WOETH: Withdraw OETH in surplus.

[clement-ux]

Allow the governor to withdraw the OETH that has been sent in surplus to the wrapper.

Code Change Checklist

To be completed before internal review begins:

• The contract code is complete
• Executable deployment file
• Fork tests that test after the deployment file runs
• Unit tests *if needed
• The owner has done a full checklist review of the code + tests

Internal review:

• Two approvals by internal reviewers

Deploy checklist

Two reviewers complete the following checklist:

- [ ] All deployed contracts are listed in the deploy PR's description
- [ ] Deployed contract's verified code (and all dependencies) match the code in master
- [ ] The transactions that interacted with the newly deployed contract match the deploy script.
- [ ] Governance proposal matches the deploy script
- [ ] Smoke tests pass after fork test execution of the governance proposal

[github-actions]

	Warnings
⚠️	👀 This PR needs at least 2 reviewers

Generated by 🚫 dangerJS against 4a12161

[codecov]

Codecov Report

All modified and coverable lines are covered by tests ✅

Project coverage is 62.78%. Comparing base (56d0b7d) to head (4a12161).

Additional details and impacted files

@@                       Coverage Diff                       @@
##           sparrowDom/woeth_hack_proof    #2119      +/-   ##
===============================================================
+ Coverage                        62.76%   62.78%   +0.02%     
===============================================================
  Files                               66       66              
  Lines                             3373     3375       +2     
  Branches                           657      873     +216     
===============================================================
+ Hits                              2117     2119       +2     
  Misses                            1253     1253              
  Partials                             3        3              

☔ View full report in Codecov by Sentry.
📢 Have feedback on the report? Share it here.

[openzeppelin-code]

WOETH: Withdraw OETH in surplus.

Generated at commit: 4a12161fc17ec2526251b09eec9dc4c43d147f23

🚨 Report Summary

	Severity Level	Results
Contracts	Critical High Medium Low Note Total	3 3 0 18 42 66
Dependencies	Critical High Medium Low Note Total	0 0 0 0 0 0

---

For more details view the full report in OpenZeppelin Code Inspector

[shahthepro]

On a quick look, I'm a bit lost here. OETH is a rebasing token. wOETH's appreciation comes from the OETH yields (which are distributed during rebases with increasing balances). Won't this forgo all unrealized yields as well?

[shahthepro]

Looks like it has an internal log of oethCredits (updating during wrap and unwrap) but let me check

[sparrowDom]

With WOETH ignore donations PR WOETH keeps the balance of the internal credits (of the OETH token) that change on mint, deposit, redeem, withdraw.

I think this approach is mathematically correct since the surplus figures out the difference between WOETH internal credits amount and OETH internal credits (for WOETH contract) multiplied by the credits per token - in other words operating with OETH token amounts.

Surplus could also be calculated using another approach by finding the difference of internal credits tracked by WOETH and OETH and then multiplying it by the current credits per token ( to arrive to the OETH token surplus amount).

I think in either of the approaches the un-realized rebase yields aren't left on the table, since as long as we do the correct math on the underlying credits per token. The rebase will take care of correct yield distribution.

[sparrowDom]

Still a spot on comment @shahthepro 🙏 These are the sort of checks we need to make to be sure the math works correctly.

We could add a test for this @clement-ux, where:

• WOETH has initial supply of 100 OETH
• 2 OETH are transferred to the WOETH contract
• OETH rebases (say increases balance of OETH on WOETH contract by x2)
• governor should be able to transfer out 4 OETH and no more

[shahthepro]

Thanks for the detailed explanation. Will check both PRs today to get more clarity on this.

Yeah, totally agree that we should be having unit and fork tests with different scenarios involving donations and rebases.

[clement-ux]

I've added the test that @sparrowDom suggested in this commit and it passes.

[clement-ux]

Surplus could also be calculated using another approach by finding the difference of internal credits tracked by WOETH and OETH and then multiplying it by the current credits per token ( to arrive to the OETH token surplus amount).

Do you mean dividing instead of multiplying maybe?

An implementation could look something like this:

(uint256 creditsBalanceHighres, uint256 creditsPerTokenHighres, ) = OETH(asset()).creditsBalanceOfHighres(address(this));
uint256 surplus = (creditsBalanceHighres - oethCreditsHighres).divPrecisely(creditsPerTokenHighres);

This could consume less gas but can lead to rounding issues IMO. But as you already mentioned, I don't think it is important enough to increase complexity.

[sparrowDom]

nice catch 👍

[sparrowDom]

Left a couple of comments, some minor changes and this PR is good to go.

Great job with it @clement-ux 🙏

[sparrowDom]

LGTM