hi, I get some problem as follows:

docker-compose -f docker-compose.test.yml up -d
Building contracts-env
Step 1/5 : FROM node:13
 ---> 2b9604a36e49
Step 2/5 : WORKDIR /app
 ---> Using cache
 ---> a5628d579ecd
Step 3/5 : ADD  ./package-lock.json ./package.json /app/
 ---> Using cache
 ---> 3dfab20a4e20
Step 4/5 : RUN npm ci
 ---> Running in fe1b427dc45b
npm ERR! cb() never called!

npm ERR! This is an error with npm itself. Please report this error at:
npm ERR!     <https://npm.community>

npm ERR! A complete log of this run can be found in:
npm ERR!     /root/.npm/_logs/2020-12-07T02_43_09_003Z-debug.log
ERROR: Service 'contracts-env' failed to build: The command '/bin/sh -c npm ci' returned a non-zero code: 1

Does anyone know how to solve the problem?

Add a flag to the ReserveConfiguration to pause one specific reserve. A paused reserve doesn't allow any action.

Integrate the ability to deploy the protocol through Defender (https://defender.openzeppelin.com)

It is possible to save gas by replacing the mintToTreasury() on each action with a storage variable and defer the minting of the aTokens to the treasury. The minting will happen through a mintToTreasury() function, public and callable by everyone, that will take care of minting the accrued aTokens all at once. In order for the protocol to continue receiving interest from the threasury, the accounting for the assets treasury will store amountToMint/index, factually the scaled balance of the accrued reserve until the latest action.

Try npm run in contracts-env:

hardhat:ropsten
    hardhat--network ropsten

There should be a space between hardhat and --network

i.e. package.json line 14 needs an edit.

Which contract/function/formula gives the current deposit and borrow APR rewards rate for a given asset?

I'm referring to the small number under the APY in the app representing market participation rewards. I can see in the docs how to get the deposit and borrow APY rates via LendingPool.getReserveData() but not the APR rewards/incentives rate.

Different script configurations for L2 markets

Currently it's not possible to split between protocol and liquidity providers fee on flashloans. Add the possibility to split between flashloan fee and protocol fee, and increase the fee precision by two more decimals (from 1e5 to 1e7). The amount for the protocol should be passed to updateState() and added to the treasury in the _mintToTreasury() function.

Currently, the deployment of a new market of the Aave Protocol has some disadvantages, mainly:

• High deployment cost.
• Burdensome deployment, even by using multiple automations contained on the repository.

In addition, the update of the logic of one component at the same time across all markets is not possible, which creates big friction on versioning of implementations under proxies.

The root cause of these problems is/was the design decision of trying to optimize reading of data via usage of constants/immutables on the smart contracts, leading to non-reusable implementations of components across different markets, even if the logic is exacty the same. Even if this decision is understandable for the initial Aave market -which has the highest usage and needs to be optimal/cheap on execution-, with multiple members of the community working on deploying new markets, we have noticed that in some cases it could be important to have a "light" version of the Aave Protocol with the following requirements:

• To create a new market, it should be only needed to deploy:
  • A new LendingPoolAddressesProvider.
  • From the LendingPoolAddressesProvider, the proxies for all the proxied components, but reusing implementations of those components from previous markets.
  • From the proxy contract of the LendingPoolConfigurator, deploy proxies for all aTokens and debtTokens, reusing implementations of other aTokens/debtTokens from previous markets.

Mainly, the changes needed for this new deployment flow would consists on moving to storage variables certain constants/immutables on all the contracts affected, in order to remove market or token specific dependencies.

Additional requirements of the implementation:

• Create hardhat tasks for the new deployment flow.
• Adapt dev tests where needed.
• Include a comparision of gas cost on execution of the protocol actions between this new model and the current one.

One of the features needed for protocol 2.5 is the implementation of a borrow cap functionality. The borrow cap will allow to set a maximum amount (expressed in unit of the underlying asset) that can be borrowed out of a specific reserve. If the cap is reached, it will not be possible to borrow the asset anymore.

Implementation details

• Add a new field borrowCap to the reserve configuration bitmap, https://github.com/aave/protocol-v2/blob/master/contracts/protocol/libraries/configuration/ReserveConfiguration.sol

• In validateBorrow() https://github.com/aave/protocol-v2/blob/master/contracts/protocol/libraries/logic/ValidationLogic.sol#L136 add a check that ensures that the borrowCap is either zero or not crossed by comparing it with the total supply of the corresponding debt token. if the borrow cap is crossed, revert

Gas considerations

See if it's possible to find a way to avoid calling the DebtToken.totalSupply() as it can be gas expensive

Hi, when trying to deploy the protocol contracts on Kovan network (following steps given in Readme), I'm getting the following error.

Creating Typechain artifacts in directory types for target ethers-v5
Successfully generated Typechain artifacts!

> @aave/[email protected] hardhat:kovan /src
> hardhat --network kovan "aave:mainnet" "--verify"

Migration started

1. Deploy address provider
Registry Address 0x1E40B561EC587036f9789aF83236f057D1ed2A90
*** LendingPoolAddressesProvider ***

Network: kovan
tx: < HASH >
contract address: <ADDRESS>
deployer address: <MY_ADDRESS>
gas price: 65000000000
gas used: 1602232

******

Error HH103: Account 0x85e4a467343c0dc4adab74af84448d9c45d8ae6f is not managed by the node you are connected to.

For more info go to https://hardhat.org/HH103 or run Hardhat with --show-stack-traces

I'm stuck here. Can anyone help?

Thanks in advance!

As a way of protecting the system against overexposure to acertain asset and infinite minting attacks, a supply cap mechanism can be implemented.

1. introduce a supplyCap config parameter in the ReserveConfiguration bitmap. The supplyCap is expressed in number of tokens.
2. introduce a check in LendingPool.deposit() to ensure that the total supply + amount deposited of the aToken of the asset does not cross the supplyCap

  const providerContract = new web3.eth.Contract(
    addressProviderABI,
    providerAddress
  );

  providerContract.methods.getAddress("0x1").call()
  .then(address => {
    console.log("protocolDataProviderAddress: ", address);
  })
  .catch(err=> {
    console.error("getAddress Error: ", err);
  });

protocolDataProviderAddress: 0x0000000000000000000000000000000000000000

A commit that extended the IAtoken interface was merged, but this broke the AToken interface implementation.

It is possible to save gas when calling GenericLogic.calculateUserAccountData(). Instead of calling aToken.balanceOf() and VariableDebtToken.balanceOf(), it is possible to call scaledBalanceOf() for both and multiply by the normalized income/debt locally, which is computationally less expensive.

Update to the latest version of hardhat and to the Berlin hardfork as reference

this is incorrect logic code

I think if no one borrows through stableRate for a long time, then stableSupplyUpdatedTimestamp will not be updated, but timestamp is always updated. Therefore, the value of timestamp-stableSupplyUpdatedTimestamp
will become larger and larger. Fee, it’s wrong.

Following the instructions in README.md through to the point of executing the Kovan deployment script results in a Hardhat HH110 resource not found error.

kf106@ethereum-pc:~/Ethereum/protocol-v2$ docker-compose exec contracts-env bash
root@16faeccade79:/src# npm run aave:kovan:full:migration

> @aave/[email protected] aave:kovan:full:migration /src
> npm run compile && npm run hardhat:kovan -- aave:mainnet --verify


> @aave/[email protected] compile /src
> SKIP_LOAD=true hardhat compile

Nothing to compile
Creating Typechain artifacts in directory types for target ethers-v5
Successfully generated Typechain artifacts!

> @aave/[email protected] hardhat:kovan /src
> hardhat --network kovan "aave:mainnet" "--verify"

Migration started

1. Deploy address provider
Error HH110: Invalid JSON-RPC response received: <h1>Not Found</h1><p>The requested resource was not found on this server.</p>

For more info go to https://hardhat.org/HH110 or run Hardhat with --show-stack-traces
npm ERR! code ELIFECYCLE
npm ERR! errno 1
npm ERR! @aave/[email protected] hardhat:kovan: `hardhat --network kovan "aave:mainnet" "--verify"`
npm ERR! Exit status 1
npm ERR! 
npm ERR! Failed at the @aave/[email protected] hardhat:kovan script.
npm ERR! This is probably not a problem with npm. There is likely additional logging output above.

npm ERR! A complete log of this run can be found in:
npm ERR!     /root/.npm/_logs/2021-03-23T10_52_49_103Z-debug.log
npm ERR! code ELIFECYCLE
npm ERR! errno 1
npm ERR! @aave/[email protected] aave:kovan:full:migration: `npm run compile && npm run hardhat:kovan -- aave:mainnet --verify`
npm ERR! Exit status 1
npm ERR! 
npm ERR! Failed at the @aave/[email protected] aave:kovan:full:migration script.
npm ERR! This is probably not a problem with npm. There is likely additional logging output above.

npm ERR! A complete log of this run can be found in:
npm ERR!     /root/.npm/_logs/2021-03-23T10_52_49_131Z-debug.log
root@16faeccade79:/src# 

Steps followed:

1. clone protocol-v2 repository
2. create .env file in main repo folder with Metamask seed phrase and Alchemyapi Kovan app key (both http and wss tried)
3. run docker-compose up in one terminal
4. open new terminal
5. run export SKIP_LOAD="true" npx hardhat compile (this is missing from the instructions)
6. run docker-compose exec contracts-env bash
7. npm run aave:kovan:full:migration

Alchemy API is never called

Sometimes people wish to move addresses but there's no way to do that on AAVE without first closing your loans and withdrawing which is very inconvenient and expensive.

A simple move address button would be very helpful. I haven't yet gone through all the contracts to see where this exists but it should mostly be as simple as just updating the mapping of address with their deposits and open loans and moving the aTokens to that new address.

Add to the protocol the capability to drop any reserve. This requires that the reserve total liquidity and total debt is 0.
In order to do that:

1. The ReserveData structure must be cleared
2. The GenericLogic.calculateUserAccountData() needs to have a filter to check whether reserves[i] is 0x0 in vars.currentReserveAddress = reserves[vars.i];

The initReserve() needs to also be changed to check for empty slots in the reserves array. So that the reserve is not always added to the end of the array, but if there is an empty slot is placed in there.

It's currently impossible to run test coverage as the compilation of the protocol contracts currently fails without optimizations enabled. There is a proposed solution here ethereum/solidity#10354.
Implement the fix and activate the code coverage for the protocol in the CI

The current WETH gateway has POOL and WETH address stored as immutables. This does not allow to reuse the WETH gateway across multiple lending pools.
Change the implementation to:

• add inheritance from Ownable

• Add a authorizeLendingPool(address[] calldata lendingPool) onlyOwner that approves WETH transfers from the WETHGateway itself to the pool (same as it's currently performed in the WETHGateway constructor)

• modifiy the depositETH(), borrowETH(), repayETH(), withdrawETH() functions to receive the LendingPool address as parameter. This allows removing the need for different WETHGateways while at the same time containing gas costs.

Security considerations:

• It's decided to not validate the address of the LendingPool across a list of whitelisted addresses. Although this opens the possibility of malicious actors using the WETHGateway with untrusted LendingPool contracts, we believe it does not pose a security risk since it's a utility contract only used by the Aave frontend to facilitate ETH deposits.

Deploying a market right now in kovan and/or other networks fails if the deployer does not have the rights to add the addresses provider to the registry. Change the behavior of the deployment script to have the addition to the provider registry optional.

This isn't a pressing issue, but I thought you would like to know.

As described in https://governance.aave.com/t/brainstorming-exposure-ceiling/2127/3, implement the exposure ceiling functionality.

Many entities are currently avoiding the flashloan fee by borrowing from protocols that allow free flashloans, depositing that as collateral in aave to borrow and repay in the same transaction. This can be forbidden by adding a check that disallows loans to be taken and repaid within the same transaction.

Setup the pipelines for code coverage and unit tests for protocol V2

if the second argument of function withdraw is type(uint256).max，then, we get
amountToWithdraw = IAToken(aToken).balanceOf(msg.sender);
it equals to:
amountToWithdraw =_balances[msg.sender].rayMul(_pool.getReserveNormalizedIncome(_underlyingAsset)
amountToWithdraw > _balances[msg.sender] must be TRUE;

BUT, when it call IAToken(aToken).burn(...),
it's implementation is like this:

    uint256 oldAccountBalance = _balances[account];
    _balances[account] = oldAccountBalance.sub(amountToWithdraw , 'ERC20: burn amount exceeds balance');

the sub action will exceeds

Hey,
I was checking out the guide you provided in your docs about flashloan V2.
basically I copy and pasted the contract into my environment and it compiles without a problem. But the LENDINGPOOL contract reverts my transaction.

 Error: Transaction reverted without a reason
      at <UnrecognizedContract>.<unknown> (0x7d2768de32b0b80b7a3454c06bdac94a69ddc7a9)

And my implementation

  function flashloan() public {
        address receiverAddress = address(this);

        address[] memory assets = new address[](2);
        assets[0] = address(0x2d12186Fbb9f9a8C28B3FfdD4c42920f8539D738); // BAT
        assets[1] = address(0xFf795577d9AC8bD7D90Ee22b6C1703490b6512FD); // DAI

        uint256[] memory amounts = new uint256[](2);
        amounts[0] = 10 ether;
        amounts[1] = 10 ether;

        // 0 = no debt, 1 = stable, 2 = variable
        uint256[] memory modes = new uint256[](2);
        modes[0] = 0;
        modes[1] = 0;

        address onBehalfOf = address(this);
        bytes memory params = "";
        uint16 referralCode = 0;

        LENDING_POOL.flashLoan(
            receiverAddress,
            assets,
            amounts,
            modes,
            onBehalfOf,
            params,
            referralCode
        );
    }

Any idea what could went wrong here?

Add the possibility of allowing free flashloans for whitelisted entities. This requires a mapping in LendingPoolStorage that keeps track of whitelisted addresses.

It is possible to save gas and code size on validateWithdraw() by getting rid of the precodition check on healthfactor, essentially removing the balanceDecreaseAllowed() function and replacing it with a validateHealthFactor() at the end of the withdraw function.
This will reduce the code size and allow to change the ValidationLogic functions from external to internal, further decreasing gas consumption.
Additionally, it is possible to replace AToken.balanceOf() with aToken.scaledBalanceOf().rayMul(reserve.liquidityIndex) as balanceOf() is more expensive.

Current LendingPoolConfigurator does not follow the internal styling guideline.

The fields

  ILendingPoolAddressesProvider internal addressesProvider;
  ILendingPool internal pool;

don't have the _ as prefix to distinguish them as internal fields
the functions are not exposed in the ILendingPoolConfigurator interface

Replace the original SafeMath library with the gas optimized SafeMath library inspired by https://github.com/Uniswap/uniswap-v3-core/blob/main/contracts/libraries/LowGasSafeMath.sol

Hello Aave team,
I want to run a test and got this error

`Error: Cannot find module '../types'
Require stack:

• /src/helpers/contracts-getters.ts
• /src/helpers/contracts-helpers.ts
• /src/tasks/misc/initialize-tokens.ts
• /src/hardhat.config.ts
• /src/node_modules/hardhat/internal/core/config/config-loading.js
• /src/node_modules/hardhat/internal/cli/cli.js
  at Function.Module._resolveFilename (internal/modules/cjs/loader.js:880:15)
  at Function.Module._load (internal/modules/cjs/loader.js:725:27)
  at Module.require (internal/modules/cjs/loader.js:952:19)
  at require (internal/modules/cjs/helpers.js:88:18)
  at Object. (/src/helpers/contracts-getters.ts:1:1)
  at Module._compile (internal/modules/cjs/loader.js:1063:30)
  at Module.m._compile (/src/node_modules/ts-node/src/index.ts:858:23)
  at Module._extensions..js (internal/modules/cjs/loader.js:1092:10)
  at Object.require.extensions. [as .ts] (/src/node_modules/ts-node/src/index.ts:861:12)
  at Module.load (internal/modules/cjs/loader.js:928:32) {
  code: 'MODULE_NOT_FOUND',
  requireStack: [
  '/src/helpers/contracts-getters.ts',
  '/src/helpers/contracts-helpers.ts',
  '/src/tasks/misc/initialize-tokens.ts',
  '/src/hardhat.config.ts',
  '/src/node_modules/hardhat/internal/core/config/config-loading.js',
  '/src/node_modules/hardhat/internal/cli/cli.js'
  ]
  }
  `

and I look at in helper folder, it's missing lots of things, maybe you forgot the "types" folder ?

Hello, I am trying to read the source code of aave version 2 and I came across an interface /contracts/interface/IAaveIncentivesController.sol, but I can't find the specific implementation of this interface, how can I find it?

Currently there is no way to differentiate which markets are or are not covered by the stkAAVE safety module.

This is a problem because control over stkAAVE is held by the long executor, whereas control over new markets is held by the short executor. This results in the short executor being potentially able to indirectly affect stkAAVE.

Furthermore, an on-chain system to keep track of markets and whether they are covered by the safety module would prevent ambiguity in case of a shortfall event, we would clearly know which markets are or are not covered.

Lastly, this would also allow new uninsured markets to be created as normal, while still allowing governance to choose if/when to ensure the given market.

Currently the implementation is not certain but @ernesto-usal and I are thinking of another on-chain registry similar to the LendingPoolAddressesProviderRegistry but for insured markets.

Liquidations require a big overhaul. It's clear from monitoring the liquidations that:

1. only liquidating half of the debt is problematic with smaller loans
2. liquidation function is too gas intensive

The implementation can be improved doing the following:

1. reduce all the overhead caused by the calculation of the exact amounts to liquidate and repay. Expect as input parameters from the function caller the exact amount of principal and collateral to be liquidated, validate and revert if the amounts are incorrect
2. Allow full liquidations of positions (no 50% debt enforcement) if the health factor of the position is below 0.9.

I am creating a smart contract that has to use the AAVE lending pool feature. And hence, I need to call LendingPool from my solidity-based smart contract.

My plan is:

• writing my smart contract in the contracts directory of protocol-v2
• import LendingPool.sol & LendingPoolProvider.sol in my contract
• Use the redeem()... & other stuff
• Compile & Deploy

Is there any other simpler way of doing this?

@mrdavey

Hi, I read the doc of interest rate model doc and met some confusion.

• There are many const parameters like Uoptimal, Base, Slope 1, Slope 2. How to sure their value and how to adapt them if something changes. Who decides the old parameters and who decides the new parameters. The doc link is below
  https://docs.aave.com/risk/liquidity-risk/borrow-interest-rate#model-parameters

• the loan to value (LTV) and liquidation threshold also confuses me, if you can tell me that I will appreciate it.
  https://docs.aave.com/risk/asset-risk/risk-parameters#loan-to-value

Force execution of the CI pipeline for all the branches/PRs

No value is assigned to rateMode before using rateMode, which means
rateMode == 0, so I think this condition may never be executed

Lot of common data is fetched in updateState(), _mintToTreasury() and updateInterestRates(). Introduce a StateCachingHelper library to fetch and store the cache in a memory struct, to be shared between these functions.

Hi,
Everything is working fine. But the issue is, during full migration on kovan network, the authorizeWETHGateway(gateWay, lendingPoolAddress); method is throwing exception on the Initialize Lending Pool (last) step.

The error message is : ProviderError: The execution failed due to an exception.

Please look into this. Thanks in advance.

Problem

It is stated in the doc that we can retrieve the underlying asset of a aToken by doing aToken.UNDERLYING_ASSET_ADDRESS() => https://docs.aave.com/developers/the-core-protocol/atokens#underlying_asset_address
Sadly, this method isn't present in the interface so if we just import the interface in our Solidity code by doing import "@aave/protocol-v2/contracts/interfaces/IAToken.sol"; we won't have access to UNDERLYING_ASSET_ADDRESS function.
We can of course declare our own interface and extend the original interface but it would be best to only have to import the original interface.

Solution

Add function UNDERLYING_ASSET_ADDRESS() external view returns (address); to https://github.com/aave/protocol-v2/blob/master/contracts/interfaces/IAToken.sol

For protocol 2.5, there needs to be the possibility of depositing and repaying using the permit function, to avoid the approve/transfer pattern which brings additional gas cost for the users.

Currently the EIP 2612 is supported by the following tokens:

• DAI
• USDC
• AAVE
• UNI

$ npm i
npm ERR! code ENOLOCAL
npm ERR! Could not install from "node_modules/ganache-core/node_modules/web3-provider-engine/node_modules/eth-sig-util/ethereumjs-abi@git+https:/github.com/ethereumjs/ethereumjs-abi.git" as it does not contain a package.json file.

npm ERR! A complete log of this run can be found in:
npm ERR!     /Users/pro/.npm/_logs/2021-03-21T16_39_20_923Z-debug.log

I wanted to test how aave is working on dev mode, and it failed on npm install step. Anyone met same issue ?

The Hardhat console is imported in DefaultReserveInterestRateStrategy.sol and should just be removed.

The LendingPoolConfigurator has two priviledged roles - poolAdmin and emergencyAdmin. The PoolAdmin has the ability of listing new assets, freezing reserves, changing the risk parameters. The emergencyAdmin can pause the whole protocol for a global shutdown. A third role needs to be added, riskAdmin. The risk admin can:

• enable or disable a currency for borrowing
• set interest rate strategies
• configure the caps (borrow caps, supply caps, exposure ceiling)
• configure the risk parameters (ltv, liq threshold, bonus)
• configure the reserve factor

The risk admins are handled as a mapping of addresses, so that multiple entities in the Aave ecosystem can be whitelisted to handle risk without the necessity of gov proposals