest commit

 

History

201 Commits
.github/workflows
.github/workflows
 
 
MutationTestOutput
MutationTestOutput
 
 
addresses
addresses
 
 
certora
certora
 
 
lib
lib
 
 
script
script
 
 
src
src
 
 
test
test
 
 
.gitignore
.gitignore
 
 
.gitmodules
.gitmodules
 
 
LICENSE
LICENSE
 
 
README.md
README.md
 
 
foundry.toml
foundry.toml
 
 
remappings.txt
remappings.txt
 
 
runMutation.sh
runMutation.sh
 
 

Repository files navigation

Moonwell Protocol

Contest Details

This contest will be focused on two main changes to the Moonwell protocol on Moonbeam. The first change is to upgrade the mTokens to a new implementation, and the second change is to liquidate bad debt from the protocol. Two separate contracts will be used to upgrade existing contracts, and a governance proposal will be used to liquidate bad debt should the DAO choose to ratify these changes.

Prize Pool

  • Total Pool -

  • H/M - $14,000

  • Low - $1,000

  • Starts: March 4th, 2024

  • Ends: March 11th, 2024

Stats

nSLOC: 260 Complexity Score: 260 SLOC: 38.07 Complexity: 57.69

About the Project

Moonwell is an open and decentralized lending and borrowing protocol built on Base, Moonbeam, and Moonriver. The app's intuitive design ensures a streamlined user experience, enabling everyone to do more with their digital assets. Moonwell is a fork of Compound, and naming has been modified from cTokens to mTokens, which are interest bearing tokens that represent the underlying asset.

Documentation

Website

Twitter

GitHub

Compatibilities

Compatibilities: Blockchains: - Ethereum/Any EVM - Moonbeam Tokens: - ERC20 standard implementations (including Moonbeam pre-compile) - Non standard ERC20 implmentations such as fee-on-transfer or no boolean returned on transfer or transferFrom not supported.

Actors

There are two main actors in the Moonwell protocol:

  • privileged actors: this is the timelock and the guardian, which are able to execute certain functions on the protocol
  • users: these are the people who interact with the protocol, by either supplying or borrowing assets from the protocol

Scope

The scope of this audit is to verify that the changes to the Moonwell protocol mTokens are implemented according to specifications and that no security vulnerabilities are introduced in the process.

Setup

To run the integration tests, run the following command:

forge test --match-contract MIPM17IntegrationTest --fork-url moonbeam

To run the Certora Prover and see the result of formal verification, run the following commands:

certoraRun certora/confs/SharePrice.conf

certoraRun certora/confs/MErc20DelegateFixer.conf

Governance Proposal

This proposal will remove all Nomad collateral from .mad mTokens, sending the underlying to the community multisig, and zero all borrows from users with bad debt.

In order to allow mToken collateral sweeping and bad debt write offs, the mTokens will have their implementations upgraded.

This will stop further issues and to allow the exchange rates of the assets to stay the same post proposal. Interest Rate Models may need to be changed in order to stop rate spikes due to changes in supply and borrow amounts.

See this forum post for additional information.

Delegate Bad Debt Fixer

This proposal changes the logic contract that is used by both the mFRAX and mxcDOT to a new MErc20DelegateFixer contract. This contract will allow the bad debt to be repaid with reserves or user supplied cash, and will allow the bad debt to be written off so no further interest accrues because of this bad debt.

Delegate Nomad Fixer

This proposal also upgrades the logic contract for the .mad mTokens to a new MErc20DelegateMadFixer contract. This contract will allow the Nomad collateral to be swept to the community multisig. After the collateral is swept, the share price will change, however this is not of concern as the collateral is being removed from the system, and the .mad mTokens will no longer allow users the ability to redeem the mTokens for their underlying.

Storage Offset Verification

This proposal changes the logic contract that is used by the MErc20Delegator with two new MErc20Delegate contracts. To verify the storage slot offsets between the new and the old contracts remain unchanged, the following commands can be run:

slither src/OriginalMToken.sol --print variable-order

Then running slither on the new contracts and comparing the output to ensure no storage slots from 0 to 19 have been changed.

slither src/MErc20DelegateFixer.sol --print variable-order

diffing the output, we can see that the 20th slot has been added in the DelegateFixer.

< MErc20Delegate:
---
> MErc20DelegateFixer:
63a58
> |        MErc20DelegateFixer.badDebt        |                     uint256                      |  20  |   0    |
64a60,74
>

The only other difference is the name change of the contract.

To view the diff of the storage slots of the .mad MToken fixer contract, run the following command:

slither src/MErc20DelegateMadFixer.sol --print variable-order

1c1,9
< ComptrollerErrorReporter:
---
> INFO:Printers:
> ComptrollerInterface:
> +--------------------------------+--------+------+--------+
> |              Name              |  Type  | Slot | Offset |
> +--------------------------------+--------+------+--------+
> | ComptrollerInterface.gasAmount | uint16 |  0   |   0    |
> +--------------------------------+--------+------+--------+
> 
> EIP20Interface:
13c21
< EIP20Interface:
---
> ComptrollerErrorReporter:
19,25d26
< ComptrollerInterface:
< +--------------------------------+--------+------+--------+
< |              Name              |  Type  | Slot | Offset |
< +--------------------------------+--------+------+--------+
< | ComptrollerInterface.gasAmount | uint16 |  0   |   0    |
< +--------------------------------+--------+------+--------+
< 
32,39c33
< MDelegatorInterface:
< +-----------------------------------+---------+------+--------+
< |                Name               |   Type  | Slot | Offset |
< +-----------------------------------+---------+------+--------+
< | MDelegationStorage.implementation | address |  0   |   0    |
< +-----------------------------------+---------+------+--------+
< 
< MErc20Delegate:
---
> MErc20DelegateMadFixer:
64a59,67
> 
> MDelegatorInterface:
> +-----------------------------------+---------+------+--------+
> |                Name               |   Type  | Slot | Offset |
> +-----------------------------------+---------+------+--------+
> | MDelegationStorage.implementation | address |  0   |   0    |
> +-----------------------------------+---------+------+--------+
> 
>

The only difference between the contracts are the contract names. The storage offsets remain unchanged. MDelegatorInterface and ComptrollerInterface can be safely ignored as they are not inherited and thus do not affect storage slots.

Contract Diffing

To verify the source code changes between the new and old contracts, the diff can be viewed for the MErc20DelegateFixer and MErc20DelegateMadFixer.

Integration Testing

In order to integration test the new contracts, run the following command:

forge test --match-contract MIPM17IntegrationTest --fork-url https://rpc.api.moonbeam.network -vvv

Invariants

The following invariants must hold true immediately after the contracts are upgraded:

  • no state variables are changed
  • storage offsets are not changed
  • only one new variable has been added
  • exchange rate cannot change from calling functions repayBadDebtWithCash, repayBadDebtWithReserves, or fixUser.
  • If bad debt is repaid with reserves, the reserves must be decreased by the same amount as the bad debt.
  • if cash is used to repay bad debt, the underlying must be increased by the amount the bad debt decreased.

The following invariants must remain true after the governance proposal is executed:

  • total borrows equals the sum of borrow balance for all users borrowing
  • total supply equals the sum of supply balance for all users supplying
  • exchange rate is the same as before the proposal for non .mad MTokens, mFRAX and mxcDOT

Formal Verification

The new functions repayBadDebtWithCash, repayBadDebtWithReserves, and fixUser have been verified using formal verification. The latest run can be found here;

The specifications can be found in these files.

The prover can be run with the following commands:

certoraRun certora/confs/SharePrice.conf 

certoraRun certora/confs/MErc20DelegateFixer.conf

Mutation Testing

Use certora gambit to generate mutaions for MErc20DelegateFixer and then run each mutation against unit, integration tests and formal specification using runMutation script. The script generates a Result.txt file which stores following details for each mutations:

  • mutant diff with original contract
  • unit/integration test results with number and list of failing tests if any
  • result of certora formal verification against mutant with details such as number of failed rules, their list and certora prover cli job url

Finally it logs total number of failed mutations.

Follow these steps to run the mutation test scripts:

Run certora gambit to generate mutants

gambit mutate --filename src/MErc20DelegateFixer.sol

Run script

sh runMutation.sh

Deployment

Run the following commands to deploy the new contracts:

forge script script/GovernorBravo.s.sol:GovernorBravoScript -vvvv --rpc-url moonbeam --broadcast --verify --etherscan-api-key {key}

To dry run the deployment and verify the calldata, run the following command:

forge script script/GovernorBravo.s.sol:GovernorBravoScript -vvvv --rpc-url moonbeam

Note, your calldata may differ as the contract addresses are not known in advance, however the number of actions should stay the same, and the user liquidation calldata should be unchanged.

Proposal Actions and Calldata

Running the script should output the following calldata and proposal actions:

Proposal Description:

# MIP-M17: Redemption and Reallocation of Nomad Collateral and Protocol Reserves for FRAX Market Enhancement (Proposal 2)

## Overview

This proposal will remove all collateral mTokens from users with bad debt from all markets, sending them to the community multisig. In order to allow mToken collateral sweeping and bad debt write offs, the mTokens will have their implementations upgraded. This will stop further issues and allow the exchange rates of the assets to stay the same post-proposal.

Following the passing of the signaling snapshot [poll](https://snapshot.org/#/moonwell-governance.eth/proposal/0xe30b2ec324ad04397eb864dd464d3f57f44c63ccf684c9a126f9dd34908fd5c7), this governance proposal is being created to execute the second step in restoring liquidity to the markets.

Please see the forum post [here](https://forum.moonwell.fi/t/request-for-proposal-rfp-redemption-and-reallocation-of-nomad-collateral-and-protocol-reserves-for-frax-market-enhancement/746/3) for further details on this governance proposal.

  

------------------ Proposal Actions ------------------
  1). Upgrade MErc20Delegate for mFRAX to MErc20DelegateFixer
  target: 0x1C55649f73CDA2f72CEf3DD6C5CA3d49EFcF484C
payload
  0x555bcc4000000000000000000000000034a1d3fff3958843c43ad80f30b94c510645c316000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000600000000000000000000000000000000000000000000000000000000000000000
  

  2). Upgrade MErc20Delegate for mxcDOT to MErc20DelegateFixer
  target: 0xD22Da948c0aB3A27f5570b604f3ADef5F68211C3
payload
  0x555bcc4000000000000000000000000034a1d3fff3958843c43ad80f30b94c510645c316000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000600000000000000000000000000000000000000000000000000000000000000000
  

  3). Liquidate bad mFRAX debt for user: 0xe0b2026e3db1606ef0beb764ccdf7b3cee30db4a
  target: 0x1C55649f73CDA2f72CEf3DD6C5CA3d49EFcF484C
payload
  0x28d8cd8c000000000000000000000000949d6a0e3b1064d498d529a388b953b344cd13f7000000000000000000000000e0b2026e3db1606ef0beb764ccdf7b3cee30db4a
  

  4). Liquidate bad mFRAX debt for user: 0xccb8e090fe070945cc0131a075b6e1ea8f208812
  target: 0x1C55649f73CDA2f72CEf3DD6C5CA3d49EFcF484C
payload
  0x28d8cd8c000000000000000000000000949d6a0e3b1064d498d529a388b953b344cd13f7000000000000000000000000ccb8e090fe070945cc0131a075b6e1ea8f208812
  

  5). Liquidate bad mFRAX debt for user: 0x7ecf0bf3d94dce4838d57b63dc96d6ddc2cc63e7
  target: 0x1C55649f73CDA2f72CEf3DD6C5CA3d49EFcF484C
payload
  0x28d8cd8c000000000000000000000000949d6a0e3b1064d498d529a388b953b344cd13f70000000000000000000000007ecf0bf3d94dce4838d57b63dc96d6ddc2cc63e7
  

  6). Liquidate bad mFRAX debt for user: 0x6a67a0e5265730952ed7dd648aed357c7444999e
  target: 0x1C55649f73CDA2f72CEf3DD6C5CA3d49EFcF484C
payload
  0x28d8cd8c000000000000000000000000949d6a0e3b1064d498d529a388b953b344cd13f70000000000000000000000006a67a0e5265730952ed7dd648aed357c7444999e
  

  7). Liquidate bad mFRAX debt for user: 0xaaddc55883b7df9944d54c20f2822f476673cbc0
  target: 0x1C55649f73CDA2f72CEf3DD6C5CA3d49EFcF484C
payload
  0x28d8cd8c000000000000000000000000949d6a0e3b1064d498d529a388b953b344cd13f7000000000000000000000000aaddc55883b7df9944d54c20f2822f476673cbc0
  

  8). Liquidate bad mFRAX debt for user: 0x7c976f00e84db0b44f945fc6d7fad34b43150a1a
  target: 0x1C55649f73CDA2f72CEf3DD6C5CA3d49EFcF484C
payload
  0x28d8cd8c000000000000000000000000949d6a0e3b1064d498d529a388b953b344cd13f70000000000000000000000007c976f00e84db0b44f945fc6d7fad34b43150a1a
  

  9). Liquidate bad mFRAX debt for user: 0x4f5ef03e870332a1b42453bbf57b8a041e89efe8
  target: 0x1C55649f73CDA2f72CEf3DD6C5CA3d49EFcF484C
payload
  0x28d8cd8c000000000000000000000000949d6a0e3b1064d498d529a388b953b344cd13f70000000000000000000000004f5ef03e870332a1b42453bbf57b8a041e89efe8
  

  10). Liquidate bad mFRAX debt for user: 0xa89da48796bb808cb9af3637ff7ab436f968c7d5
  target: 0x1C55649f73CDA2f72CEf3DD6C5CA3d49EFcF484C
payload
  0x28d8cd8c000000000000000000000000949d6a0e3b1064d498d529a388b953b344cd13f7000000000000000000000000a89da48796bb808cb9af3637ff7ab436f968c7d5
  

  11). Liquidate bad mFRAX debt for user: 0x54dc6782d6fc5fc05f8486d365186ff25cc44ba7
  target: 0x1C55649f73CDA2f72CEf3DD6C5CA3d49EFcF484C
payload
  0x28d8cd8c000000000000000000000000949d6a0e3b1064d498d529a388b953b344cd13f700000000000000000000000054dc6782d6fc5fc05f8486d365186ff25cc44ba7
  

  12). Liquidate bad mFRAX debt for user: 0x395ef2d7a5d499b62ac479064b7eaa51ae823a22
  target: 0x1C55649f73CDA2f72CEf3DD6C5CA3d49EFcF484C
payload
  0x28d8cd8c000000000000000000000000949d6a0e3b1064d498d529a388b953b344cd13f7000000000000000000000000395ef2d7a5d499b62ac479064b7eaa51ae823a22
  

  13). Liquidate bad mFRAX debt for user: 0xf4f1f5dd2801f94b732d240a46103089905ccd4e
  target: 0x1C55649f73CDA2f72CEf3DD6C5CA3d49EFcF484C
payload
  0x28d8cd8c000000000000000000000000949d6a0e3b1064d498d529a388b953b344cd13f7000000000000000000000000f4f1f5dd2801f94b732d240a46103089905ccd4e
  

  14). Liquidate bad mFRAX debt for user: 0x9f6dc2cf76fd22a0e5f11e0edde73502364ffbb8
  target: 0x1C55649f73CDA2f72CEf3DD6C5CA3d49EFcF484C
payload
  0x28d8cd8c000000000000000000000000949d6a0e3b1064d498d529a388b953b344cd13f70000000000000000000000009f6dc2cf76fd22a0e5f11e0edde73502364ffbb8
  

  15). Liquidate bad mFRAX debt for user: 0x57e421c8a16bf0a609ef87e296cb931113a5e3ed
  target: 0x1C55649f73CDA2f72CEf3DD6C5CA3d49EFcF484C
payload
  0x28d8cd8c000000000000000000000000949d6a0e3b1064d498d529a388b953b344cd13f700000000000000000000000057e421c8a16bf0a609ef87e296cb931113a5e3ed
  

  16). Liquidate bad mFRAX debt for user: 0x60298d41cef0759f1127fc5e48ba3b663a9e0889
  target: 0x1C55649f73CDA2f72CEf3DD6C5CA3d49EFcF484C
payload
  0x28d8cd8c000000000000000000000000949d6a0e3b1064d498d529a388b953b344cd13f700000000000000000000000060298d41cef0759f1127fc5e48ba3b663a9e0889
  

  17). Liquidate bad mFRAX debt for user: 0xa3db05c72c79d52d2d37170a342a2c21c5e5d7c0
  target: 0x1C55649f73CDA2f72CEf3DD6C5CA3d49EFcF484C
payload
  0x28d8cd8c000000000000000000000000949d6a0e3b1064d498d529a388b953b344cd13f7000000000000000000000000a3db05c72c79d52d2d37170a342a2c21c5e5d7c0
  

  18). Liquidate bad mFRAX debt for user: 0xd4d70647651e84536eb218d5889ab764115c4d82
  target: 0x1C55649f73CDA2f72CEf3DD6C5CA3d49EFcF484C
payload
  0x28d8cd8c000000000000000000000000949d6a0e3b1064d498d529a388b953b344cd13f7000000000000000000000000d4d70647651e84536eb218d5889ab764115c4d82
  

  19). Liquidate bad mFRAX debt for user: 0xdd15c08320f01f1b6348b35eebe29fdb5ca0cda6
  target: 0x1C55649f73CDA2f72CEf3DD6C5CA3d49EFcF484C
payload
  0x28d8cd8c000000000000000000000000949d6a0e3b1064d498d529a388b953b344cd13f7000000000000000000000000dd15c08320f01f1b6348b35eebe29fdb5ca0cda6
  

  20). Liquidate bad mFRAX debt for user: 0xcbc21fbf92519f6d90c05a6fda1a7cb72fa6e02b
  target: 0x1C55649f73CDA2f72CEf3DD6C5CA3d49EFcF484C
payload
  0x28d8cd8c000000000000000000000000949d6a0e3b1064d498d529a388b953b344cd13f7000000000000000000000000cbc21fbf92519f6d90c05a6fda1a7cb72fa6e02b
  

  21). Liquidate bad mFRAX debt for user: 0x6722ae8c7a49553f1a80153517d1cfeca7eca5f7
  target: 0x1C55649f73CDA2f72CEf3DD6C5CA3d49EFcF484C
payload
  0x28d8cd8c000000000000000000000000949d6a0e3b1064d498d529a388b953b344cd13f70000000000000000000000006722ae8c7a49553f1a80153517d1cfeca7eca5f7
  

  22). Liquidate bad mFRAX debt for user: 0x99b84a77f64e5acc269073cf082951c3ce57fe64
  target: 0x1C55649f73CDA2f72CEf3DD6C5CA3d49EFcF484C
payload
  0x28d8cd8c000000000000000000000000949d6a0e3b1064d498d529a388b953b344cd13f700000000000000000000000099b84a77f64e5acc269073cf082951c3ce57fe64
  

  23). Liquidate bad mFRAX debt for user: 0xf98a854bc00eaa854894d79e11315a2114c58120
  target: 0x1C55649f73CDA2f72CEf3DD6C5CA3d49EFcF484C
payload
  0x28d8cd8c000000000000000000000000949d6a0e3b1064d498d529a388b953b344cd13f7000000000000000000000000f98a854bc00eaa854894d79e11315a2114c58120
  

  24). Liquidate bad mFRAX debt for user: 0x175a795ef04bc146fd6d6f852e5adec8b356e310
  target: 0x1C55649f73CDA2f72CEf3DD6C5CA3d49EFcF484C
payload
  0x28d8cd8c000000000000000000000000949d6a0e3b1064d498d529a388b953b344cd13f7000000000000000000000000175a795ef04bc146fd6d6f852e5adec8b356e310
  

  25). Liquidate bad mxcDOT debt for user 0xdd15c08320f01f1b6348b35eebe29fdb5ca0cda6
  target: 0xD22Da948c0aB3A27f5570b604f3ADef5F68211C3
payload
  0x28d8cd8c000000000000000000000000949d6a0e3b1064d498d529a388b953b344cd13f7000000000000000000000000dd15c08320f01f1b6348b35eebe29fdb5ca0cda6
  

  26). Liquidate bad mxcDOT debt for user 0x51d7193812b5b70e5e30df5c18ac2062c5f51c5e
  target: 0xD22Da948c0aB3A27f5570b604f3ADef5F68211C3
payload
  0x28d8cd8c000000000000000000000000949d6a0e3b1064d498d529a388b953b344cd13f700000000000000000000000051d7193812b5b70e5e30df5c18ac2062c5f51c5e
  

  27). Liquidate bad mxcDOT debt for user 0xc265ba4d9ed33620978b03235fc9f5aa026da275
  target: 0xD22Da948c0aB3A27f5570b604f3ADef5F68211C3
payload
  0x28d8cd8c000000000000000000000000949d6a0e3b1064d498d529a388b953b344cd13f7000000000000000000000000c265ba4d9ed33620978b03235fc9f5aa026da275
  

  28). Liquidate bad mxcDOT debt for user 0x9f6dc2cf76fd22a0e5f11e0edde73502364ffbb8
  target: 0xD22Da948c0aB3A27f5570b604f3ADef5F68211C3
payload
  0x28d8cd8c000000000000000000000000949d6a0e3b1064d498d529a388b953b344cd13f70000000000000000000000009f6dc2cf76fd22a0e5f11e0edde73502364ffbb8
  

  29). Liquidate bad mxcDOT debt for user 0x3a531c90e52a02817c0d31794d0ac4ea35a66602
  target: 0xD22Da948c0aB3A27f5570b604f3ADef5F68211C3
payload
  0x28d8cd8c000000000000000000000000949d6a0e3b1064d498d529a388b953b344cd13f70000000000000000000000003a531c90e52a02817c0d31794d0ac4ea35a66602
  

  30). Liquidate bad mxcDOT debt for user 0x1fb540757cfd698b4a8f81e510ed09aa67a4f970
  target: 0xD22Da948c0aB3A27f5570b604f3ADef5F68211C3
payload
  0x28d8cd8c000000000000000000000000949d6a0e3b1064d498d529a388b953b344cd13f70000000000000000000000001fb540757cfd698b4a8f81e510ed09aa67a4f970
  

  31). Liquidate bad mxcDOT debt for user 0x396a6d7a33655c45044143cb8a812227bf279578
  target: 0xD22Da948c0aB3A27f5570b604f3ADef5F68211C3
payload
  0x28d8cd8c000000000000000000000000949d6a0e3b1064d498d529a388b953b344cd13f7000000000000000000000000396a6d7a33655c45044143cb8a812227bf279578
  

  32). Liquidate bad mxcDOT debt for user 0x1f93dc0e5f249c8961027d447c973b9ce7ab7366
  target: 0xD22Da948c0aB3A27f5570b604f3ADef5F68211C3
payload
  0x28d8cd8c000000000000000000000000949d6a0e3b1064d498d529a388b953b344cd13f70000000000000000000000001f93dc0e5f249c8961027d447c973b9ce7ab7366
  

  33). Liquidate bad mxcDOT debt for user 0xaaddc55883b7df9944d54c20f2822f476673cbc0
  target: 0xD22Da948c0aB3A27f5570b604f3ADef5F68211C3
payload
  0x28d8cd8c000000000000000000000000949d6a0e3b1064d498d529a388b953b344cd13f7000000000000000000000000aaddc55883b7df9944d54c20f2822f476673cbc0
  

  34). Liquidate bad mxcDOT debt for user 0xd2dff7007586be8f2e6cb84de65190b81adf6a9b
  target: 0xD22Da948c0aB3A27f5570b604f3ADef5F68211C3
payload
  0x28d8cd8c000000000000000000000000949d6a0e3b1064d498d529a388b953b344cd13f7000000000000000000000000d2dff7007586be8f2e6cb84de65190b81adf6a9b
  

  35). Liquidate bad mxcDOT debt for user 0x4f5ef03e870332a1b42453bbf57b8a041e89efe8
  target: 0xD22Da948c0aB3A27f5570b604f3ADef5F68211C3
payload
  0x28d8cd8c000000000000000000000000949d6a0e3b1064d498d529a388b953b344cd13f70000000000000000000000004f5ef03e870332a1b42453bbf57b8a041e89efe8
  

  36). Liquidate bad mxcDOT debt for user 0xd4d70647651e84536eb218d5889ab764115c4d82
  target: 0xD22Da948c0aB3A27f5570b604f3ADef5F68211C3
payload
  0x28d8cd8c000000000000000000000000949d6a0e3b1064d498d529a388b953b344cd13f7000000000000000000000000d4d70647651e84536eb218d5889ab764115c4d82
  

  37). Liquidate bad mxcDOT debt for user 0x985c3e74201d8c4907e7d8db06bb1f83639bef0c
  target: 0xD22Da948c0aB3A27f5570b604f3ADef5F68211C3
payload
  0x28d8cd8c000000000000000000000000949d6a0e3b1064d498d529a388b953b344cd13f7000000000000000000000000985c3e74201d8c4907e7d8db06bb1f83639bef0c
  

  38). Liquidate bad mxcDOT debt for user 0x8dfd78676fa1929d1c7b64fbd3133e3b4ec305b3
  target: 0xD22Da948c0aB3A27f5570b604f3ADef5F68211C3
payload
  0x28d8cd8c000000000000000000000000949d6a0e3b1064d498d529a388b953b344cd13f70000000000000000000000008dfd78676fa1929d1c7b64fbd3133e3b4ec305b3
  

  39). Liquidate bad mxcDOT debt for user 0xdc7428eeff0cdac1a45f310debb9af91708f47c9
  target: 0xD22Da948c0aB3A27f5570b604f3ADef5F68211C3
payload
  0x28d8cd8c000000000000000000000000949d6a0e3b1064d498d529a388b953b344cd13f7000000000000000000000000dc7428eeff0cdac1a45f310debb9af91708f47c9
  

  40). Liquidate bad mxcDOT debt for user 0x08c3e7b6e273d4434fa466ff23dba7c602a961a7
  target: 0xD22Da948c0aB3A27f5570b604f3ADef5F68211C3
payload
  0x28d8cd8c000000000000000000000000949d6a0e3b1064d498d529a388b953b344cd13f700000000000000000000000008c3e7b6e273d4434fa466ff23dba7c602a961a7
  

  41). Liquidate bad mxcDOT debt for user 0xf9923ae543f039c71cd1bbc95ee3db6f36afcce6
  target: 0xD22Da948c0aB3A27f5570b604f3ADef5F68211C3
payload
  0x28d8cd8c000000000000000000000000949d6a0e3b1064d498d529a388b953b344cd13f7000000000000000000000000f9923ae543f039c71cd1bbc95ee3db6f36afcce6
  

  42). Liquidate bad mxcDOT debt for user 0x3769859a5efa6133cd74c5eb5080f46beffb6cef
  target: 0xD22Da948c0aB3A27f5570b604f3ADef5F68211C3
payload
  0x28d8cd8c000000000000000000000000949d6a0e3b1064d498d529a388b953b344cd13f70000000000000000000000003769859a5efa6133cd74c5eb5080f46beffb6cef
  

  43). Liquidate bad mxcDOT debt for user 0xb3e6420941acc44c2996666b4b5c998c1545fc19
  target: 0xD22Da948c0aB3A27f5570b604f3ADef5F68211C3
payload
  0x28d8cd8c000000000000000000000000949d6a0e3b1064d498d529a388b953b344cd13f7000000000000000000000000b3e6420941acc44c2996666b4b5c998c1545fc19
  

  44). Liquidate bad mxcDOT debt for user 0x54dc6782d6fc5fc05f8486d365186ff25cc44ba7
  target: 0xD22Da948c0aB3A27f5570b604f3ADef5F68211C3
payload
  0x28d8cd8c000000000000000000000000949d6a0e3b1064d498d529a388b953b344cd13f700000000000000000000000054dc6782d6fc5fc05f8486d365186ff25cc44ba7
  

  45). Upgrade MErc20Delegate for mUSDC.mad to MErc20DelegateMadFixer
  target: 0x02e9081DfadD37A852F9a73C4d7d69e615E61334
payload
  0x555bcc40000000000000000000000000a8452ec99ce0c64f20701db7dd3abdb607c00496000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000600000000000000000000000000000000000000000000000000000000000000000
  

  46). Sweep all mUSDC.mad
  target: 0x02e9081DfadD37A852F9a73C4d7d69e615E61334
payload
  0xc18cfe86000000000000000000000000949d6a0e3b1064d498d529a388b953b344cd13f7
  

  47). Upgrade MErc20Delegate for mETH.mad to MErc20DelegateMadFixer
  target: 0xc3090f41Eb54A7f18587FD6651d4D3ab477b07a4
payload
  0x555bcc40000000000000000000000000a8452ec99ce0c64f20701db7dd3abdb607c00496000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000600000000000000000000000000000000000000000000000000000000000000000
  

  48). Sweep all mETH.mad
  target: 0xc3090f41Eb54A7f18587FD6651d4D3ab477b07a4
payload
  0xc18cfe86000000000000000000000000949d6a0e3b1064d498d529a388b953b344cd13f7
  

  49). Upgrade MErc20Delegate for mwBTC.mad to MErc20DelegateMadFixer
  target: 0x24A9d8f1f350d59cB0368D3d52A77dB29c833D1D
payload
  0x555bcc40000000000000000000000000a8452ec99ce0c64f20701db7dd3abdb607c00496000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000600000000000000000000000000000000000000000000000000000000000000000
  

  50). Sweep all mwBTC.mad
  target: 0x24A9d8f1f350d59cB0368D3d52A77dB29c833D1D
payload
  0xc18cfe86000000000000000000000000949d6a0e3b1064d498d529a388b953b344cd13f7
  

  Calldata for proposal:
  0xda95691a00000000000000000000000000000000000000000000000000000000000000a000000000000000000000000000000000000000000000000000000000000007000000000000000000000000000000000000000000000000000000000000000d600000000000000000000000000000000000000000000000000000000000001a000000000000000000000000000000000000000000000000000000000000003a4000000000000000000000000000000000000000000000000000000000000000320000000000000000000000001c55649f73cda2f72cef3dd6c5ca3d49efcf484c000000000000000000000000d22da948c0ab3a27f5570b604f3adef5f68211c30000000000000000000000001c55649f73cda2f72cef3dd6c5ca3d49efcf484c0000000000000000000000001c55649f73cda2f72cef3dd6c5ca3d49efcf484c0000000000000000000000001c55649f73cda2f72cef3dd6c5ca3d49efcf484c0000000000000000000000001c55649f73cda2f72cef3dd6c5ca3d49efcf484c0000000000000000000000001c55649f73cda2f72cef3dd6c5ca3d49efcf484c0000000000000000000000001c55649f73cda2f72cef3dd6c5ca3d49efcf484c0000000000000000000000001c55649f73cda2f72cef3dd6c5ca3d49efcf484c0000000000000000000000001c55649f73cda2f72cef3dd6c5ca3d49efcf484c0000000000000000000000001c55649f73cda2f72cef3dd6c5ca3d49efcf484c0000000000000000000000001c55649f73cda2f72cef3dd6c5ca3d49efcf484c0000000000000000000000001c55649f73cda2f72cef3dd6c5ca3d49efcf484c0000000000000000000000001c55649f73cda2f72cef3dd6c5ca3d49efcf484c0000000000000000000000001c55649f73cda2f72cef3dd6c5ca3d49efcf484c0000000000000000000000001c55649f73cda2f72cef3dd6c5ca3d49efcf484c0000000000000000000000001c55649f73cda2f72cef3dd6c5ca3d49efcf484c0000000000000000000000001c55649f73cda2f72cef3dd6c5ca3d49efcf484c0000000000000000000000001c55649f73cda2f72cef3dd6c5ca3d49efcf484c0000000000000000000000001c55649f73cda2f72cef3dd6c5ca3d49efcf484c0000000000000000000000001c55649f73cda2f72cef3dd6c5ca3d49efcf484c0000000000000000000000001c55649f73cda2f72cef3dd6c5ca3d49efcf484c0000000000000000000000001c55649f73cda2f72cef3dd6c5ca3d49efcf484c0000000000000000000000001c55649f73cda2f72cef3dd6c5ca3d49efcf484c000000000000000000000000d22da948c0ab3a27f5570b604f3adef5f68211c3000000000000000000000000d22da948c0ab3a27f5570b604f3adef5f68211c3000000000000000000000000d22da948c0ab3a27f5570b604f3adef5f68211c3000000000000000000000000d22da948c0ab3a27f5570b604f3adef5f68211c3000000000000000000000000d22da948c0ab3a27f5570b604f3adef5f68211c3000000000000000000000000d22da948c0ab3a27f5570b604f3adef5f68211c3000000000000000000000000d22da948c0ab3a27f5570b604f3adef5f68211c3000000000000000000000000d22da948c0ab3a27f5570b604f3adef5f68211c3000000000000000000000000d22da948c0ab3a27f5570b604f3adef5f68211c3000000000000000000000000d22da948c0ab3a27f5570b604f3adef5f68211c3000000000000000000000000d22da948c0ab3a27f5570b604f3adef5f68211c3000000000000000000000000d22da948c0ab3a27f5570b604f3adef5f68211c3000000000000000000000000d22da948c0ab3a27f5570b604f3adef5f68211c3000000000000000000000000d22da948c0ab3a27f5570b604f3adef5f68211c3000000000000000000000000d22da948c0ab3a27f5570b604f3adef5f68211c3000000000000000000000000d22da948c0ab3a27f5570b604f3adef5f68211c3000000000000000000000000d22da948c0ab3a27f5570b604f3adef5f68211c3000000000000000000000000d22da948c0ab3a27f5570b604f3adef5f68211c3000000000000000000000000d22da948c0ab3a27f5570b604f3adef5f68211c3000000000000000000000000d22da948c0ab3a27f5570b604f3adef5f68211c300000000000000000000000002e9081dfadd37a852f9a73c4d7d69e615e6133400000000000000000000000002e9081dfadd37a852f9a73c4d7d69e615e61334000000000000000000000000c3090f41eb54a7f18587fd6651d4d3ab477b07a4000000000000000000000000c3090f41eb54a7f18587fd6651d4d3ab477b07a400000000000000000000000024a9d8f1f350d59cb0368d3d52a77db29c833d1d00000000000000000000000024a9d8f1f350d59cb0368d3d52a77db29c833d1d000000000000000000000000000000000000000000000000000000000000003200000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000003200000000000000000000000000000000000000000000000000000000000006400000000000000000000000000000000000000000000000000000000000000660000000000000000000000000000000000000000000000000000000000000068000000000000000000000000000000000000000000000000000000000000006a000000000000000000000000000000000000000000000000000000000000006c000000000000000000000000000000000000000000000000000000000000006e00000000000000000000000000000000000000000000000000000000000000700000000000000000000000000000000000000000000000000000000000000072000000000000000000000000000000000000000000000000000000000000007400000000000000000000000000000000000000000000000000000000000000760000000000000000000000000000000000000000000000000000000000000078000000000000000000000000000000000000000000000000000000000000007a000000000000000000000000000000000000000000000000000000000000007c000000000000000000000000000000000000000000000000000000000000007e00000000000000000000000000000000000000000000000000000000000000800000000000000000000000000000000000000000000000000000000000000082000000000000000000000000000000000000000000000000000000000000008400000000000000000000000000000000000000000000000000000000000000860000000000000000000000000000000000000000000000000000000000000088000000000000000000000000000000000000000000000000000000000000008a000000000000000000000000000000000000000000000000000000000000008c000000000000000000000000000000000000000000000000000000000000008e00000000000000000000000000000000000000000000000000000000000000900000000000000000000000000000000000000000000000000000000000000092000000000000000000000000000000000000000000000000000000000000009400000000000000000000000000000000000000000000000000000000000000960000000000000000000000000000000000000000000000000000000000000098000000000000000000000000000000000000000000000000000000000000009a000000000000000000000000000000000000000000000000000000000000009c000000000000000000000000000000000000000000000000000000000000009e00000000000000000000000000000000000000000000000000000000000000a000000000000000000000000000000000000000000000000000000000000000a200000000000000000000000000000000000000000000000000000000000000a400000000000000000000000000000000000000000000000000000000000000a600000000000000000000000000000000000000000000000000000000000000a800000000000000000000000000000000000000000000000000000000000000aa00000000000000000000000000000000000000000000000000000000000000ac00000000000000000000000000000000000000000000000000000000000000ae00000000000000000000000000000000000000000000000000000000000000b000000000000000000000000000000000000000000000000000000000000000b200000000000000000000000000000000000000000000000000000000000000b400000000000000000000000000000000000000000000000000000000000000b600000000000000000000000000000000000000000000000000000000000000b800000000000000000000000000000000000000000000000000000000000000ba00000000000000000000000000000000000000000000000000000000000000bc00000000000000000000000000000000000000000000000000000000000000be00000000000000000000000000000000000000000000000000000000000000c000000000000000000000000000000000000000000000000000000000000000c200000000000000000000000000000000000000000000000000000000000000c400000000000000000000000000000000000000000000000000000000000000c600000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000320000000000000000000000000000000000000000000000000000000000000640000000000000000000000000000000000000000000000000000000000000070000000000000000000000000000000000000000000000000000000000000007c0000000000000000000000000000000000000000000000000000000000000084000000000000000000000000000000000000000000000000000000000000008c0000000000000000000000000000000000000000000000000000000000000094000000000000000000000000000000000000000000000000000000000000009c00000000000000000000000000000000000000000000000000000000000000a400000000000000000000000000000000000000000000000000000000000000ac00000000000000000000000000000000000000000000000000000000000000b400000000000000000000000000000000000000000000000000000000000000bc00000000000000000000000000000000000000000000000000000000000000c400000000000000000000000000000000000000000000000000000000000000cc00000000000000000000000000000000000000000000000000000000000000d400000000000000000000000000000000000000000000000000000000000000dc00000000000000000000000000000000000000000000000000000000000000e400000000000000000000000000000000000000000000000000000000000000ec00000000000000000000000000000000000000000000000000000000000000f400000000000000000000000000000000000000000000000000000000000000fc0000000000000000000000000000000000000000000000000000000000000104000000000000000000000000000000000000000000000000000000000000010c0000000000000000000000000000000000000000000000000000000000000114000000000000000000000000000000000000000000000000000000000000011c0000000000000000000000000000000000000000000000000000000000000124000000000000000000000000000000000000000000000000000000000000012c0000000000000000000000000000000000000000000000000000000000000134000000000000000000000000000000000000000000000000000000000000013c0000000000000000000000000000000000000000000000000000000000000144000000000000000000000000000000000000000000000000000000000000014c0000000000000000000000000000000000000000000000000000000000000154000000000000000000000000000000000000000000000000000000000000015c0000000000000000000000000000000000000000000000000000000000000164000000000000000000000000000000000000000000000000000000000000016c0000000000000000000000000000000000000000000000000000000000000174000000000000000000000000000000000000000000000000000000000000017c0000000000000000000000000000000000000000000000000000000000000184000000000000000000000000000000000000000000000000000000000000018c0000000000000000000000000000000000000000000000000000000000000194000000000000000000000000000000000000000000000000000000000000019c00000000000000000000000000000000000000000000000000000000000001a400000000000000000000000000000000000000000000000000000000000001ac00000000000000000000000000000000000000000000000000000000000001b400000000000000000000000000000000000000000000000000000000000001bc00000000000000000000000000000000000000000000000000000000000001c400000000000000000000000000000000000000000000000000000000000001cc00000000000000000000000000000000000000000000000000000000000001d800000000000000000000000000000000000000000000000000000000000001de00000000000000000000000000000000000000000000000000000000000001ea00000000000000000000000000000000000000000000000000000000000001f000000000000000000000000000000000000000000000000000000000000001fc00000000000000000000000000000000000000000000000000000000000000084555bcc4000000000000000000000000034a1d3fff3958843c43ad80f30b94c510645c316000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000600000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000084555bcc4000000000000000000000000034a1d3fff3958843c43ad80f30b94c510645c31600000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000060000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000004428d8cd8c000000000000000000000000949d6a0e3b1064d498d529a388b953b344cd13f7000000000000000000000000e0b2026e3db1606ef0beb764ccdf7b3cee30db4a00000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000004428d8cd8c000000000000000000000000949d6a0e3b1064d498d529a388b953b344cd13f7000000000000000000000000ccb8e090fe070945cc0131a075b6e1ea8f20881200000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000004428d8cd8c000000000000000000000000949d6a0e3b1064d498d529a388b953b344cd13f70000000000000000000000007ecf0bf3d94dce4838d57b63dc96d6ddc2cc63e700000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000004428d8cd8c000000000000000000000000949d6a0e3b1064d498d529a388b953b344cd13f70000000000000000000000006a67a0e5265730952ed7dd648aed357c7444999e00000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000004428d8cd8c000000000000000000000000949d6a0e3b1064d498d529a388b953b344cd13f7000000000000000000000000aaddc55883b7df9944d54c20f2822f476673cbc000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000004428d8cd8c000000000000000000000000949d6a0e3b1064d498d529a388b953b344cd13f70000000000000000000000007c976f00e84db0b44f945fc6d7fad34b43150a1a00000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000004428d8cd8c000000000000000000000000949d6a0e3b1064d498d529a388b953b344cd13f70000000000000000000000004f5ef03e870332a1b42453bbf57b8a041e89efe800000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000004428d8cd8c000000000000000000000000949d6a0e3b1064d498d529a388b953b344cd13f7000000000000000000000000a89da48796bb808cb9af3637ff7ab436f968c7d500000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000004428d8cd8c000000000000000000000000949d6a0e3b1064d498d529a388b953b344cd13f700000000000000000000000054dc6782d6fc5fc05f8486d365186ff25cc44ba700000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000004428d8cd8c000000000000000000000000949d6a0e3b1064d498d529a388b953b344cd13f7000000000000000000000000395ef2d7a5d499b62ac479064b7eaa51ae823a2200000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000004428d8cd8c000000000000000000000000949d6a0e3b1064d498d529a388b953b344cd13f7000000000000000000000000f4f1f5dd2801f94b732d240a46103089905ccd4e00000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000004428d8cd8c000000000000000000000000949d6a0e3b1064d498d529a388b953b344cd13f70000000000000000000000009f6dc2cf76fd22a0e5f11e0edde73502364ffbb800000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000004428d8cd8c000000000000000000000000949d6a0e3b1064d498d529a388b953b344cd13f700000000000000000000000057e421c8a16bf0a609ef87e296cb931113a5e3ed00000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000004428d8cd8c000000000000000000000000949d6a0e3b1064d498d529a388b953b344cd13f700000000000000000000000060298d41cef0759f1127fc5e48ba3b663a9e088900000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000004428d8cd8c000000000000000000000000949d6a0e3b1064d498d529a388b953b344cd13f7000000000000000000000000a3db05c72c79d52d2d37170a342a2c21c5e5d7c000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000004428d8cd8c000000000000000000000000949d6a0e3b1064d498d529a388b953b344cd13f7000000000000000000000000d4d70647651e84536eb218d5889ab764115c4d8200000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000004428d8cd8c000000000000000000000000949d6a0e3b1064d498d529a388b953b344cd13f7000000000000000000000000dd15c08320f01f1b6348b35eebe29fdb5ca0cda600000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000004428d8cd8c000000000000000000000000949d6a0e3b1064d498d529a388b953b344cd13f7000000000000000000000000cbc21fbf92519f6d90c05a6fda1a7cb72fa6e02b00000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000004428d8cd8c000000000000000000000000949d6a0e3b1064d498d529a388b953b344cd13f70000000000000000000000006722ae8c7a49553f1a80153517d1cfeca7eca5f700000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000004428d8cd8c000000000000000000000000949d6a0e3b1064d498d529a388b953b344cd13f700000000000000000000000099b84a77f64e5acc269073cf082951c3ce57fe6400000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000004428d8cd8c000000000000000000000000949d6a0e3b1064d498d529a388b953b344cd13f7000000000000000000000000f98a854bc00eaa854894d79e11315a2114c5812000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000004428d8cd8c000000000000000000000000949d6a0e3b1064d498d529a388b953b344cd13f7000000000000000000000000175a795ef04bc146fd6d6f852e5adec8b356e31000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000004428d8cd8c000000000000000000000000949d6a0e3b1064d498d529a388b953b344cd13f7000000000000000000000000dd15c08320f01f1b6348b35eebe29fdb5ca0cda600000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000004428d8cd8c000000000000000000000000949d6a0e3b1064d498d529a388b953b344cd13f700000000000000000000000051d7193812b5b70e5e30df5c18ac2062c5f51c5e00000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000004428d8cd8c000000000000000000000000949d6a0e3b1064d498d529a388b953b344cd13f7000000000000000000000000c265ba4d9ed33620978b03235fc9f5aa026da27500000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000004428d8cd8c000000000000000000000000949d6a0e3b1064d498d529a388b953b344cd13f70000000000000000000000009f6dc2cf76fd22a0e5f11e0edde73502364ffbb800000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000004428d8cd8c000000000000000000000000949d6a0e3b1064d498d529a388b953b344cd13f70000000000000000000000003a531c90e52a02817c0d31794d0ac4ea35a6660200000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000004428d8cd8c000000000000000000000000949d6a0e3b1064d498d529a388b953b344cd13f70000000000000000000000001fb540757cfd698b4a8f81e510ed09aa67a4f97000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000004428d8cd8c000000000000000000000000949d6a0e3b1064d498d529a388b953b344cd13f7000000000000000000000000396a6d7a33655c45044143cb8a812227bf27957800000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000004428d8cd8c000000000000000000000000949d6a0e3b1064d498d529a388b953b344cd13f70000000000000000000000001f93dc0e5f249c8961027d447c973b9ce7ab736600000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000004428d8cd8c000000000000000000000000949d6a0e3b1064d498d529a388b953b344cd13f7000000000000000000000000aaddc55883b7df9944d54c20f2822f476673cbc000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000004428d8cd8c000000000000000000000000949d6a0e3b1064d498d529a388b953b344cd13f7000000000000000000000000d2dff7007586be8f2e6cb84de65190b81adf6a9b00000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000004428d8cd8c000000000000000000000000949d6a0e3b1064d498d529a388b953b344cd13f70000000000000000000000004f5ef03e870332a1b42453bbf57b8a041e89efe800000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000004428d8cd8c000000000000000000000000949d6a0e3b1064d498d529a388b953b344cd13f7000000000000000000000000d4d70647651e84536eb218d5889ab764115c4d8200000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000004428d8cd8c000000000000000000000000949d6a0e3b1064d498d529a388b953b344cd13f7000000000000000000000000985c3e74201d8c4907e7d8db06bb1f83639bef0c00000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000004428d8cd8c000000000000000000000000949d6a0e3b1064d498d529a388b953b344cd13f70000000000000000000000008dfd78676fa1929d1c7b64fbd3133e3b4ec305b300000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000004428d8cd8c000000000000000000000000949d6a0e3b1064d498d529a388b953b344cd13f7000000000000000000000000dc7428eeff0cdac1a45f310debb9af91708f47c900000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000004428d8cd8c000000000000000000000000949d6a0e3b1064d498d529a388b953b344cd13f700000000000000000000000008c3e7b6e273d4434fa466ff23dba7c602a961a700000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000004428d8cd8c000000000000000000000000949d6a0e3b1064d498d529a388b953b344cd13f7000000000000000000000000f9923ae543f039c71cd1bbc95ee3db6f36afcce600000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000004428d8cd8c000000000000000000000000949d6a0e3b1064d498d529a388b953b344cd13f70000000000000000000000003769859a5efa6133cd74c5eb5080f46beffb6cef00000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000004428d8cd8c000000000000000000000000949d6a0e3b1064d498d529a388b953b344cd13f7000000000000000000000000b3e6420941acc44c2996666b4b5c998c1545fc1900000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000004428d8cd8c000000000000000000000000949d6a0e3b1064d498d529a388b953b344cd13f700000000000000000000000054dc6782d6fc5fc05f8486d365186ff25cc44ba7000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000084555bcc40000000000000000000000000a8452ec99ce0c64f20701db7dd3abdb607c00496000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000600000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000024c18cfe86000000000000000000000000949d6a0e3b1064d498d529a388b953b344cd13f7000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000084555bcc40000000000000000000000000a8452ec99ce0c64f20701db7dd3abdb607c00496000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000600000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000024c18cfe86000000000000000000000000949d6a0e3b1064d498d529a388b953b344cd13f7000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000084555bcc40000000000000000000000000a8452ec99ce0c64f20701db7dd3abdb607c00496000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000600000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000024c18cfe86000000000000000000000000949d6a0e3b1064d498d529a388b953b344cd13f700000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000040323204d49502d4d31373a20526564656d7074696f6e20616e64205265616c6c6f636174696f6e206f66204e6f6d616420436f6c6c61746572616c20616e642050726f746f636f6c20526573657276657320666f722046524158204d61726b657420456e68616e63656d656e74202850726f706f73616c2032290a0a2323204f766572766965770a0a546869732070726f706f73616c2077696c6c2072656d6f766520616c6c20636f6c6c61746572616c206d546f6b656e732066726f6d20757365727320776974682062616420646562742066726f6d20616c6c206d61726b6574732c2073656e64696e67207468656d20746f2074686520636f6d6d756e697479206d756c74697369672e20496e206f7264657220746f20616c6c6f77206d546f6b656e20636f6c6c61746572616c207377656570696e6720616e64206261642064656274207772697465206f6666732c20746865206d546f6b656e732077696c6c206861766520746865697220696d706c656d656e746174696f6e732075706772616465642e20546869732077696c6c2073746f7020667572746865722069737375657320616e6420616c6c6f77207468652065786368616e6765207261746573206f66207468652061737365747320746f2073746179207468652073616d6520706f73742d70726f706f73616c2e0a0a466f6c6c6f77696e67207468652070617373696e67206f6620746865207369676e616c696e6720736e617073686f74205b706f6c6c5d2868747470733a2f2f736e617073686f742e6f72672f232f6d6f6f6e77656c6c2d676f7665726e616e63652e6574682f70726f706f73616c2f307865333062326563333234616430343339376562383634646434363464336635376634346336336363663638346339613132366639646433343930386664356337292c207468697320676f7665726e616e63652070726f706f73616c206973206265696e67206372656174656420746f206578656375746520746865207365636f6e64207374657020696e20726573746f72696e67206c697175696469747920746f20746865206d61726b6574732e0a0a506c65617365207365652074686520666f72756d20706f7374205b686572655d2868747470733a2f2f666f72756d2e6d6f6f6e77656c6c2e66692f742f726571756573742d666f722d70726f706f73616c2d7266702d726564656d7074696f6e2d616e642d7265616c6c6f636174696f6e2d6f662d6e6f6d61642d636f6c6c61746572616c2d616e642d70726f746f636f6c2d72657365727665732d666f722d667261782d6d61726b65742d656e68616e63656d656e742f3734362f332920666f7220667572746865722064657461696c73206f6e207468697320676f7665726e616e63652070726f706f73616c2e0a0000000000000000000000000000000000000000000000000000000000
  Propose Gas Metering: 6380808
  schedule batch calldata with  50 actions
  proposalId: 74
  Execution Gas Metering: 1511076

Mocks

The following mocks have been used to test this upgraded system Mock USDT, Mock USDC, Mock xcDOT. These contracts needed to be mocked as they use a precompile on Moonbeam, which reverts when used in a foundry fork. The mocks stand in place of the precompile and allow the tests to run by etching the bytecode onto the precompile address.

Return Values

xcDOT returns true on transfer and transferFrom. This has been confirmed by the Moonbeam team. FRAX also returns true after a successful transferFrom.

Files in Scope

Contract SLOC Purpose Libraries used Comments
MErc20DelegateFixer.sol 63 Bad Debt Fixer Logic SafeMath
MErc20DelegateMadFixer.sol 9 Nomad Collateral Sweeper Logic n/a
mip-m17.sol 198 MIP-M17 Governance Proposal n/a Validate function out of scope, deployment is in scope

The only issues that are in scope are the ones that could reasonably arise as a result of the upgrade. Any issues that were present in the previous implementation are out of scope.

Out of Scope Findings

The validate function in the MIP-M17 proposal is out of scope for this audit. This function is not used in the contracts that are being upgraded.

Non standard ERC20 token transferFrom does not return a boolean value and will cause Delegate Fixer to fail. This is out of scope as all mTokens that use Delegate Fixer underlying values return true on transferFrom.

Share price of .mad mTokens will fall drastically after the proposal is executed. This is expected behavior and out of scope.

.mad ERC20 tokens return a boolean value on transfer. This is out of scope.

Fee on transfer tokens not supported with the current implementation of either fixer contract. This is out of scope.

Addresses passed to fixUser are not checked to be valid as these values are found in JSON files and will not be address 0. Address 0 checks are out of scope.

Addresses in the contract are assumed to be non-zero. This is out of scope as Addresses.sol would throw an error if an address retrieved was 0.

Known Compound V2 issues are out of scope. This audit is only concerned with new issues that may arise from the upgrade that were not already present. Any issues in this report are out of scope, and any findings from previous compound audits or Moonwell are out of scope.

The only items in scope are new issues that may arise from the upgrade. Any issues that were present in the previous implementation are out of scope.

Governance could liquidate users that are healthy. This is out of scope as it is expected behavior and governance is assumed to be trusted and non-malicious.

Speculating about future changes that could happen after this upgrade are out of scope unless the changes are directly related to the upgrade.

Definition Changes

Cash in the Compound whitepaper is defined as the underlying asset balance of the mToken. This definition has been changed to underlying asset balance of the mToken plus the bad debt amount. This change was necessary to allow the share price to remain unchanged when bad debt is created by fixing users. This has flow on effects for the frontend as the getCash function will return higher than the underlying balance of the mToken.

Exchange Rate

The current exchange rate forumula is:

exchangeRate = (cash + total borrows - reserves) / totalSupply

See this article for an explanation of the exchange rate.

The new exchange rate formula post upgrade for mFRAX and mxcDOT is:

exchangeRate = (bad debt + cash + total borrows - reserves) / totalSupply

This new formula accounts for the bad debt. The exchange rate will not change when bad debt is realized, or repaid with reserves or cash.

About

Upgrades to mToken contracts on Moonbeam to support Nomad remediation

Resources

Readme

License

BSD-3-Clause license
Activity
Custom properties

Stars

3 stars

Watchers

2 watching

Forks

2 forks
Report repository

Releases

No releases published

Packages

No packages published

Contributors 5

Languages