v.1.13.0 Slash Resolution Delay

v1.13.0 Slash Resolution Delay & Duration Vault Blacklist Fix

@eigenmikem released this · ef8f979

Overview

This release hardens the slashing pipeline and fixes a duration vault edge case. It introduces a mandatory slash resolution delay before burnable/redistributable shares can be cleared, adds a dedicated pause flag for the burn-and-redistribution flow, and replaces the duration vault's deposit-time token blacklist check with a narrower restriction. The upgrade also includes a conditional catch-up path so environments that missed the v1.12.0 Incentive Council release are brought current as part of this upgrade.

Highlights

🚀 New Features

• Slash resolution delay adds a mandatory waiting period (SLASH_RESOLUTION_DELAY_BLOCKS = 50_400, ~7 days at 12s blocks) between when a slash is recorded and when its burnable or redistributable shares can be cleared. The resolution block is set the first time a slashId is recorded for an Operator Set and is emitted via the new SlashResolutionBlockSet event.
• A new view function, getSlashResolutionBlock(operatorSet, slashId), returns the block number after which a slash's shares may be cleared.
• A new dedicated pause flag, PAUSED_BURNING_AND_REDISTRIBUTION (index 1), gates clearBurnOrRedistributableShares, clearBurnOrRedistributableSharesByStrategy, and burnShares, allowing governance to halt the burn/redistribution flow independently of deposits.

⛔ Breaking Changes

• clearBurnOrRedistributableShares and clearBurnOrRedistributableSharesByStrategy now revert with SlashResolutionDelayNotElapsed() if called before the slash resolution delay has elapsed, and revert when PAUSED_BURNING_AND_REDISTRIBUTION is set. Tooling that clears slashed shares must wait out the delay and account for the new pause flag.
• StrategyFactory.deployDurationVaultStrategy no longer reverts with BlacklistedToken for blacklisted tokens; it now reverts with the new ProhibitedDurationVaultToken() error when the underlying is EIGEN or bEIGEN (those tokens must use EigenStrategy).
• The StrategyFactory constructor now takes two additional immutables, EIGEN and bEIGEN. Deployments/integrations constructing the factory directly must supply these.
• IStrategyManager and IStrategyFactory ABIs have changed (new error, event, view function, and immutables). Integrations consuming these ABIs directly should refresh to the new interfaces.

📌 Deprecations

• The duration vault's deposit-time UnderlyingTokenBlacklisted check (and its error) is removed. Duration vault deposits are no longer blocked by the StrategyFactory token blacklist; restriction is now limited to prohibiting EIGEN/bEIGEN at deploy time.

🔧 Improvements

• Slash resolution state is cleaned up automatically: when a slash's last strategy is cleared, _slashResolutionBlock is deleted alongside the pending slashId.
• Pre-upgrade slashes are grandfathered: entries recorded before this upgrade have a zero resolution block and remain immediately clearable, avoiding disruption to in-flight slashes.
• Internal share-count check in _clearBurnOrRedistributableShares now uses length() instead of materializing keys(), reducing gas.
• Several view-function NatSpec docs were corrected to reflect that getPendingSlashIds, getBurnOrRedistributableShares, and related getters return empty/zero rather than reverting.
• The upgrade script includes a conditional Incentive Council catch-up path (RewardsCoordinator reinitialize, EmissionsController initialize, bEIGEN minting transfer) for environments that skipped v1.12.0, plus a ProtocolRegistry semantic version bump to 1.13.0.
• Added a deployment-script validation utility (script/utils/validate-deployment-scripts.sh) and new integration/upgrade test coverage (SlashResolutionDelay.t.sol, SlashResolutionDelayUpgrade.t.sol).

What's Changed

• ci: fix binding failure by @elhajin in #1752
• feat: slash delay and blacklist fix by @elhajin in #1753
• docs: add audit report for slash delay & blacklist fix and update readme by @nadir-akhtar in #1755

Full Changelog: v1.12.0...v1.13.0