Welcome to another installment of RWG: Behind the Scenes! Today, we’re excited to pull back the curtain on a framework we’ve recently developed that encompasses much of our risk management work: the Contract Ledger. While governance proposals and parameter optimizations often take center stage, this new tool helps us maintain a comprehensive overview of Inverse Finance’s smart contract ecosystem in ways that weren’t previously possible. Let’s dive into how this works and why it matters for protocol health and security.
The Challenge of Contract Complexity
As Inverse Finance has grown, so too has our network of smart contracts. From FiRM markets and associated helpers and price feeds to DOLA Fed facilities, our ecosystem now comprises dozens of interconnected contracts across multiple chains, creating a web of dependencies that has become increasingly difficult to track manually. This complexity manifests in numerous challenges: tracking dependencies between contracts, distinguishing active from deprecated contracts, identifying all potentially affected components when a product needs updating thus a contract redeployment, and ensuring proper auditing across our entire infrastructure.
The Contract Ledger: A Single Source of Truth
We recently created the Contract Ledger as a direct response to these challenges, designing it as a master spreadsheet with a central “Ledger” sheet that catalogs essential metadata for each smart contract in the Inverse Finance ecosystem. This includes contract name and address, deployment chain, associated product, contract type and status, dependencies and governance control relationships, and deployment date and audit status. The “Ledger” sheet is supported by the “priceFeed Data” sheet which separately catalogs parameters for all FiRM markets including heartbeat intervals for both primary and secondary feeds, staleness thresholds, Chainlink feed heartbeats, fallback feed heartbeats, deviation triggers (the percentage change that automatically triggers a price update), and risk tier classifications. Together, they act as our single source of truth.
With this, we’ve leveraged Anthropic’s AI assistant Claude to transform raw contract data into actionable insights through automatically-generated specialized views. We’re looking to expand these automation capabilities to other risk frameworks, finding that AI tools accelerate development significantly while allowing the RWG to maintain focus on where human expertise is necessary.
Specialized Views: Turning Data Into Insight
Though still in its v1.0 stage, this framework already provides immediate practical benefits that enhance our risk management capabilities from day one.
-
The Scope List view offers an immediate visual breakdown of contracts by status, helping us maintain clean bug bounty scope lists and more easily phase out deprecated contracts.
-
The Audit Tracker view provides a systematic approach to tracking the audit status of all contracts, helping us identify which contracts have been audited and by whom, flag contracts still needing audits, and monitor overall audit coverage across our protocol.
-
The Access Control view provides insights into governance control patterns across our protocol, helping us understand which entities control the most contracts and how control is distributed across different products.
-
The Dependencies View maps the complex web of relationships between contracts, allowing us to search for any contract and see what it depends on, identify what other contracts it controls, and highlight the most critical contracts based on dependency count.
-
The Heartbeat Monitor allows us to visualize the distribution of oracle heartbeats across risk tiers, identify potential staleness risks in price feeds, and analyze the relationship between feed types and deviation triggers, providing a comprehensive view of our price feed infrastructure and its associated risks.
-
The Market-Contract Map creates a bridge between FiRM markets and their underlying contracts, allowing us to instantly search for any market and view its associated contract infrastructure including feed type and heartbeat metrics.
Why This Matters and Looking Ahead
While the Contract Ledger may seem like a “vanilla” operational tool, its impact on protocol security and efficiency can be substantial, helping us reduce risk by mapping dependencies and highlighting critical contracts, improve governance through clear visibility into contract relationships, enhance security via comprehensive audit tracking, boost operational efficiency through automated views and relationship mapping, and preserve institutional knowledge about contract relationships and history even as team members change.
The Contract Ledger is designed as a living framework that will evolve alongside our protocol, integrating with other risk management tools we’ve developed, including the Proof-of-Review system for governance proposals, Risk Observer Checklist for weekly health monitoring, Risk Assessments for FiRM collateral and/or partner onboarding and Collateral Parameterization models for market optimization, to name a few. We hope this glimpse into our latest internal tool provides insight into the care and attention given to maintaining protocol health and security.
Catch you next time!