docs: add README — contracts, architecture, trust model #2
There are no files selected for viewing
This file contains hidden or bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| Original file line number | Diff line number | Diff line change |
|---|---|---|
| @@ -0,0 +1,85 @@ | ||
| # StackIt Smart Contracts | ||
|
|
||
| Open-source smart contracts powering the StackIt treasury and liquidation protection system on Arbitrum. | ||
|
|
||
| --- | ||
|
|
||
| ## Contracts | ||
|
|
||
| ### `Stack.sol` | ||
| The main registry contract. Creates and tracks user wallets, manages token allowlists, and controls the system's swapper and pool addresses. | ||
|
|
||
| - Deploys a new `Wallet` proxy for each user | ||
| - Maintains the list of supported tokens (BTC, ETH, USDC) | ||
| - Controls access roles (owner, operators) | ||
|
|
||
| ### `Wallet.sol` | ||
| A minimal proxy contract created per user. Delegates all logic calls to `WalletImplementation.sol`. Each user owns exactly one wallet — nobody else can touch it. | ||
|
|
||
| ### `WalletImplementation.sol` | ||
| The core logic contract. Handles all treasury operations: | ||
|
|
||
| - **Deposit** — accepts USDC and allocates to BTC/ETH via Aave | ||
| - **Borrow** — borrows USDC against BTC/ETH collateral, enforcing LTV safety limits | ||
| - **Repay** — repays outstanding debt to restore health factor | ||
| - **Liquidation protection** — automatically repays debt using collateral when health factor approaches unsafe levels, using flash loans to re-leverage as markets recover | ||
|
|
||
| **Key on-chain safety rules enforced by this contract:** | ||
| - Health factor cannot drop below the configured minimum after a borrow | ||
| - Per-transaction and daily borrow caps enforced on-chain | ||
| - Nonce replay prevention — transactions cannot be replayed | ||
| - Cooldown period between executions | ||
| - Only the wallet owner can authorize transactions — StackIt never holds or controls user keys | ||
|
|
||
| --- | ||
|
|
||
| ## Architecture | ||
|
|
||
| ``` | ||
| User Wallet (EOA) | ||
| │ | ||
| └── Wallet.sol (proxy, per user) | ||
| │ | ||
| └── WalletImplementation.sol (logic) | ||
| │ | ||
| ├── Aave (lending/borrowing) | ||
| ├── Uniswap V2 (swaps) | ||
| └── Stack.sol (registry + access control) | ||
| ``` | ||
|
|
||
| **Custody model:** StackIt uses a wallet-sovereign architecture. The system constructs and simulates transactions, but returns them **unsigned** to the user (or agent). The user signs and submits. StackIt never holds private keys. | ||
|
|
||
| --- | ||
|
|
||
| ## Deployment | ||
|
|
||
| Deployed on **Arbitrum One**. | ||
|
|
||
| | Contract | Address | | ||
| |----------|---------| | ||
| | Stack.sol | *(add Arbiscan link)* | | ||
| | WalletImplementation.sol | *(add Arbiscan link)* | | ||
|
Comment on lines
+58
to
+61
There was a problem hiding this comment. Replace the deployment placeholders before merge. This README frames the contracts as the trust layer, so shipping it without the actual Arbitrum addresses blocks readers from verifying what is deployed. 🤖 Prompt for AI Agents |
||
|
|
||
| --- | ||
|
|
||
| ## Open Source Scope | ||
|
|
||
| The smart contracts — where your funds actually move — are fully open source and auditable here. | ||
|
|
||
| The liquidation protection rules engine and backend orchestration are proprietary. This is by design: the on-chain contracts are the trust layer. You can verify that your funds only move with your wallet's authorization, health factor limits are enforced on-chain, and no transaction can be replayed or front-run by the system. | ||
|
|
||
| --- | ||
|
|
||
| ## Development | ||
|
|
||
| ```bash | ||
| yarn install | ||
| yarn hardhat compile | ||
| yarn hardhat test | ||
| ``` | ||
|
|
||
| --- | ||
|
|
||
| ## License | ||
|
|
||
| GPL-3.0 | ||
Add this suggestion to a batch that can be applied as a single commit.
This suggestion is invalid because no changes were made to the code.
Suggestions cannot be applied while the pull request is closed.
Suggestions cannot be applied while viewing a subset of changes.
Only one suggestion per line can be applied in a batch.
Add this suggestion to a batch that can be applied as a single commit.
Applying suggestions on deleted lines is not supported.
You must change the existing code in this line in order to create a valid suggestion.
Outdated suggestions cannot be applied.
This suggestion has been applied or marked resolved.
Suggestions cannot be applied from pending reviews.
Suggestions cannot be applied on multi-line comments.
Suggestions cannot be applied while the pull request is queued to merge.
Suggestion cannot be applied right now. Please check back later.
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
Add a language tag to the architecture fence.
markdownlintwill keep flagging this block until the fence is annotated.textis enough if you just want a plaintext diagram.Suggested fix
🧰 Tools
🪛 markdownlint-cli2 (0.21.0)
[warning] 38-38: Fenced code blocks should have a language specified
(MD040, fenced-code-language)
🤖 Prompt for AI Agents