feat(treasury): implement emergency_drain (#966)#969
Open
Dami24-hub wants to merge 1 commit into
Open
Conversation
- Requires admin auth and panics if protocol is not paused - Drains full BALANCE via token transfer, resets balance to 0 - Appends entry to WITHDRAWAL_LOG, emits EmergencyDrain event - Returns total amount drained in stroops - Adds unit tests: success, not-paused guard, unauthorized guard
This file contains hidden or bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
Sign up for free
to join this conversation on GitHub.
Already have an account?
Sign in to comment
1 participant
Add this suggestion to a batch that can be applied as a single commit.This suggestion is invalid because no changes were made to the code.Suggestions cannot be applied while the pull request is closed.Suggestions cannot be applied while viewing a subset of changes.Only one suggestion per line can be applied in a batch.Add this suggestion to a batch that can be applied as a single commit.Applying suggestions on deleted lines is not supported.You must change the existing code in this line in order to create a valid suggestion.Outdated suggestions cannot be applied.This suggestion has been applied or marked resolved.Suggestions cannot be applied from pending reviews.Suggestions cannot be applied on multi-line comments.Suggestions cannot be applied while the pull request is queued to merge.Suggestion cannot be applied right now. Please check back later.
Related Issues
Closes #966
Description
This pull request implements the emergency_drain() function within the Treasury contract (contracts/treasury/src/lib.rs). This function provides an authorized mechanism to securely extract all contract funds during a critical protocol compromise or failure event, provided the protocol has already been paused at the factory level.
Changes
Authentication: Added admin.require_auth() as the initial execution guard.
State Verification: Implemented a check against the factory configuration to ensure the protocol is paused before allowing execution; panics if active.
Asset Liquidation: Retrieves the total contract balance, transfers the entire amount to the designated recipient, and updates internal tracking to zero.
Audit Logging: Appends the operation details to WITHDRAWAL_LOG and emits an EmergencyDrain event for off-chain tracking.
Verification Results
Automated Tests
Added comprehensive unit tests covering the following scenarios:
Success Path: Admin executes drain while protocol is paused. Verifies full balance transfer, log updating, and event emission.
Failure Path (State): Admin execution fails and panics if the protocol state is not paused.
Failure Path (Auth): Non-admin execution fails and panics during the authentication check.