TRST audit fixes for HorizonStaking contract

packages/horizon/contracts/interfaces/internal/IHorizonStakingBase.sol

@@ -24,6 +24,11 @@ interface IHorizonStakingBase {
      */
     event StakeDeposited(address indexed serviceProvider, uint256 tokens);
 
+    /**
+     * @notice Thrown when using an invalid thaw request type.
+     */
+    error HorizonStakingInvalidThawRequestType();
+
     /**
      * @notice Gets the details of a service provider.
      * @param serviceProvider The address of the service provider.
@@ -134,34 +139,46 @@ interface IHorizonStakingBase {
 
     /**
      * @notice Gets a thaw request.
+     * @param thawRequestType The type of thaw request.
      * @param thawRequestId The id of the thaw request.
      * @return The thaw request details.
      */
-    function getThawRequest(bytes32 thawRequestId) external view returns (IHorizonStakingTypes.ThawRequest memory);
+    function getThawRequest(
+        IHorizonStakingTypes.ThawRequestType thawRequestType,
+        bytes32 thawRequestId
+    ) external view returns (IHorizonStakingTypes.ThawRequest memory);
 
     /**
      * @notice Gets the metadata of a thaw request list.
      * Service provider and delegators each have their own thaw request list per provision.
      * Metadata includes the head and tail of the list, plus the total number of thaw requests.
+     * @param thawRequestType The type of thaw request.
      * @param serviceProvider The address of the service provider.
      * @param verifier The address of the verifier.
      * @param owner The owner of the thaw requests. Use either the service provider or delegator address.
      * @return The thaw requests list metadata.
      */
     function getThawRequestList(
+        IHorizonStakingTypes.ThawRequestType thawRequestType,
         address serviceProvider,
         address verifier,
         address owner
     ) external view returns (LinkedList.List memory);
 
     /**
      * @notice Gets the amount of thawed tokens for a given provision.
+     * @param thawRequestType The type of thaw request.
      * @param serviceProvider The address of the service provider.
      * @param verifier The address of the verifier.
      * @param owner The owner of the thaw requests. Use either the service provider or delegator address.
      * @return The amount of thawed tokens.
      */
-    function getThawedTokens(address serviceProvider, address verifier, address owner) external view returns (uint256);
+    function getThawedTokens(
+        IHorizonStakingTypes.ThawRequestType thawRequestType,
+        address serviceProvider,
+        address verifier,
+        address owner
+    ) external view returns (uint256);
 
     /**
      * @notice Gets the maximum allowed thawing period for a provision.

packages/horizon/contracts/interfaces/internal/IHorizonStakingExtension.sol

@@ -77,6 +77,17 @@ interface IHorizonStakingExtension is IRewardsIssuer {
         uint256 delegationRewards
     );
 
+    /**
+     * @dev Emitted when `indexer` was slashed for a total of `tokens` amount.
+     * Tracks `reward` amount of tokens given to `beneficiary`.
+     */
+    event StakeSlashed(address indexed indexer, uint256 tokens, uint256 reward, address beneficiary);
+
+    /**
+     * @dev Emitted when `delegator` withdrew delegated `tokens` from `indexer` using `legacyWithdrawDelegated`.
+     */
+    event StakeDelegatedWithdrawn(address indexed indexer, address indexed delegator, uint256 tokens);
+
     /**
      * @notice Close an allocation and free the staked tokens.
      * To be eligible for rewards a proof of indexing must be presented.
@@ -148,4 +159,23 @@ interface IHorizonStakingExtension is IRewardsIssuer {
      */
     // solhint-disable-next-line func-name-mixedcase
     function __DEPRECATED_getThawingPeriod() external view returns (uint64);
+
+    /**
+     * @notice Slash the indexer stake. Delegated tokens are not subject to slashing.
+     * @dev Can only be called by the slasher role.
+     * @param indexer Address of indexer to slash
+     * @param tokens Amount of tokens to slash from the indexer stake
+     * @param reward Amount of reward tokens to send to a beneficiary
+     * @param beneficiary Address of a beneficiary to receive a reward for the slashing
+     */
+    function legacySlash(address indexer, uint256 tokens, uint256 reward, address beneficiary) external;
+
+    /**
+     * @notice Withdraw undelegated tokens once the unbonding period has passed.
+     * @param _indexer Withdraw available tokens delegated to indexer
+     */
+    function legacyWithdrawDelegated(
+        address _indexer,
+        address /* _newIndexer, deprecated */
+    ) external returns (uint256);
 }

packages/horizon/contracts/interfaces/internal/IHorizonStakingMain.sol

@@ -303,9 +303,8 @@ interface IHorizonStakingMain {
 
     /**
      * @notice Emitted when the delegation slashing global flag is set.
-     * @param enabled Whether delegation slashing is enabled or disabled.
      */
-    event DelegationSlashingEnabled(bool enabled);
+    event DelegationSlashingEnabled();
 
     // -- Errors: tokens
 
@@ -515,6 +514,8 @@ interface IHorizonStakingMain {
      * - During the transition period it's locked for a period of time before it can be withdrawn
      *   by calling {withdraw}.
      * - After the transition period it's immediately withdrawn.
+     * Note that after the transition period if there are tokens still locked they will have to be
+     * withdrawn by calling {withdraw}.
      * @dev Requirements:
      * - `_tokens` cannot be zero.
      * - `_serviceProvider` must have enough idle stake to cover the staking amount and any
@@ -747,7 +748,7 @@ interface IHorizonStakingMain {
      * @param beneficiary The address where the tokens will be withdrawn after thawing
      * @return The ID of the thaw request
      */
-    function undelegate(
+    function undelegateWithBeneficiary(
         address serviceProvider,
         address verifier,
         uint256 shares,
@@ -772,6 +773,28 @@ interface IHorizonStakingMain {
      */
     function withdrawDelegated(address serviceProvider, address verifier, uint256 nThawRequests) external;
 
+    /**
+     * @notice Withdraw undelegated with beneficiary tokens from a provision after thawing.
+     * @dev The parameter `nThawRequests` can be set to a non zero value to fulfill a specific number of thaw
+     * requests in the event that fulfilling all of them results in a gas limit error.
+     * @dev If the delegation pool was completely slashed before withdrawing, calling this function will fulfill
+     * the thaw requests with an amount equal to zero.
+     *
+     * Requirements:
+     * - Must have previously initiated a thaw request using {undelegateWithBeneficiary}.
+     *
+     * Emits {ThawRequestFulfilled}, {ThawRequestsFulfilled} and {DelegatedTokensWithdrawn} events.
+     *
+     * @param serviceProvider The service provider address
+     * @param verifier The verifier address
+     * @param nThawRequests The number of thaw requests to fulfill. Set to 0 to fulfill all thaw requests.
+     */
+    function withdrawDelegatedWithBeneficiary(
+        address serviceProvider,
+        address verifier,
+        uint256 nThawRequests
+    ) external;
+
     /**
      * @notice Re-delegate undelegated tokens from a provision after thawing to a `newServiceProvider` and `newVerifier`.
      * @dev The parameter `nThawRequests` can be set to a non zero value to fulfill a specific number of thaw

packages/horizon/contracts/interfaces/internal/IHorizonStakingTypes.sol

@@ -131,6 +131,17 @@ interface IHorizonStakingTypes {
         uint256 __DEPRECATED_tokensLockedUntil;
     }
 
+    /**
+     * @dev Enum to specify the type of thaw request.
+     * @param Provision Represents a thaw request for a provision.
+     * @param Delegation Represents a thaw request for a delegation.
+     */
+    enum ThawRequestType {
+        Provision,
+        Delegation,
+        DelegationWithBeneficiary
+    }
+
     /**
      * @notice Details of a stake thawing operation.
      * @dev ThawRequests are stored in linked lists by service provider/delegator,
@@ -146,4 +157,26 @@ interface IHorizonStakingTypes {
         // Used to invalidate unfulfilled thaw requests
         uint256 thawingNonce;
     }
+
+    /**
+     * @notice Parameters to fulfill thaw requests.
+     * @param requestType The type of thaw request (Provision or Delegation)
+     * @param serviceProvider The address of the service provider
+     * @param verifier The address of the verifier
+     * @param owner The address of the owner of the thaw request
+     * @param tokensThawing The current amount of tokens already thawing
+     * @param sharesThawing The current amount of shares already thawing
+     * @param nThawRequests The number of thaw requests to fulfill. If set to 0, all thaw requests are fulfilled.
+     * @param thawingNonce The current valid thawing nonce. Any thaw request with a different nonce is invalid and should be ignored.
+     */
+    struct FulfillThawRequestsParams {
+        ThawRequestType requestType;
+        address serviceProvider;
+        address verifier;
+        address owner;
+        uint256 tokensThawing;
+        uint256 sharesThawing;
+        uint256 nThawRequests;
+        uint256 thawingNonce;
+    }
 }