Update to Pectra-Compliant FiRM Borrow Controller

Summary

This proposal seeks to update the FiRM Borrow Controller across all active markets to a newly-deployed, Pectra-compliant version, addressing security risks introduced by EIP-7702. The upgrade ensures continued protection against flash loan exploits, reentrancy, and atomic transaction manipulations, while maintaining all previously implemented risk controls such as the rolling 24-hour borrow limit and daily borrow caps.

Background

The borrow controller in FiRM plays a crucial role in risk management, ensuring that borrowing transactions comply with security measures such as:

  • Daily Borrow Limits: Preventing excessive borrowing and reducing exposure in case of an exploit.
  • Smart Contract Verification: Restricting borrowing from unauthorized smart contracts to mitigate risk.
  • Rolling 24-Hour Borrow Limit: Preventing exploitative behaviors related to fixed-time resets.

However, with the first phase of the Pectra hard fork scheduled for mid-March 2025, Ethereum’s EIP-7702 introduces the ability for EOAs (externally owned accounts) to delegate execution to smart contracts, effectively bypassing FiRM’s existing protections against flash loans and reentrancy attacks.

To mitigate these risks, the new borrow controller enforces a stricter validation, combining tx.origin == msg.sender with msg.sender.code.length == 0 to ensure that the caller is not a delegated smart contract. In doing so, it ensures full compatibility with the Pectra hard fork, maintaining security without sacrificing user experience.

The new borrow controller has been rigorously tested on the Prague EVM and reviewed by 3rd parties, both of which confirm it correctly blocks unauthorized delegated transactions while maintaining expected protocol functionality.

Implementation Plan

This proposal will standardize the borrow controller across all active markets, eliminating existing discrepancies and bringing the rolling 24-hour borrow limit to all markets. All previously whitelisted addresses as well as market-specific daily borrow limits, staleness thresholds, and min debts will need to be set. As such with 31 live markets, this will require over 100 on-chain actions. As each proposal is limited to 20 on-chain actions, this will be spread out across 7 proposals.

On-Chain Actions

  1. Add the new borrow controller as a FiRM minter
  2. Allow all previously approved smart contracts on the new borrow controller:
  1. Set the Borrow Controller and Inherit All Existing Borrow Parameters for the following FiRM Markets:
  • INV, cvxCRV, sUSDe, st-yETH, CVX, stETH, wstETH, st-yCRV, wBTC, wETH, cbBTC, CRV, DAI, sFRAX, COMP
  • deUSD/DOLA, sUSDS/DOLA, sUSDe/DOLA, scrvUSD/DOLA, crvUSD/DOLA, scrvUSD/sDOLA, DOLA/USR
  • yv-deUSD/DOLA, yv-sUSDS/DOLA, yv-scrvUSD/DOLA, yv-sUSDe/DOLA, yv-crvUSD/DOLA, yv-scrvUSD/sDOLA, yv-DOLA/USR
  • PT-sUSDe-27MAR25, PT-sUSDe-29MAY25