From ed8730b16e60ed1e30fbd97beb3ed463db6e9704 Mon Sep 17 00:00:00 2001
From: mkflow27 <mkflow27@gmail.com>
Date: Fri, 31 Jan 2025 10:50:49 +0100
Subject: [PATCH] Create sUSDS Rate Provider on Base Fixes #233

---
 rate-providers/registry.json            | 14 +++++++
 rate-providers/sUSDSBaseRateProvider.md | 49 +++++++++++++++++++++++++
 2 files changed, 63 insertions(+)
 create mode 100644 rate-providers/sUSDSBaseRateProvider.md

diff --git a/rate-providers/registry.json b/rate-providers/registry.json
index 841fc62..9948b17 100644
--- a/rate-providers/registry.json
+++ b/rate-providers/registry.json
@@ -911,6 +911,20 @@
       "warnings": [],
       "factory": "",
       "upgradeableComponents": []
+    },
+    "0x84394fa6a39bdff63b255622da362b113c690267": {
+      "asset": "0x5875eEE11Cf8398102FdAd704C9E96607675467a",
+      "name": "SavingsUSDSRateProvider",
+      "summary": "safe",
+      "review": "./sUSDSBaseRateProvider.md",
+      "warnings": [],
+      "factory": "",
+      "upgradeableComponents": [
+        {
+          "entrypoint": "0xa3931d71877C0E7a3148CB7Eb4463524FEc27fbD",
+          "implementationReviewed": "0x4e7991e5C547ce825BdEb665EE14a3274f9F61e0"
+        }
+      ]
     }
   },
   "ethereum": {
diff --git a/rate-providers/sUSDSBaseRateProvider.md b/rate-providers/sUSDSBaseRateProvider.md
new file mode 100644
index 0000000..fbffa36
--- /dev/null
+++ b/rate-providers/sUSDSBaseRateProvider.md
@@ -0,0 +1,49 @@
+# Rate Provider: `SavingsUSDSRateProvider`
+
+## Details
+- Reviewed by: @mkflow27
+- Checked by: @\<GitHub handle of secondary reviewer\>
+- Deployed at:
+    - [base:0x84394fa6a39bdff63b255622da362b113c690267](https://basescan.org/address/0x84394fa6a39bdff63b255622da362b113c690267#code)
+- Audit report(s):
+    - [Chainsecurity audit](https://docs.spark.fi/assets/Chainsecurity-sUSDS.pdf)
+
+## Context
+This rate Provider is providing a bridged rate from the L1 sUSDS contract. It briges the rate (`chi`) via the Base message bridge. 
+
+## Review Checklist: Bare Minimum Compatibility
+Each of the items below represents an absolute requirement for the Rate Provider. If any of these is unchecked, the Rate Provider is unfit to use.
+
+- [x] Implements the [`IRateProvider`](https://github.com/balancer/balancer-v2-monorepo/blob/bc3b3fee6e13e01d2efe610ed8118fdb74dfc1f2/pkg/interfaces/contracts/pool-utils/IRateProvider.sol) interface.
+- [x] `getRate` returns an 18-decimal fixed point number (i.e., 1 == 1e18) regardless of underlying token decimals.
+
+## Review Checklist: Common Findings
+Each of the items below represents a common red flag found in Rate Provider contracts.
+
+If none of these is checked, then this might be a pretty great Rate Provider! If any of these is checked, we must thoroughly elaborate on the conditions that lead to the potential issue. Decision points are not binary; a Rate Provider can be safe despite these boxes being checked. A check simply indicates that thorough vetting is required in a specific area, and this vetting should be used to inform a holistic analysis of the Rate Provider.
+
+### Administrative Privileges
+- [ ] The Rate Provider is upgradeable (e.g., via a proxy architecture or an `onlyOwner` function that updates the price source address). 
+
+- [x] Some other portion of the price pipeline is upgradeable (e.g., the token itself, an oracle, or some piece of a larger system that tracks the price).
+    - upgradeable component: `SUsds` ([ethereum:0xa3931d71877C0E7a3148CB7Eb4463524FEc27fbD](https://etherscan.io/address/0xa3931d71877C0E7a3148CB7Eb4463524FEc27fbD#readProxyContract))
+    - admin address: [ethereum:0xbe8e3e3618f7474f8cb1d074a26affef007e98fb](https://etherscan.io/address/0xbe8e3e3618f7474f8cb1d074a26affef007e98fb#code)
+    - admin type: Spark governance
+
+
+### Oracles
+- [ ] Price data is provided by an off-chain source (e.g., a Chainlink oracle, a multisig, or a network of nodes).
+
+- [ ] Price data is expected to be volatile (e.g., because it represents an open market price instead of a (mostly) monotonically increasing price).
+
+### Common Manipulation Vectors
+- [ ] The Rate Provider is susceptible to donation attacks.
+
+## Additional Findings
+To save time, we do not bother pointing out low-severity/informational issues or gas optimizations (unless the gas usage is particularly egregious). Instead, we focus only on high- and medium-severity findings which materially impact the contract's functionality and could harm users.
+
+
+## Conclusion
+**Summary judgment: USABLE**
+
+The reviewed rate provider should work well with Balancer pools. It works based on a bridged rate from the L1 sUSDS contract.