Following Spearbit’s recommendation, Morpho Labs proposes to upgrade both Morpho and Lens contracts to:
- Make contracts more maintainable and resilient.
- Prevent the deprecation of a market if it hasn’t been paused earlier.
- Deprecate pool rewards on Morpho-AaveV2 since no rewards are planned on Aave V2, and Aave V3 is to be deployed on mainnet. The unnecessary logic is removed and thus saves gas.
- Update Lenses to reflect changes and fix specific getters (
Remove the useless function
Eliminate cumbersome code duplication by implementing shared interest rates logic between Morpho’s
The Morpho Labs team proposes to upgrade the vaults to:
Make vaults more gas efficient. Some variables will be set to
immutableto avoid reading the storage at each interaction with a vault.
Make the redistribution of rewards more secure and maintainable. After this upgrade, the DAO would no longer need to specify the amount and the recipient to transfer $MORPHO rewards from a vault to the vault rewards distributor. The recipient of the rewards will be set, at construction time, to the vault rewards distributor. All $MORPHO tokens held in a vault can be then transferred to the rewards distributor through a public function
transferRewardsto the recipient. The DAO’s multisig can still trigger the function, but any EOA can also trigger it to accelerate the process.
As always, security is a principal concern for the Morpho Labs team. Below are the measures that have been or will be taken:
- The PR of the Morpho contracts will be reviewed by Spearbit.
- The PR of the vaults’ upgrade will be reviewed by Pessimistic.
- Production tests have been run to test both upgrades.
- Our CI tool has been run to check any storage clashes introduced by upgrades.
- For the upgrade process, the upgrade checklist will be followed.
The upgrade will only happen once the audits have been performed and a delay modifier is added to the DAO multisig. This delay adds 24 hours between the moment a tx is submitted to the DAO multisig and the moment it can be executed.
- Deploy implementation contracts with an EOA.
- Upgrade contracts with the DAO multisig and set the correct new contracts to Morpho’s storage.
- Deploy the SupplyVault implementations for Morpho-Aave and Morpho-Compound (2 contracts to deploy).
- Upgrade all vaults proxy to point to the correct implementation.