feat: add SlashingWithdrawalRouter (#5)

* wip

* wip

* feat: add `SlashingWithdrawalRouter`

* perf: optimize `Pausable` for codesize

* chore: renaming

* refactor: use `Pauseable` instead of OZ `AccessControl`

* perf: reduce `Pauseble` codesize

* refactor: arrayified inputs

* wip

* refactor: make struct params arrays

* fix: remove unused import

* refactor: `redistributionRecipient` == `releaser`

* refactor: cleanup

* wip

* wip

* refactor: cleanup

* refactor: remove uneeded code

* refactor: remove unused error

* wip

* refactor: review changes

* feat: add `getPendingSlashIdsForOperatorSet`

* test: wip

* test: wip

* test: wip

* doc: todos

* test: wip

* refactor: iterate in reverse order to avoid skipping elements

* test: passing

* feat: add `getPendingBurnOrRedistributions` nested alias

* chore: renaming

* fix: update gap

* fix: dm mock

* feat: full introspection

* fix: `pendingOperatorSets` removal

* fix: update visibility

* feat: add delay logic

* fix: enforce minimum delay

* refactor: review changes

* refactor: remove `_checkBurnOrRedistributionDelay`

* fix: gap

* nit: natspec style

* refactor: update headers

* refactor: review changes

Author: 0xClandestine

script/deploy/devnet/deploy_from_scratch.s.sol

@@ -14,7 +14,7 @@ import "../../../src/contracts/core/AVSDirectory.sol";
 import "../../../src/contracts/core/RewardsCoordinator.sol";
 import "../../../src/contracts/core/AllocationManager.sol";
 import "../../../src/contracts/permissions/PermissionController.sol";
-
+import "../../../src/contracts/core/SlashingWithdrawalRouter.sol";
 import "../../../src/contracts/strategies/StrategyBaseTVLLimits.sol";
 import "../../../src/contracts/strategies/StrategyFactory.sol";
 import "../../../src/contracts/strategies/StrategyBase.sol";
@@ -63,6 +63,8 @@ contract DeployFromScratch is Script, Test {
     AllocationManager public allocationManager;
     PermissionController public permissionController;
     PermissionController public permissionControllerImplementation;
+    SlashingWithdrawalRouter public slashingWithdrawalRouter;
+    SlashingWithdrawalRouter public slashingWithdrawalRouterImplementation;
 
     EmptyContract public emptyContract;
 
@@ -214,6 +216,9 @@ contract DeployFromScratch is Script, Test {
         permissionController = PermissionController(
             address(new TransparentUpgradeableProxy(address(emptyContract), address(eigenLayerProxyAdmin), ""))
         );
+        slashingWithdrawalRouter = SlashingWithdrawalRouter(
+            address(new TransparentUpgradeableProxy(address(emptyContract), address(eigenLayerProxyAdmin), ""))
+        );
 
         // if on mainnet, use the ETH2 deposit contract address
         if (chainId == 1) ethPOSDeposit = IETHPOSDeposit(0x00000000219ab540356cBB839Cbe05303d7705Fa);
@@ -235,7 +240,8 @@ contract DeployFromScratch is Script, Test {
             SEMVER
         );
 
-        strategyManagerImplementation = new StrategyManager(delegation, eigenLayerPauserReg, SEMVER);
+        strategyManagerImplementation =
+            new StrategyManager(delegation, slashingWithdrawalRouter, eigenLayerPauserReg, SEMVER);
         avsDirectoryImplementation = new AVSDirectory(delegation, eigenLayerPauserReg, SEMVER);
         eigenPodManagerImplementation =
             new EigenPodManager(ethPOSDeposit, eigenPodBeacon, delegation, eigenLayerPauserReg, SEMVER);
@@ -264,6 +270,8 @@ contract DeployFromScratch is Script, Test {
         );
         permissionControllerImplementation = new PermissionController(SEMVER);
         strategyFactoryImplementation = new StrategyFactory(strategyManager, eigenLayerPauserReg, SEMVER);
+        slashingWithdrawalRouterImplementation =
+            new SlashingWithdrawalRouter(allocationManager, strategyManager, eigenLayerPauserReg, SEMVER);
 
         // Third, upgrade the proxy contracts to use the correct implementation contracts and initialize them.
         {

script/deploy/local/deploy_from_scratch.slashing.s.sol

@@ -14,6 +14,7 @@ import "../../../src/contracts/core/AVSDirectory.sol";
 import "../../../src/contracts/core/RewardsCoordinator.sol";
 import "../../../src/contracts/core/AllocationManager.sol";
 import "../../../src/contracts/permissions/PermissionController.sol";
+import "../../../src/contracts/core/SlashingWithdrawalRouter.sol";
 
 import "../../../src/contracts/strategies/StrategyBaseTVLLimits.sol";
 
@@ -66,6 +67,8 @@ contract DeployFromScratch is Script, Test {
     AllocationManager public allocationManager;
     PermissionController public permissionControllerImplementation;
     PermissionController public permissionController;
+    SlashingWithdrawalRouter public slashingWithdrawalRouter;
+    SlashingWithdrawalRouter public slashingWithdrawalRouterImplementation;
 
     EmptyContract public emptyContract;
 
@@ -221,6 +224,9 @@ contract DeployFromScratch is Script, Test {
         permissionController = PermissionController(
             address(new TransparentUpgradeableProxy(address(emptyContract), address(eigenLayerProxyAdmin), ""))
         );
+        slashingWithdrawalRouter = SlashingWithdrawalRouter(
+            address(new TransparentUpgradeableProxy(address(emptyContract), address(eigenLayerProxyAdmin), ""))
+        );
 
         // if on mainnet, use the ETH2 deposit contract address
         if (chainId == 1) ethPOSDeposit = IETHPOSDeposit(0x00000000219ab540356cBB839Cbe05303d7705Fa);
@@ -241,7 +247,8 @@ contract DeployFromScratch is Script, Test {
             MIN_WITHDRAWAL_DELAY,
             SEMVER
         );
-        strategyManagerImplementation = new StrategyManager(delegation, eigenLayerPauserReg, SEMVER);
+        strategyManagerImplementation =
+            new StrategyManager(delegation, slashingWithdrawalRouter, eigenLayerPauserReg, SEMVER);
         avsDirectoryImplementation = new AVSDirectory(delegation, eigenLayerPauserReg, SEMVER);
         eigenPodManagerImplementation =
             new EigenPodManager(ethPOSDeposit, eigenPodBeacon, delegation, eigenLayerPauserReg, SEMVER);
@@ -269,6 +276,8 @@ contract DeployFromScratch is Script, Test {
             SEMVER
         );
         permissionControllerImplementation = new PermissionController(SEMVER);
+        slashingWithdrawalRouterImplementation =
+            new SlashingWithdrawalRouter(allocationManager, strategyManager, eigenLayerPauserReg, SEMVER);
 
         // Third, upgrade the proxy contracts to use the correct implementation contracts and initialize them.
         {

script/utils/ExistingDeploymentParser.sol

@@ -11,6 +11,7 @@ import "../../src/contracts/core/AVSDirectory.sol";
 import "../../src/contracts/core/RewardsCoordinator.sol";
 import "../../src/contracts/core/AllocationManager.sol";
 import "../../src/contracts/permissions/PermissionController.sol";
+import "../../src/contracts/core/SlashingWithdrawalRouter.sol";
 
 import "../../src/contracts/strategies/StrategyFactory.sol";
 import "../../src/contracts/strategies/StrategyBase.sol";
@@ -136,6 +137,10 @@ contract ExistingDeploymentParser is Script, Logger {
     StrategyBase public baseStrategyImplementation;
     StrategyBase public strategyFactoryBeaconImplementation;
 
+    /// @dev SlashingWithdrawalRouter
+    SlashingWithdrawalRouter public slashingWithdrawalRouter;
+    SlashingWithdrawalRouter public slashingWithdrawalRouterImplementation;
+
     // Token
     ProxyAdmin public tokenProxyAdmin;
     IEigen public EIGEN;

src/contracts/core/AllocationManager.sol

@@ -21,12 +21,11 @@ contract AllocationManager is
     SemVerMixin
 {
     using DoubleEndedQueue for DoubleEndedQueue.Bytes32Deque;
-    using EnumerableSet for *;
-    using SafeCast for *;
-
     using Snapshots for Snapshots.DefaultWadHistory;
     using OperatorSetLib for OperatorSet;
     using SlashingLib for uint256;
+    using EnumerableSet for *;
+    using SafeCast for *;
 
     /**
      *
@@ -60,8 +59,6 @@ contract AllocationManager is
         _setPausedStatus(initialPausedStatus);
     }
 
-    // TODO: properly return shares slashed
-
     /// @inheritdoc IAllocationManager
     function slashOperator(
         address avs,
@@ -331,8 +328,8 @@ contract AllocationManager is
         // Increment the slash count for the operator set.
         slashId = ++_slashCount[operatorSet.key()];
 
-        // Initialize the shares array.
-        shares = new uint256[](params.strategies.length);
+        uint64[] memory prevMaxMagnitudes = new uint64[](params.strategies.length);
+        uint64[] memory newMaxMagnitudes = new uint64[](params.strategies.length);
 
         // For each strategy in the operator set, slash any existing allocation
         for (uint256 i = 0; i < params.strategies.length; i++) {
@@ -349,9 +346,6 @@ contract AllocationManager is
                 StrategyNotInOperatorSet()
             );
 
-            _burnOrRedistributionBlock[operatorSet.key()][params.strategies[i]][slashId] =
-                uint32(block.number) + BURN_OR_REDISTRIBUTION_DELAY;
-
             // 1. Get the operator's allocation info for the strategy and operator set
             (StrategyInfo memory info, Allocation memory allocation) =
                 _getUpdatedAllocation(params.operator, operatorSet.key(), params.strategies[i]);
@@ -399,17 +393,20 @@ contract AllocationManager is
 
             _updateMaxMagnitude(params.operator, params.strategies[i], info.maxMagnitude);
 
-            // 6. Slash operators shares in the DelegationManager
-            shares[i] = delegation.slashOperatorShares({
-                operator: params.operator,
-                operatorSet: operatorSet,
-                slashId: slashId,
-                strategy: params.strategies[i],
-                prevMaxMagnitude: prevMaxMagnitude,
-                newMaxMagnitude: info.maxMagnitude
-            });
+            prevMaxMagnitudes[i] = prevMaxMagnitude;
+            newMaxMagnitudes[i] = info.maxMagnitude;
         }
 
+        // 6. Slash operators shares in the DelegationManager
+        shares = delegation.slashOperatorShares({
+            operator: params.operator,
+            operatorSet: operatorSet,
+            slashId: slashId,
+            strategies: params.strategies,
+            prevMaxMagnitudes: prevMaxMagnitudes,
+            newMaxMagnitudes: newMaxMagnitudes
+        });
+
         emit OperatorSlashed(params.operator, operatorSet, params.strategies, wadSlashed, params.description);
     }
 
@@ -998,7 +995,7 @@ contract AllocationManager is
     /// @inheritdoc IAllocationManager
     function getRedistributionRecipient(
         OperatorSet memory operatorSet
-    ) external view returns (address) {
+    ) public view returns (address) {
         // Load the redistribution recipient and return it if set, otherwise return the default burn address.
         address redistributionRecipient = _redistributionRecipients[operatorSet.key()];
         return redistributionRecipient == address(0) ? DEFAULT_BURN_ADDRESS : redistributionRecipient;
@@ -1018,15 +1015,6 @@ contract AllocationManager is
         return _slashCount[operatorSet.key()];
     }
 
-    /// @inheritdoc IAllocationManager
-    function getBurnOrRedistributionBlock(
-        OperatorSet memory operatorSet,
-        IStrategy strategy,
-        uint256 slashId
-    ) external view returns (uint32) {
-        return _burnOrRedistributionBlock[operatorSet.key()][strategy][slashId];
-    }
-
     /// @inheritdoc IAllocationManager
     function isOperatorRedistributable(
         address operator

src/contracts/core/AllocationManagerStorage.sol

@@ -6,17 +6,13 @@ import "@openzeppelin/contracts/utils/structs/DoubleEndedQueue.sol";
 
 import "../interfaces/IAllocationManager.sol";
 import "../interfaces/IDelegationManager.sol";
-
 import {Snapshots} from "../libraries/Snapshots.sol";
 
 abstract contract AllocationManagerStorage is IAllocationManager {
     using Snapshots for Snapshots.DefaultWadHistory;
 
     // Constants
 
-    /// @dev The delay before a burn or redistribution can occur, denominated in blocks.
-    uint32 internal constant BURN_OR_REDISTRIBUTION_DELAY = 36_000; // 3.5 days assuming 12s blocks.
-
     /// @dev The default burn address for slashed funds.
     address internal constant DEFAULT_BURN_ADDRESS = 0x00000000000000000000000000000000000E16E4;
 
@@ -112,10 +108,6 @@ abstract contract AllocationManagerStorage is IAllocationManager {
     ///      For non-redistributing or non-existing operator sets, returns `address(0)`.
     mapping(bytes32 operatorSetKey => address redistributionAddr) internal _redistributionRecipients;
 
-    /// @notice Returns the block number a burn or redistribution can occur after a given an operator set, strategy, and slash ID.
-    mapping(bytes32 operatorSetKey => mapping(IStrategy strategy => mapping(uint256 slashId => uint32 blockNumber)))
-        public _burnOrRedistributionBlock;
-
     // Construction
 
     constructor(IDelegationManager _delegation, uint32 _DEALLOCATION_DELAY, uint32 _ALLOCATION_CONFIGURATION_DELAY) {
@@ -129,5 +121,5 @@ abstract contract AllocationManagerStorage is IAllocationManager {
      * variables without shifting down storage in the inheritance chain.
      * See https://docs.openzeppelin.com/contracts/4.x/upgradeable#storage_gaps
      */
-    uint256[33] private __gap;
+    uint256[34] private __gap;
 }

src/contracts/core/DelegationManager.sol

@@ -280,62 +280,18 @@ contract DelegationManager is
     /// @inheritdoc IDelegationManager
     function slashOperatorShares(
         address operator,
-        OperatorSet memory operatorSet,
+        OperatorSet calldata operatorSet,
         uint256 slashId,
-        IStrategy strategy,
-        uint64 prevMaxMagnitude,
-        uint64 newMaxMagnitude
-    ) external onlyAllocationManager nonReentrant returns (uint256) {
-        /// forgefmt: disable-next-item
-        uint256 operatorSharesSlashed = SlashingLib.calcSlashedAmount({
-            operatorShares: operatorShares[operator][strategy],
-            prevMaxMagnitude: prevMaxMagnitude,
-            newMaxMagnitude: newMaxMagnitude
-        });
-
-        uint256 scaledSharesSlashedFromQueue = _getSlashableSharesInQueue({
-            operator: operator,
-            strategy: strategy,
-            prevMaxMagnitude: prevMaxMagnitude,
-            newMaxMagnitude: newMaxMagnitude
-        });
-
-        // Calculate the total deposit shares to burn - slashed operator shares plus still-slashable
-        // shares sitting in the withdrawal queue.
-        uint256 totalDepositSharesToBurn = operatorSharesSlashed + scaledSharesSlashedFromQueue;
-
-        // Remove shares from operator
-        _decreaseDelegation({
-            operator: operator,
-            staker: address(0), // we treat this as a decrease for the 0-staker (only used for events)
-            strategy: strategy,
-            sharesToDecrease: operatorSharesSlashed
-        });
-
-        // Emit event for operator shares being slashed
-        emit OperatorSharesSlashed(operator, strategy, totalDepositSharesToBurn);
-
-        _getShareManager(strategy).increaseBurnableShares(operatorSet, slashId, strategy, totalDepositSharesToBurn);
-
-        IStrategy[] memory singleStrategy = new IStrategy[](1);
-        uint256[] memory singleDepositShares = new uint256[](1);
-        singleStrategy[0] = strategy;
-        singleDepositShares[0] = totalDepositSharesToBurn;
-
-        Withdrawal memory withdrawal = Withdrawal({
-            staker: address(0), // TODO: pass in redistribution recipient in call
-            delegatedTo: address(this),
-            withdrawer: address(0), // We use address(0) as the withdrawer to special case for allowing anybody to complete the withdrawal
-            nonce: slashId,
-            startBlock: uint32(block.number),
-            strategies: singleStrategy,
-            scaledShares: singleDepositShares
-        });
-
-        emit RedistributionQueued(calculateWithdrawalRoot(withdrawal), withdrawal);
-
-        _addWithdrawalToQueue(withdrawal);
-
+        IStrategy[] calldata strategies,
+        uint64[] calldata prevMaxMagnitudes,
+        uint64[] calldata newMaxMagnitudes
+    ) external onlyAllocationManager nonReentrant returns (uint256[] memory totalDepositSharesToBurn) {
+        totalDepositSharesToBurn = new uint256[](strategies.length);
+        for (uint256 i = 0; i < strategies.length; i++) {
+            totalDepositSharesToBurn[i] = _slashOperatorShares(
+                operator, operatorSet, slashId, strategies[i], prevMaxMagnitudes[i], newMaxMagnitudes[i]
+            );
+        }
         return totalDepositSharesToBurn;
     }
 
@@ -717,6 +673,52 @@ contract DelegationManager is
         emit OperatorSharesDecreased(operator, staker, strategy, sharesToDecrease);
     }
 
+    /// @dev Slashes operator shares and queues a redistribution for the slashable shares in the queue.
+    /// See `slashOperatorShares` for more details.
+    function _slashOperatorShares(
+        address operator,
+        OperatorSet memory operatorSet,
+        uint256 slashId,
+        IStrategy strategy,
+        uint64 prevMaxMagnitude,
+        uint64 newMaxMagnitude
+    ) internal returns (uint256 totalDepositSharesToBurn) {
+        // Avoid emitting events if nothing has changed for sanitization.
+        if (prevMaxMagnitude != newMaxMagnitude) {
+            uint256 operatorSharesSlashed = SlashingLib.calcSlashedAmount({
+                operatorShares: operatorShares[operator][strategy],
+                prevMaxMagnitude: prevMaxMagnitude,
+                newMaxMagnitude: newMaxMagnitude
+            });
+
+            uint256 scaledSharesSlashedFromQueue = _getSlashableSharesInQueue({
+                operator: operator,
+                strategy: strategy,
+                prevMaxMagnitude: prevMaxMagnitude,
+                newMaxMagnitude: newMaxMagnitude
+            });
+
+            // Calculate the total deposit shares to burn - slashed operator shares plus still-slashable
+            // shares sitting in the withdrawal queue.
+            totalDepositSharesToBurn = operatorSharesSlashed + scaledSharesSlashedFromQueue;
+
+            // Remove shares from operator
+            _decreaseDelegation({
+                operator: operator,
+                staker: address(0), // we treat this as a decrease for the 0-staker (only used for events)
+                strategy: strategy,
+                sharesToDecrease: operatorSharesSlashed
+            });
+
+            // Emit event for operator shares being slashed
+            emit OperatorSharesSlashed(operator, strategy, totalDepositSharesToBurn);
+
+            _getShareManager(strategy).increaseBurnableShares(operatorSet, slashId, strategy, totalDepositSharesToBurn);
+        }
+
+        return totalDepositSharesToBurn;
+    }
+
     /// @dev If `operator` has configured a `delegationApprover`, check that `signature` and `salt`
     /// are a valid approval for `staker` delegating to `operator`.
     function _checkApproverSignature(