ISLAYRouterSlashingV2
Interface for the slashing functionality in the SatLayer protocol. This interface defines the structure and functions for slashing requests, which are penalties applied to operators for violations or non-compliance. It is designed to be implemented on the SLAYRouter, but separated to allow for clear separation of slashing-related concerns from other router functionality.
Functions
getPendingSlashingRequest
Returns the most recent slashing request initiated by the specified service against the specified operator. If no pending request exists, the returned request will have default values.
function getPendingSlashingRequest(address service, address operator) external view returns (Request memory);Parameters
| Name | Type | Description |
|---|---|---|
service | address | Address of the service that initiated the slashing request. |
operator | address | Address of the operator targeted by the slashing request. |
Returns
| Name | Type | Description |
|---|---|---|
<none> | Request | A Request struct containing the details of the current pending slashing request. |
getPendingSlashingRequestId
Returns the most recent slashing request id initiated by the specified service against the specified operator. If no pending request exists, the returned request id will be empty.
function getPendingSlashingRequestId(address service, address operator) external view returns (bytes32);Parameters
| Name | Type | Description |
|---|---|---|
service | address | Address of the service that initiated the slashing request. |
operator | address | Address of the operator targeted by the slashing request. |
Returns
| Name | Type | Description |
|---|---|---|
<none> | bytes32 | bytes32 The unique identifier for the current pending slashing request. |
getSlashingRequest
Returns the complete details of a slashing request identified by the provided slashId. If no request exists with the given slashId, the returned request will have default values.
function getSlashingRequest(bytes32 slashId) external view returns (Request memory);Parameters
| Name | Type | Description |
|---|---|---|
slashId | bytes32 | The unique identifier for the slashing request to retrieve. |
Returns
| Name | Type | Description |
|---|---|---|
<none> | Request | A Request struct containing the details of the specified slashing request. |
getLockedAssets
Returns an array of LockedAssets structs representing the assets that have been locked as part of the slashing process. This information is only relevant for requests in the Locked status.
function getLockedAssets(bytes32 slashId) external view returns (LockedAssets[] memory);Parameters
| Name | Type | Description |
|---|---|---|
slashId | bytes32 | The unique identifier for the slashing request. |
Returns
| Name | Type | Description |
|---|---|---|
<none> | LockedAssets[] | An array of LockedAssets structs containing information about the locked assets. |
requestSlashing
*Allows a registered service to request a slash of an operator’s staked tokens as a penalty for violations or non-compliance. The slashing request must meet several criteria:
- Only callable by registered services.
- The service must be actively registered with the operator at the specified timestamp.
- The slashing amount (in mbips) must not exceed the maxMbips set by the service.
- The operator must have opted in to slashing at the specified timestamp.
- The timestamp must be within the allowable slashing window (not too old or in the future).
- The service must not have another active slashing request against the same operator.
- The reason provided must not exceed the maximum allowed length (250 characters). When successful, this creates a slashing request with an expiry time based on the resolutionWindow parameter and returns a unique slashing request ID.*
function requestSlashing(Payload calldata payload) external returns (bytes32 slashId);Parameters
| Name | Type | Description |
|---|---|---|
payload | Payload | The slashing request payload containing the operator, mbips, timestamp, and reason. |
Returns
| Name | Type | Description |
|---|---|---|
slashId | bytes32 | The unique identifier for the newly created slashing request. |
lockSlashing
*Initiates the movement of slashed collateral from the operator’s vaults to the router for temporary holding before finalization. This function:
- Moves the calculated portion of the operator’s assets from all their vaults to the router.
- Can only be called after the resolution window has passed and before the request expires.
- Can only be called by the service that initiated the slashing request.
- Changes the request status from Pending to Locked. The amount locked from each vault is calculated based on the mbips value in the request.*
function lockSlashing(bytes32 slashId) external;Parameters
| Name | Type | Description |
|---|---|---|
slashId | bytes32 | The unique identifier for the slashing request to lock. |
finalizeSlashing
*Completes the slashing process by moving the locked assets from the router to the destination address specified in the slashing parameters. This function:
- Can only be called by the service that initiated the slashing request.
- Can only be executed if the request is in the Locked status.
- Requires prior approval from the guardrail.
- Changes the request status from Locked to Finalized. After finalization, the slashing process is complete and cannot be reversed.*
function finalizeSlashing(bytes32 slashId) external;Parameters
| Name | Type | Description |
|---|---|---|
slashId | bytes32 | The unique identifier for the slashing request to finalize. |
guardrailApprove
*Allows the designated guardrail address to approve or reject a slashing request before it can be finalized. This function:
- Can only be called by the designated guardrail address.
- Can only be called once per slashing request.
- Does not check the status of the request (this will be checked during finalization).
- Records the approval decision for later verification during finalization. The guardrail serves as an additional security mechanism to prevent unauthorized slashing. note: on rejection, the locked funds will not be returned to the vault due to the nature of rebasing that will cause losses to the stakers. During slashing, assets will be locked in the router which will impact the exchange rate of the vaults. If funds are reverted to the vaults, it is akin to donation to the vault which will distribute the reverted assets to all stakers including new stakers who did not get slashed. This is not the intended behaviour, hence the locked funds will not be returned to the vaults on rejection in phase 2.*
function guardrailApprove(bytes32 slashId, bool approve) external;Parameters
| Name | Type | Description |
|---|---|---|
slashId | bytes32 | The unique identifier for the slashing request to approve or reject. |
approve | bool | True to approve the slashing request, false to reject it. |
cancelSlashing
*Allows a service to cancel its own pending slashing request. This function:
- Can only be called by the service that initiated the slashing request.
- Can only be called if the request is in the Pending status.
- Changes the request status from Pending to Canceled.
- Removes the request from the pending requests mapping. Once canceled, a slashing request cannot be reactivated, but a new request can be created.*
function cancelSlashing(bytes32 slashId) external;Parameters
| Name | Type | Description |
|---|---|---|
slashId | bytes32 | The unique identifier for the slashing request to cancel. |
Events
SlashingRequested
Emitted when a new slashing request is created.
event SlashingRequested(
address indexed service, address indexed operator, bytes32 indexed slashId, Request request, string reason
);Parameters
| Name | Type | Description |
|---|---|---|
service | address | The address of the service that requested the slashing. |
operator | address | The address of the operator being slashed. |
slashId | bytes32 | The unique identifier for the slashing request. |
request | Request | The information about the slashing request. |
reason | string | The reason for the slashing request, a human-readable string. Not stored on-chain. |
SlashingCanceled
Emitted when a slashing request has been canceled. This occurs when a service explicitly cancels a pending request or when a new request replaces an expired one.
event SlashingCanceled(address indexed service, address indexed operator, bytes32 indexed slashId);Parameters
| Name | Type | Description |
|---|---|---|
service | address | The address of the service that requested the slashing. |
operator | address | The address of the operator that was targeted by the canceled request. |
slashId | bytes32 | The unique identifier for the canceled slashing request. |
SlashingLocked
Emitted when a slashing request has been locked. This event is emitted when the slashed collateral is moved from the operator’s vaults to the router for further processing. Locking occurs after the resolution window has passed and before the request expires.
event SlashingLocked(address indexed service, address indexed operator, bytes32 indexed slashId);Parameters
| Name | Type | Description |
|---|---|---|
service | address | The address of the service that requested the slashing. |
operator | address | The address of the operator whose collateral is being locked. |
slashId | bytes32 | The unique identifier for the locked slashing request. |
SlashingFinalized
Emitted when a slashing request has been finalized. This event is emitted when the slashed collateral is moved from the router to the destination address. The destination address is agreed upon by the service and the operator in the slashing parameters. Finalization can only occur after locking and guardrail approval.
event SlashingFinalized(
address indexed service, address indexed operator, bytes32 indexed slashId, address destination
);Parameters
| Name | Type | Description |
|---|---|---|
service | address | The address of the service that requested the slashing. |
operator | address | The address of the operator whose collateral was slashed. |
slashId | bytes32 | The unique identifier for the finalized slashing request. |
destination | address | The address to which the slashed collateral was sent. |
GuardrailApproval
Emitted when a slashing request has been approved or rejected by the guardrail. The guardrail is a security mechanism that provides additional approval for slashing operations.
event GuardrailApproval(bytes32 indexed slashId, bool approval);Parameters
| Name | Type | Description |
|---|---|---|
slashId | bytes32 | The unique identifier for the slashing request that received a decision. |
approval | bool | True if the guardrail approved the slashing request, false if rejected. |
Errors
Unauthorized
Error thrown when an unauthorized address attempts to perform a restricted operation.
error Unauthorized();InvalidStatus
Error thrown when an operation is attempted on a slashing request with an invalid status.
error InvalidStatus();SlashingRequestExpired
Error thrown when an operation is attempted on a slashing request that has expired.
error SlashingRequestExpired();SlashingRequestNotFound
Error thrown when an operation references a slashing request that does not exist.
error SlashingRequestNotFound();SlashingResolutionNotReached
Error thrown when attempting to lock a slashing request before its resolution window has passed.
error SlashingResolutionNotReached();GuardrailHasDetermined
Error thrown when guardrail attempts to approve/reject a slashing request more than once.
error GuardrailHasDetermined();GuardrailHaveNotApproved
Error thrown when attempting to finalize a slashing request that has not been approved by the guardrail.
error GuardrailHaveNotApproved();Structs
Payload
Contains the necessary information to initiate a slashing request. This struct is used as an input parameter and is not stored on-chain directly. See Request for the on-chain storage structure.
struct Payload {
address operator;
uint24 mbips;
uint32 timestamp;
string reason;
}Request
*Represents a slashing request stored on-chain for internal state tracking. Includes all data from the original payload plus additional tracking information. The struct is optimized for gas efficiency by packing related fields together. Memory layout: Slot 0:
- status: uint8 (8 bits)
- service: address (160 bits)
- mbips: uint24 (24 bits)
- timestamp: uint32 (32 bits)
- requestTime: uint32 (32 bits) Slot 1:
- operator: address (160 bits)
- requestResolution: uint32 (32 bits)
- requestExpiry: uint32 (32 bits)*
struct Request {
Status status;
address service;
uint24 mbips;
uint32 timestamp;
uint32 requestTime;
address operator;
uint32 requestResolution;
uint32 requestExpiry;
}LockedAssets
Struct used to track assets that have been locked in the router during the slashing process. These assets are temporarily held by the router before being transferred to the final destination during the finalization step.
struct LockedAssets {
uint256 amount;
address vault;
}Enums
Status
*Enum representing the possible states of a slashing request throughout its lifecycle. The status transitions follow this flow:
- Pending -> Locked -> Finalized
- Pending -> Canceled*
enum Status {
Pending,
Locked,
Finalized,
Canceled
}