VLF-allocated assets must interact with integrated protocols through actual VLF strategies. This strategy execution process is performed by the Strategist and is only possible within the rules registered on-chain, ensuring assets cannot be used in unintended ways or misappropriated.

The strategy execution system provides a secure, flexible framework for DeFi integrations while maintaining strict asset protection through cryptographic verification.

Strategy Execution Process

Step 1: Strategy Preparation & Input Validation

Before execution begins, the strategist prepares the strategy execution by gathering all required components. The core security mechanism relies on merkle tree verification to ensure only approved strategies can be executed.

The strategist interacts with VLF Strategy Executors through the ManagerWithMerkleVerification contract’s manage() function, which requires the following parameters:

function manage(
    address strategyExecutor,     // VLF Strategy Executor contract
    bytes32[][] calldata manageProofs,    // Merkle proofs for each function call
    address[] calldata decodersAndSanitizers,  // Protocol-specific decoders
    address[] calldata targets,   // Target contract addresses
    bytes[] calldata targetData,  // Function call data
    uint256[] calldata values     // MITO values for each call
) external;

Parameter Requirements:

  • strategyExecutor: The VLF Strategy Executor contract that will execute the strategies
  • manageProofs: Merkle proofs verifying each function call is pre-approved
  • decodersAndSanitizers: Contracts that decode and sanitize function call parameters
  • targets: Target contract addresses for the DeFi protocol interactions
  • targetData: Encoded function call data for each target
  • values: MITO amounts to transfer with each function call

Step 2: Merkle Proof Verification

During the execution process, the system performs cryptographic merkle proof verification to confirm that each function call is pre-approved. This process includes parameter sanitization and authorization validation to ensure secure strategy execution.

The Verification Process:

  1. Parameter Sanitization: The decoderAndSanitizer contract extracts only security-relevant parameters from function call data, filtering out parameters that don’t affect authorization
  2. Merkle Proof Verification: The sanitized data is then verified against the merkle tree to confirm the function call is pre-approved
function _verifyCallData(
    bytes32 currentManageRoot,
    bytes32[] calldata manageProof,
    address decoderAndSanitizer,
    address target,
    uint256 value,
    bytes calldata targetData
) internal view {
    // Step 1: Extract and sanitize security-relevant parameters
    bytes memory packedArgumentAddresses = abi.decode(
        decoderAndSanitizer.functionStaticCall(targetData), 
        (bytes)
    );

    // Step 2: Verify against merkle tree
    if (!_verifyManageProof(
        currentManageRoot, 
        manageProof, 
        target, 
        decoderAndSanitizer, 
        value, 
        bytes4(targetData), 
        packedArgumentAddresses
    )) {
        revert IManagerWithMerkleVerification
            .IManagerWithMerkleVerification__FailedToVerifyManageProof(
            target, targetData, value
        );
    }
}

function _verifyManageProof(
    bytes32 root,
    bytes32[] calldata proof,
    address target,
    address decoderAndSanitizer,
    uint256 value,
    bytes4 selector,
    bytes memory packedArgumentAddresses
) internal pure returns (bool) {
    bool valueNonZero = value > 0;
    bytes32 leaf = keccak256(abi.encodePacked(
        decoderAndSanitizer,
        target,
        valueNonZero,
        selector,
        packedArgumentAddresses
    ));
    return MerkleProofLib.verify(proof, root, leaf);
}

Sanitization Benefits:

The decoderAndSanitizer approach provides crucial system advantages:

  • Selective Parameter Verification: Only security-critical addresses are included in verification, while non-critical parameters are filtered out
  • Reduced Merkle Tree Complexity: By ignoring non-security parameters, the number of required merkle tree leaves is dramatically reduced
  • Enhanced Flexibility: Strategists can adjust trading parameters without requiring new merkle tree updates

Step 3: Final Execution

Once all verification steps pass, the strategy execution is authorized and proceeds on the VLF Strategy Executor contract. The validated function calls are then executed against the target DeFi protocols with the approved parameters, completing the strategy execution process.