// SPDX-License-Identifier: MIT pragma solidity >=0.7.6 <0.9; library AssetManagerSettings { struct Data { // Required contracts. // Only used to verify that calls come from assetManagerController. // Type: AssetManagerController // changed via address updater address assetManagerController; // The f-asset contract managed by this asset manager. // Type: IIFAsset // immutable address fAsset; // Factory for creating new agent vaults. // Type: IAgentVaultFactory // timelocked address agentVaultFactory; // Factory for creating new agent collateral pools. // Type: ICollateralPoolFactory // timelocked address collateralPoolFactory; // Factory for creating new agent collateral pool tokens. // Type: ICollateralPoolTokenFactory // timelocked address collateralPoolTokenFactory; // The suffix to pool token name and symbol that identifies new vault's collateral pool token. // When vault is created, the owner passes own suffix which will be appended to this. string poolTokenSuffix; // If set, the whitelist contains a list of accounts that can call public methods // (minting, redeeming, challenging, etc.) // This can be `address(0)`, in which case no whitelist checks are done. // Type: IWhitelist // timelocked address whitelist; // If set, the owner address registry contains a list of allowed agent owner's // management addresses and mappings from management to work address. // Type: IAgentOwnerRegistry // timelocked address agentOwnerRegistry; // Attestation client verifies and decodes attestation proofs. // Type: IFdcVerification // changed via address updater address fdcVerification; // The address where burned NAt is sent. // (E.g. collateral reservation fee is burned on successful minting.) // immutable address payable burnAddress; // The contract that reads prices from FTSO system in an FTSO version independent way. // Type: IPriceReader // timelocked address priceReader; // Same as assetToken.decimals() // immutable uint8 assetDecimals; // Number of decimals of precision of minted amounts. // assetMintingGranularityUBA = 10 ** (assetDecimals - assetMintingDecimals) // immutable uint8 assetMintingDecimals; // Must match attestation data chainId. // immutable bytes32 chainId; // Average time between two successive blocks on the underlying chain, in milliseconds. // rate-limited uint32 averageBlockTimeMS; // The minimum amount of pool tokens the agent must hold to be able to mint. // To be able to mint, the NAT value of all backed fassets together with new ones times this percentage // must be smaller than the agent's pool tokens' amount converted to NAT. // rate-limited uint32 mintingPoolHoldingsRequiredBIPS; // Collateral reservation fee that must be paid by the minter. // Payment is in NAT, but is proportional to the value of assets to be minted. // rate-limited uint16 collateralReservationFeeBIPS; // Asset unit value (e.g. 1 BTC or 1 ETH) in UBA = 10 ** assetToken.decimals() // immutable uint64 assetUnitUBA; // The granularity in which lots are measured = the value of AMG (asset minting granularity) in UBA. // Can only be changed via redeploy of AssetManager. // AMG is used internally instead of UBA so that minted quantities fit into 64bits to reduce storage. // So assetMintingGranularityUBA should be set so that the max supply in AMG of this currency // in foreseeable time (say 100yr) cannot overflow 64 bits. // immutable uint64 assetMintingGranularityUBA; // Lot size in asset minting granularity. May change, which affects subsequent mintings and redemptions. // timelocked uint64 lotSizeAMG; // The percentage of minted f-assets that the agent must hold in his underlying address. uint16 minUnderlyingBackingBIPS; // for some chains (e.g. Ethereum) we require that agent proves that underlying address is an EOA address // this must be done by presenting a payment proof from that address // immutable bool requireEOAAddressProof; // Maximum minted amount of the f-asset. // rate-limited uint64 mintingCapAMG; // Number of underlying blocks that the minter or agent is allowed to pay underlying value. // If payment not reported in that time, minting/redemption can be challenged and default action triggered. // CAREFUL: Count starts from the current proved block height, so the minters and agents should // make sure that current block height is fresh, otherwise they might not have enough time for payment. // timelocked uint64 underlyingBlocksForPayment; // Minimum time to allow agent to pay for redemption or minter to pay for minting. // This is useful for fast chains, when there can be more than one block per second. // Redemption/minting payment failure can be called only after underlyingSecondsForPayment have elapsed // on underlying chain. // CAREFUL: Count starts from the current proved block timestamp, so the minters and agents should // make sure that current block timestamp is fresh, otherwise they might not have enough time for payment. // This is partially mitigated by adding local duration since the last block height update to // the current underlying block timestamp. // timelocked uint64 underlyingSecondsForPayment; // Redemption fee in underlying currency base amount (UBA). // rate-limited uint16 redemptionFeeBIPS; // On redemption underlying payment failure, redeemer is compensated with // redemption value recalculated in flare/sgb times redemption failure factor. // Expressed in BIPS, e.g. 12000 for factor of 1.2. // This is the part of factor paid from agent's vault collateral. // rate-limited uint32 redemptionDefaultFactorVaultCollateralBIPS; // This is the part of redemption factor paid from agent's pool collateral. // rate-limited uint32 redemptionDefaultFactorPoolBIPS; // If the agent or redeemer becomes unresponsive, we still need payment or non-payment confirmations // to be presented eventually to properly track agent's underlying balance. // Therefore we allow anybody to confirm payments/non-payments this many seconds after request was made. // rate-limited uint64 confirmationByOthersAfterSeconds; // The user who makes abandoned redemption confirmations gets rewarded by the following amount. // rate-limited uint128 confirmationByOthersRewardUSD5; // To prevent unbounded work, the number of tickets redeemed in a single request is limited. // rate-limited // >= 1 uint16 maxRedeemedTickets; // Challenge reward can be composed of two part - fixed and proportional (any of them can be zero). // This is the proportional part (in BIPS). // rate-limited uint16 paymentChallengeRewardBIPS; // Challenge reward can be composed of two part - fixed and proportional (any of them can be zero). // This is the fixed part (in vault collateral token wei). // rate-limited uint128 paymentChallengeRewardUSD5; // Agent has to announce any collateral withdrawal ar vault destroy and then wait for at least // withdrawalWaitMinSeconds. This prevents challenged agent to remove all collateral before // challenge can be proved. // rate-limited uint64 withdrawalWaitMinSeconds; // Maximum age that trusted price feed is valid. // Otherwise (if there were no trusted votes for that long) just use generic ftso price feed. // rate-limited uint64 maxTrustedPriceAgeSeconds; // Agent can remain in CCB for this much time, after that liquidation starts automatically. // rate-limited uint64 ccbTimeSeconds; // Amount of seconds (typically 1 day) that the payment/non-payment proofs must be available. // This setting is used in `unstickMinting` and `finishRedemptionWithoutPayment` to prove that the time when // payment/non-payment could be proved has already passed. // rate-limited uint64 attestationWindowSeconds; // Minimum time after an update of a setting before the same setting can be updated again. // timelocked uint64 minUpdateRepeatTimeSeconds; // Ratio at which the agents can buy back their collateral when f-asset is terminated. // Typically a bit more than 1 to incentivize agents to buy f-assets and self-close instead. // immutable uint64 buybackCollateralFactorBIPS; // Minimum time that has to pass between underlying withdrawal announcement and the confirmation. // Any value is ok, but higher values give more security against multiple announcement attack by a miner. // Shouldn't be much bigger than Flare data connector response time, so that payments can be confirmed without // extra wait. Should be smaller than confirmationByOthersAfterSeconds (e.g. less than 1 hour). // rate-limited uint64 announcedUnderlyingConfirmationMinSeconds; // Minimum time from the moment token is deprecated to when it becomes invalid and agents still using // it as vault collateral get liquidated. // timelocked uint64 tokenInvalidationTimeMinSeconds; // On some rare occasions (stuck minting, locked fassets after termination), the agent has to unlock // collateral. For this, part of collateral corresponding to FTSO asset value is burned and the rest // is released. // However, we cannot burn typical vault collateral (stablecoins), so the agent must buy them for NAT // at FTSO price multiplied with this factor (should be a bit above 1) and then we burn the NATs. // timelocked uint32 vaultCollateralBuyForFlareFactorBIPS; // Amount of seconds that have to pass between available list exit announcement and execution. // rate-limited uint64 agentExitAvailableTimelockSeconds; // Amount of seconds that have to pass between agent fee and pool fee share change announcement and execution. // rate-limited uint64 agentFeeChangeTimelockSeconds; // Amount of seconds that have to pass between agent-set minting collateral ratio (vault or pool) // change announcement and execution. // rate-limited uint64 agentMintingCRChangeTimelockSeconds; // Amount of seconds that have to pass between agent-set settings for pool exit and topup // (exit CR, topup CR, topup bonus) change announcement and execution. // rate-limited uint64 poolExitAndTopupChangeTimelockSeconds; // Amount of seconds that an agent is allowed to execute an update once it is allowed. // rate-limited uint64 agentTimelockedOperationWindowSeconds; // duration of the timelock for collateral pool tokens after minting uint32 collateralPoolTokenTimelockSeconds; // If there was no liquidator for the current liquidation offer, // go to the next step of liquidation after a certain period of time. // rate-limited uint64 liquidationStepSeconds; // Factor with which to multiply the asset price in native currency to obtain the payment // to the liquidator. // Expressed in BIPS, e.g. [12000, 16000, 20000] means that the liquidator will be paid 1.2, 1.6 and 2.0 // times the market price of the liquidated assets after each `liquidationStepSeconds`. // Values in the array must increase and be greater than 100%. // rate-limited uint256[] liquidationCollateralFactorBIPS; // How much of the liquidation is paid in vault collateral. // The remainder will be paid in pool NAT collateral. uint256[] liquidationFactorVaultCollateralBIPS; // Minimum time that the system must wait before performing diamond cut. // The actual timelock is the maximum of this setting and GovernanceSettings.timelock. uint64 diamondCutMinTimelockSeconds; // The maximum total pause that can be triggered by non-governance (but governance allowed) caller. // The duration count can be reset by the governance. uint64 maxEmergencyPauseDurationSeconds; // The amount of time since last emergency pause after which the total pause duration counter // will reset automatically. uint64 emergencyPauseDurationResetAfterSeconds; // The amount of time after which the collateral reservation can be cancelled if the // handshake is not completed. // rate-limited uint64 cancelCollateralReservationAfterSeconds; // The amount of collateral reservation fee returned to the minter in case of rejection or cancellation. // Expressed in BIPS, e.g. 9500 for factor of 0.95, max 10000 for factor of 1.0. // rate-limited uint16 rejectOrCancelCollateralReservationReturnFactorBIPS; // Time window inside which the agent can reject the redemption request. // rate-limited uint64 rejectRedemptionRequestWindowSeconds; // Time window inside which the agent can take over the redemption request from another agent // that has rejected it. // rate-limited uint64 takeOverRedemptionRequestWindowSeconds; // On redemption rejection, without take over, redeemer is compensated with // redemption value recalculated in flare/sgb times redemption failure factor. // Expressed in BIPS, e.g. 12000 for factor of 1.2. // This is the part of factor paid from agent's vault collateral. // rate-limited uint32 rejectedRedemptionDefaultFactorVaultCollateralBIPS; // This is the part of rejected redemption factor paid from agent's pool collateral. // rate-limited uint32 rejectedRedemptionDefaultFactorPoolBIPS; } }