@juicedollar/jusd 1.0.5 → 1.1.0

package/README.md

@@ -213,32 +213,6 @@ USE_FORK=true BRIDGE_KEY=<KEY> npx hardhat run scripts/deployment/deploy/deployB
 
 Bridge configurations: `scripts/deployment/config/stablecoinBridgeConfig.ts`
 
-### Hardhat Ignition Deployment
-
-```bash
-# Deploy single module with verification
-npm run deploy ignition/modules/MODULE --network citrea --verify --deployment-id MODULE_ID_01
-
-# Deploy all modules
-npm run deploy -- --network citrea --verify
-```
-
-**Output:**
-- `ignition/deployments/[deployment]/deployed_addresses.json`
-- `ignition/deployments/[deployment]/journal.jsonl`
-- `ignition/constructor-args/*.js`
-
-### Manual Verification
-
-```bash
-npx hardhat verify --network citrea \
-  --constructor-args ./ignition/constructor-args/$FILE.js \
-  $ADDRESS
-
-# Verify unrelated contracts
-npx hardhat ignition verify $DEPLOYMENT --include-unrelated-contracts
-```
-
 ---
 
 ## NPM Package

package/contracts/MintingHubV2/MintingHub.sol

@@ -32,6 +32,14 @@ contract MintingHub is IMintingHub, ERC165 {
     uint256 public constant CHALLENGER_REWARD = 20000; // 2%
     uint256 public constant EXPIRED_PRICE_FACTOR = 10;
 
+    /**
+     * @dev Maximum allowed message length for denial messages (prevents gas griefing attacks).
+     *      This constant is intentionally duplicated in Position.sol for defense-in-depth.
+     *      Hub validates as a second layer of protection; Position validates first to fail early.
+     *      If changing this value, update Position.MAX_MESSAGE_LENGTH as well.
+     */
+    uint256 private constant MAX_MESSAGE_LENGTH = 500;
+
     IPositionFactory private immutable POSITION_FACTORY; // position contract to clone
 
     IJuiceDollar public immutable JUSD; // currency
@@ -49,7 +57,7 @@ contract MintingHub is IMintingHub, ERC165 {
 
     /**
      * @notice Tracks whether the first position has been created.
-     * @dev The first position (genesis) can skip the 3-day init period requirement.
+     * @dev The first position (genesis) can skip the 14-day init period requirement.
      */
     bool private _genesisPositionCreated;
 
@@ -72,6 +80,7 @@ contract MintingHub is IMintingHub, ERC165 {
     );
     event PostponedReturn(address collateral, address indexed beneficiary, uint256 amount);
     event ForcedSale(address pos, uint256 amount, uint256 priceE36MinusDecimals);
+    // Note: PositionUpdate and PositionDeniedByGovernance events are defined in IMintingHub interface
 
     error UnexpectedPrice();
     error InvalidPos();
@@ -86,6 +95,8 @@ contract MintingHub is IMintingHub, ERC165 {
     error NativeOnlyForWCBTC();
     error ValueMismatch();
     error NativeTransferFailed();
+    error MessageTooLong(uint256 length, uint256 maxLength);
+    error EmptyMessage();
 
     modifier validPos(address position) {
         if (JUSD.getPositionParent(position) != address(this)) revert InvalidPos();
@@ -136,9 +147,9 @@ contract MintingHub is IMintingHub, ERC165 {
             if (CHALLENGER_REWARD > _reservePPM || _reservePPM > 1_000_000) revert InvalidReservePPM();
             if (IERC20Metadata(_collateralAddress).decimals() > 24) revert InvalidCollateralDecimals(); // leaves 12 digits for price
             if (_challengeSeconds < 1 days) revert ChallengeTimeTooShort();
-            // First position (genesis) can skip init period, all others require 3 days minimum
+            // First position (genesis) can skip init period, all others require 14 days minimum
             if (_genesisPositionCreated) {
-                if (_initPeriodSeconds < 3 days) revert InitPeriodTooShort();
+                if (_initPeriodSeconds < 14 days) revert InitPeriodTooShort();
             } else {
                 _genesisPositionCreated = true;
             }
@@ -286,7 +297,12 @@ contract MintingHub is IMintingHub, ERC165 {
      *                                  In phase 1 (aversion): bidder receives native. In phase 2 (liquidation): both
      *                                  challenger refund and bidder acquisition are returned as native.
      */
-    function bid(uint32 _challengeNumber, uint256 size, bool postponeCollateralReturn, bool returnCollateralAsNative) public {
+    function bid(
+        uint32 _challengeNumber,
+        uint256 size,
+        bool postponeCollateralReturn,
+        bool returnCollateralAsNative
+    ) public {
         Challenge memory _challenge = challenges[_challengeNumber];
         (uint256 liqPrice, uint40 phase) = _challenge.position.challengeData();
         size = _challenge.size < size ? _challenge.size : size; // cannot bid for more than the size of the challenge
@@ -295,8 +311,18 @@ contract MintingHub is IMintingHub, ERC165 {
             _avertChallenge(_challenge, _challengeNumber, liqPrice, size, returnCollateralAsNative);
             emit ChallengeAverted(address(_challenge.position), _challengeNumber, size);
         } else {
-            _returnChallengerCollateral(_challenge, _challengeNumber, size, postponeCollateralReturn, returnCollateralAsNative);
-            (uint256 transferredCollateral, uint256 offer) = _finishChallenge(_challenge, size, returnCollateralAsNative);
+            _returnChallengerCollateral(
+                _challenge,
+                _challengeNumber,
+                size,
+                postponeCollateralReturn,
+                returnCollateralAsNative
+            );
+            (uint256 transferredCollateral, uint256 offer) = _finishChallenge(
+                _challenge,
+                size,
+                returnCollateralAsNative
+            );
             emit ChallengeSucceeded(address(_challenge.position), _challengeNumber, offer, transferredCollateral, size);
         }
     }
@@ -322,8 +348,8 @@ contract MintingHub is IMintingHub, ERC165 {
         // enforced in Position.setPrice and knowing that collateral <= col.
         uint256 offer = _calculateOffer(_challenge, collateral);
 
-        JUSD.transferFrom(msg.sender, address(this), offer); // get money from bidder 
-        uint256 reward = (offer * CHALLENGER_REWARD) / 1_000_000; 
+        JUSD.transferFrom(msg.sender, address(this), offer); // get money from bidder
+        uint256 reward = (offer * CHALLENGER_REWARD) / 1_000_000;
         JUSD.transfer(_challenge.challenger, reward); // pay out the challenger reward
         uint256 fundsAvailable = offer - reward; // funds available after reward
 
@@ -359,7 +385,13 @@ contract MintingHub is IMintingHub, ERC165 {
         return (collateral, offer);
     }
 
-    function _avertChallenge(Challenge memory _challenge, uint32 number, uint256 liqPrice, uint256 size, bool asNative) internal {
+    function _avertChallenge(
+        Challenge memory _challenge,
+        uint32 number,
+        uint256 liqPrice,
+        uint256 size,
+        bool asNative
+    ) internal {
         require(block.timestamp != _challenge.start); // do not allow to avert the challenge in the same transaction, see CS-ZCHF-037
         if (msg.sender == _challenge.challenger) {
             // allow challenger to cancel challenge without paying themselves
@@ -471,7 +503,13 @@ contract MintingHub is IMintingHub, ERC165 {
         returnPostponedCollateral(collateral, target, false);
     }
 
-    function _returnCollateral(IERC20 collateral, address recipient, uint256 amount, bool postpone, bool asNative) internal {
+    function _returnCollateral(
+        IERC20 collateral,
+        address recipient,
+        uint256 amount,
+        bool postpone,
+        bool asNative
+    ) internal {
         if (postpone) {
             // Postponing helps in case the challenger was blacklisted or otherwise cannot receive at the moment.
             pendingReturns[address(collateral)][recipient] += amount;
@@ -508,7 +546,7 @@ contract MintingHub is IMintingHub, ERC165 {
             } else if (timePassed < 2 * challengePeriod) {
                 // from 1x liquidation price to 0 in second phase
                 uint256 timeLeft = 2 * challengePeriod - timePassed;
-                return (liqprice  * timeLeft) / challengePeriod;
+                return (liqprice * timeLeft) / challengePeriod;
             } else {
                 // get collateral for free after both phases passed
                 return 0;
@@ -527,7 +565,7 @@ contract MintingHub is IMintingHub, ERC165 {
      * @param upToAmount Maximum amount of collateral to buy
      * @param receiveAsNative If true and collateral is WcBTC, receive as native coin
      */
-    function buyExpiredCollateral(IPosition pos, uint256 upToAmount, bool receiveAsNative) public returns (uint256) {
+    function buyExpiredCollateral(IPosition pos, uint256 upToAmount, bool receiveAsNative) public validPos(address(pos)) returns (uint256) {
         uint256 max = pos.collateral().balanceOf(address(pos));
         uint256 amount = upToAmount > max ? max : upToAmount;
         uint256 forceSalePrice = expiredPurchasePrice(pos);
@@ -566,10 +604,36 @@ contract MintingHub is IMintingHub, ERC165 {
     /**
      * @dev See {IERC165-supportsInterface}.
      */
-    function supportsInterface(bytes4 interfaceId) public view override virtual returns (bool) {
-        return
-            interfaceId == type(IMintingHub).interfaceId ||
-            super.supportsInterface(interfaceId);
+    function supportsInterface(bytes4 interfaceId) public view virtual override returns (bool) {
+        return interfaceId == type(IMintingHub).interfaceId || super.supportsInterface(interfaceId);
+    }
+
+    /**
+     * @notice Allows Position contracts to emit state updates through the hub for centralized monitoring.
+     * @dev Only callable by registered positions. Emits PositionUpdate event with the caller as position.
+     * @param _collateral Current collateral balance of the position
+     * @param _price Current liquidation price of the position
+     * @param _principal Current principal (debt) of the position
+     */
+    function emitPositionUpdate(
+        uint256 _collateral,
+        uint256 _price,
+        uint256 _principal
+    ) external virtual validPos(msg.sender) {
+        emit PositionUpdate(msg.sender, _collateral, _price, _principal);
+    }
+
+    /**
+     * @notice Allows Position contracts to emit governance denial events through the hub.
+     * @dev Only callable by registered positions. Emits PositionDeniedByGovernance event.
+     * @param denier Address of the governance participant who denied the position
+     * @param message Reason for denial (max 500 bytes to prevent gas exhaustion attacks)
+     */
+    function emitPositionDenied(address denier, string calldata message) external virtual validPos(msg.sender) {
+        uint256 messageLength = bytes(message).length;
+        if (messageLength == 0) revert EmptyMessage();
+        if (messageLength > MAX_MESSAGE_LENGTH) revert MessageTooLong(messageLength, MAX_MESSAGE_LENGTH);
+        emit PositionDeniedByGovernance(msg.sender, denier, message);
     }
 
     /**

package/contracts/MintingHubV2/Position.sol

@@ -22,6 +22,15 @@ contract Position is Ownable, IPosition, MathUtil {
      * the constant and immutable fields, but have their own values for the other fields.
      */
 
+    /**
+     * @notice Maximum allowed message length for denial messages (prevents gas griefing attacks).
+     * @dev This constant is intentionally duplicated in MintingHub.sol for defense-in-depth.
+     *      Both contracts validate independently since Position contracts are deployed separately
+     *      and must enforce limits even if the hub validation is bypassed or modified.
+     *      If changing this value, update MintingHub.MAX_MESSAGE_LENGTH as well.
+     */
+    uint256 private constant MAX_MESSAGE_LENGTH = 500;
+
     /**
      * @notice The JUSD price per unit of the collateral below which challenges succeed, (36 - collateral.decimals) decimals
      */
@@ -126,6 +135,29 @@ contract Position is Ownable, IPosition, MathUtil {
     event MintingUpdate(uint256 collateral, uint256 price, uint256 principal);
     event PositionDenied(address indexed sender, string message); // emitted if closed by governance
 
+    /**
+     * @dev Emits MintingUpdate both locally and to the hub for centralized monitoring.
+     * This allows monitoring systems to track all position updates from a single address (the hub).
+     * @notice Adds ~3,800 gas overhead for the hub call.
+     */
+    function _emitUpdate(uint256 _collateral, uint256 _price, uint256 _principal) internal {
+        emit MintingUpdate(_collateral, _price, _principal);
+        IMintingHub(hub).emitPositionUpdate(_collateral, _price, _principal);
+    }
+
+    /**
+     * @dev Emits PositionDenied both locally and to the hub for centralized monitoring.
+     * @param sender The address that triggered the denial
+     * @param message Reason for denial (1-500 bytes, prevents gas griefing and ensures meaningful messages)
+     */
+    function _emitDenied(address sender, string memory message) internal {
+        uint256 messageLength = bytes(message).length;
+        if (messageLength == 0) revert EmptyMessage();
+        if (messageLength > MAX_MESSAGE_LENGTH) revert MessageTooLong(messageLength, MAX_MESSAGE_LENGTH);
+        emit PositionDenied(sender, message);
+        IMintingHub(hub).emitPositionDenied(sender, message);
+    }
+
     error InsufficientCollateral(uint256 needed, uint256 available);
     error TooLate();
     error RepaidTooMuch(uint256 excess);
@@ -140,6 +172,8 @@ contract Position is Ownable, IPosition, MathUtil {
     error NotOriginal();
     error InvalidExpiration();
     error AlreadyInitialized();
+    error MessageTooLong(uint256 length, uint256 maxLength);
+    error EmptyMessage();
     error PriceTooHigh(uint256 newPrice, uint256 maxPrice);
     error InvalidPriceReference();
     error NativeTransferFailed();
@@ -208,7 +242,7 @@ contract Position is Ownable, IPosition, MathUtil {
         reserveContribution = _reservePPM;
         minimumCollateral = _minCollateral;
         challengePeriod = _challengePeriod;
-        start = uint40(block.timestamp) + _initPeriod; // at least three days time to deny the position
+        start = uint40(block.timestamp) + _initPeriod; // at least 14 days time to deny the position
         cooldown = start;
         expiration = start + _duration;
         limit = _initialLimit;
@@ -222,7 +256,8 @@ contract Position is Ownable, IPosition, MathUtil {
      */
     function initialize(address parent, uint40 _expiration) external onlyHub {
         if (expiration != 0) revert AlreadyInitialized();
-        if (_expiration < block.timestamp || _expiration > Position(payable(original)).expiration()) revert InvalidExpiration(); // expiration must not be later than original
+        if (_expiration < block.timestamp || _expiration > Position(payable(original)).expiration())
+            revert InvalidExpiration(); // expiration must not be later than original
         expiration = _expiration;
         price = Position(payable(parent)).price();
         _fixRateToLeadrate(Position(payable(parent)).riskPremiumPPM());
@@ -282,7 +317,7 @@ contract Position is Ownable, IPosition, MathUtil {
         if (block.timestamp >= start) revert TooLate();
         IReserve(jusd.reserve()).checkQualified(msg.sender, helpers);
         _close();
-        emit PositionDenied(msg.sender, message);
+        _emitDenied(msg.sender, message);
     }
 
     /**
@@ -322,7 +357,12 @@ contract Position is Ownable, IPosition, MathUtil {
      * @param newPrice The new liquidation price
      * @param withdrawAsNative If true, withdraw collateral as native coin instead of wrapped token
      */
-    function adjust(uint256 newPrincipal, uint256 newCollateral, uint256 newPrice, bool withdrawAsNative) external payable onlyOwner {
+    function adjust(
+        uint256 newPrincipal,
+        uint256 newCollateral,
+        uint256 newPrice,
+        bool withdrawAsNative
+    ) external payable onlyOwner {
         _adjust(newPrincipal, newCollateral, newPrice, address(0), withdrawAsNative);
     }
 
@@ -337,7 +377,13 @@ contract Position is Ownable, IPosition, MathUtil {
      * @param referencePosition Reference position for cooldown-free price increase (address(0) for normal logic with cooldown)
      * @param withdrawAsNative If true, withdraw collateral as native coin instead of wrapped token
      */
-    function adjustWithReference(uint256 newPrincipal, uint256 newCollateral, uint256 newPrice, address referencePosition, bool withdrawAsNative) external payable onlyOwner {
+    function adjustWithReference(
+        uint256 newPrincipal,
+        uint256 newCollateral,
+        uint256 newPrice,
+        address referencePosition,
+        bool withdrawAsNative
+    ) external payable onlyOwner {
         _adjust(newPrincipal, newCollateral, newPrice, referencePosition, withdrawAsNative);
     }
 
@@ -349,7 +395,13 @@ contract Position is Ownable, IPosition, MathUtil {
      * @param referencePosition Reference position for cooldown-free price increase (address(0) for normal logic)
      * @param withdrawAsNative If true and withdrawing collateral, unwrap to native coin
      */
-    function _adjust(uint256 newPrincipal, uint256 newCollateral, uint256 newPrice, address referencePosition, bool withdrawAsNative) internal {
+    function _adjust(
+        uint256 newPrincipal,
+        uint256 newCollateral,
+        uint256 newPrice,
+        address referencePosition,
+        bool withdrawAsNative
+    ) internal {
         // Handle native coin deposit first (wraps to WCBTC)
         if (msg.value > 0) {
             IWrappedNative(address(collateral)).deposit{value: msg.value}();
@@ -378,7 +430,7 @@ contract Position is Ownable, IPosition, MathUtil {
         if (newPrice != price) {
             _adjustPrice(newPrice, referencePosition);
         }
-        emit MintingUpdate(newCollateral, newPrice, newPrincipal);
+        _emitUpdate(newCollateral, newPrice, newPrincipal);
     }
 
     /**
@@ -389,7 +441,7 @@ contract Position is Ownable, IPosition, MathUtil {
      */
     function adjustPrice(uint256 newPrice) public onlyOwner {
         _adjustPrice(newPrice, address(0));
-        emit MintingUpdate(_collateralBalance(), price, principal);
+        _emitUpdate(_collateralBalance(), price, principal);
     }
 
     /**
@@ -403,7 +455,7 @@ contract Position is Ownable, IPosition, MathUtil {
      */
     function adjustPriceWithReference(uint256 newPrice, address referencePosition) external onlyOwner {
         _adjustPrice(newPrice, referencePosition);
-        emit MintingUpdate(_collateralBalance(), price, principal);
+        _emitUpdate(_collateralBalance(), price, principal);
     }
 
     /**
@@ -499,7 +551,7 @@ contract Position is Ownable, IPosition, MathUtil {
     function mint(address target, uint256 amount) public ownerOrRoller {
         uint256 collateralBalance = _collateralBalance();
         _mint(target, amount, collateralBalance);
-        emit MintingUpdate(collateralBalance, price, principal);
+        _emitUpdate(collateralBalance, price, principal);
     }
 
     /**
@@ -511,7 +563,7 @@ contract Position is Ownable, IPosition, MathUtil {
 
     /**
      * @notice Computes the virtual price of the collateral in JUSD, which is the minimum collateral
-     * price required to cover the entire debt with interest overcollateralization, lower bounded by the floor price. 
+     * price required to cover the entire debt with interest overcollateralization, lower bounded by the floor price.
      * Returns the challenged price if a challenge is active.
      * @param colBalance The collateral balance of the position.
      * @param floorPrice The minimum price of the collateral in JUSD.
@@ -519,9 +571,9 @@ contract Position is Ownable, IPosition, MathUtil {
     function _virtualPrice(uint256 colBalance, uint256 floorPrice) internal view returns (uint256) {
         if (challengedAmount > 0) return challengedPrice;
         if (colBalance == 0) return floorPrice;
-        
+
         uint256 virtPrice = (_getCollateralRequirement() * ONE_DEC18) / colBalance;
-        return virtPrice < floorPrice ? floorPrice: virtPrice;
+        return virtPrice < floorPrice ? floorPrice : virtPrice;
     }
 
     /**
@@ -564,8 +616,9 @@ contract Position is Ownable, IPosition, MathUtil {
             // Single-division optimization for gas efficiency and precision. Equivalent formula:
             // uint256 usablePrincipal = (principal * (1_000_000 - reserveContribution)) / 1_000_000;
             // newInterest += (usablePrincipal * fixedAnnualRatePPM * delta) / (365 days * 1_000_000);
-            newInterest += (principal * (1_000_000 - reserveContribution) * fixedAnnualRatePPM * delta)
-                / (365 days * 1_000_000 * 1_000_000);
+            newInterest +=
+                (principal * (1_000_000 - reserveContribution) * fixedAnnualRatePPM * delta) /
+                (365 days * 1_000_000 * 1_000_000);
         }
 
         return newInterest;
@@ -594,7 +647,7 @@ contract Position is Ownable, IPosition, MathUtil {
     function getDebt() public view returns (uint256) {
         return _getDebt();
     }
-    
+
     /**
      * @notice Public function to calculate current debt with overcollateralized interest
      * @return The total debt including overcollateralized interest
@@ -656,7 +709,7 @@ contract Position is Ownable, IPosition, MathUtil {
      */
     function repay(uint256 amount) public returns (uint256) {
         uint256 used = _payDownDebt(amount);
-        emit MintingUpdate(_collateralBalance(), price, principal);
+        _emitUpdate(_collateralBalance(), price, principal);
         return used;
     }
 
@@ -713,7 +766,7 @@ contract Position is Ownable, IPosition, MathUtil {
             if (proceeds > 0) {
                 jusd.transferFrom(buyer, owner(), proceeds);
             }
-            emit MintingUpdate(_collateralBalance(), price, principal);
+            _emitUpdate(_collateralBalance(), price, principal);
             return;
         }
 
@@ -736,7 +789,7 @@ contract Position is Ownable, IPosition, MathUtil {
             jusd.transferFrom(buyer, owner(), proceeds);
         }
 
-        emit MintingUpdate(_collateralBalance(), price, principal);
+        _emitUpdate(_collateralBalance(), price, principal);
     }
 
     /**
@@ -762,7 +815,7 @@ contract Position is Ownable, IPosition, MathUtil {
      */
     function withdrawCollateral(address target, uint256 amount) public ownerOrRoller {
         uint256 balance = _withdrawCollateral(target, amount);
-        emit MintingUpdate(balance, price, principal);
+        _emitUpdate(balance, price, principal);
     }
 
     /**
@@ -773,7 +826,7 @@ contract Position is Ownable, IPosition, MathUtil {
      */
     function withdrawCollateralAsNative(address target, uint256 amount) public onlyOwner {
         uint256 balance = _withdrawCollateralAsNative(target, amount);
-        emit MintingUpdate(balance, price, principal);
+        _emitUpdate(balance, price, principal);
     }
 
     function _withdrawCollateral(address target, uint256 amount) internal noCooldown noChallenge returns (uint256) {
@@ -786,7 +839,10 @@ contract Position is Ownable, IPosition, MathUtil {
      * @dev Internal helper for native coin withdrawal. Used by withdrawCollateralAsNative() and _adjust().
      *      Does NOT emit MintingUpdate - callers are responsible for emitting.
      */
-    function _withdrawCollateralAsNative(address target, uint256 amount) internal noCooldown noChallenge returns (uint256) {
+    function _withdrawCollateralAsNative(
+        address target,
+        uint256 amount
+    ) internal noCooldown noChallenge returns (uint256) {
         if (amount > 0) {
             IWrappedNative(address(collateral)).withdraw(amount);
             (bool success, ) = target.call{value: amount}("");
@@ -807,7 +863,7 @@ contract Position is Ownable, IPosition, MathUtil {
      */
     function transferChallengedCollateral(address target, uint256 amount) external onlyHub {
         uint256 newBalance = _sendCollateral(target, amount);
-        emit MintingUpdate(newBalance, price, principal);
+        _emitUpdate(newBalance, price, principal);
     }
 
     function _sendCollateral(address target, uint256 amount) internal returns (uint256) {
@@ -830,7 +886,7 @@ contract Position is Ownable, IPosition, MathUtil {
     function _checkCollateral(uint256 collateralReserve, uint256 atPrice) internal view {
         uint256 relevantCollateral = collateralReserve < minimumCollateral ? 0 : collateralReserve;
         uint256 collateralRequirement = _getCollateralRequirement();
-        
+
         if (relevantCollateral * atPrice < collateralRequirement * ONE_DEC18) {
             revert InsufficientCollateral(relevantCollateral * atPrice, collateralRequirement * ONE_DEC18);
         }

package/contracts/MintingHubV2/interface/IMintingHub.sol

@@ -6,12 +6,22 @@ import {IPosition} from "./IPosition.sol";
 import {PositionRoller} from "../PositionRoller.sol";
 
 interface IMintingHub {
+    // Events for centralized position monitoring (emitted by hub, not individual positions)
+    event PositionUpdate(address indexed position, uint256 collateral, uint256 price, uint256 principal);
+
+    event PositionDeniedByGovernance(address indexed position, address indexed denier, string message);
+
     function RATE() external view returns (ILeadrate);
 
     function ROLLER() external view returns (PositionRoller);
 
     function WCBTC() external view returns (address);
 
+    // Position event forwarding functions
+    function emitPositionUpdate(uint256 collateral, uint256 price, uint256 principal) external;
+
+    function emitPositionDenied(address denier, string calldata message) external;
+
     function challenge(
         address _positionAddr,
         uint256 _collateralAmount,
@@ -20,7 +30,12 @@ interface IMintingHub {
 
     function bid(uint32 _challengeNumber, uint256 size, bool postponeCollateralReturn) external;
 
-    function bid(uint32 _challengeNumber, uint256 size, bool postponeCollateralReturn, bool returnCollateralAsNative) external;
+    function bid(
+        uint32 _challengeNumber,
+        uint256 size,
+        bool postponeCollateralReturn,
+        bool returnCollateralAsNative
+    ) external;
 
     function returnPostponedCollateral(address collateral, address target) external;
 
@@ -30,5 +45,12 @@ interface IMintingHub {
 
     function buyExpiredCollateral(IPosition pos, uint256 upToAmount, bool receiveAsNative) external returns (uint256);
 
-    function clone(address owner, address parent, uint256 _initialCollateral, uint256 _initialMint, uint40 expiration, uint256 _liqPrice) external payable returns (address);
+    function clone(
+        address owner,
+        address parent,
+        uint256 _initialCollateral,
+        uint256 _initialMint,
+        uint40 expiration,
+        uint256 _liqPrice
+    ) external payable returns (address);
 }

package/contracts/SavingsVaultJUSD.sol

@@ -1,7 +1,6 @@
 // SPDX-License-Identifier: MIT
 pragma solidity ^0.8.20;
 
-import {Math} from "@openzeppelin/contracts/utils/math/Math.sol";
 import {SafeCast} from "@openzeppelin/contracts/utils/math/SafeCast.sol";
 import {SafeERC20} from "@openzeppelin/contracts/token/ERC20/utils/SafeERC20.sol";
 import {ERC4626, ERC20, IERC20} from "@openzeppelin/contracts/token/ERC20/extensions/ERC4626.sol";
@@ -11,18 +10,19 @@ import {ISavingsJUSD} from "./interface/ISavingsJUSD.sol";
 /**
  * @title SavingsVaultJUSD
  * @notice ERC-4626-compatible vault adapter for the JUSD Savings module.
- *         This vault tracks interest-bearing deposits using a custom price-based mechanism,
- *         where share value increases over time as interest accrues.
+ *         This vault tracks interest-bearing deposits where share value increases over time
+ *         as interest accrues in the underlying SAVINGS contract.
  *
- * @dev The vault mitigates dilution and price manipulation attacks on empty vaults
- *      (a known vulnerability in ERC-4626) by using an explicit price model that starts at 1e18,
- *      instead of relying on the default totalAssets / totalSupply ratio when supply is zero.
+ * @dev Inherits OpenZeppelin's ERC4626 virtual shares pattern for inflation attack mitigation.
+ *      The base _convertToShares/_convertToAssets functions add virtual shares (+10**_decimalsOffset())
+ *      and virtual assets (+1) to prevent first-depositor manipulation attacks.
  *
- *      Interest is recognized through a manual `_accrueInterest()` call, which updates the internal
- *      price based on newly accrued interest.
+ *      Only totalAssets() is overridden to return the vault's balance in the SAVINGS contract
+ *      plus any accrued interest. The base conversion functions use this through polymorphism.
+ *
+ *      Interest is recognized through `_accrueInterest()` calls during deposits/withdrawals.
  */
 contract SavingsVaultJUSD is ERC4626 {
-    using Math for uint256;
     using SafeCast for uint256;
 
     ISavingsJUSD public immutable SAVINGS;
@@ -30,6 +30,8 @@ contract SavingsVaultJUSD is ERC4626 {
 
     event InterestClaimed(uint256 interest, uint256 totalClaimed);
 
+    error ZeroShares();
+
     constructor(
         IERC20 _coin,
         ISavingsJUSD _savings,
@@ -50,11 +52,9 @@ contract SavingsVaultJUSD is ERC4626 {
     }
 
     /// @notice Returns the current price per share of the contract
-    /// @dev If no shares exist, it defaults to 1 ether (implying 1:1 value)
+    /// @dev Uses virtual shares pattern for consistency with _convertToShares/_convertToAssets
     function price() public view returns (uint256) {
-        uint256 totalShares = totalSupply();
-        if (totalShares == 0) return 1 ether;
-        return (totalAssets() * 1 ether) / totalShares;
+        return ((totalAssets() + 1) * 1 ether) / (totalSupply() + 10 ** _decimalsOffset());
     }
 
     /// @notice Calculates the accrued interest for this contract
@@ -69,17 +69,10 @@ contract SavingsVaultJUSD is ERC4626 {
         return SAVINGS.savings(address(this)).saved + _interest();
     }
 
-    function _convertToShares(uint256 assets, Math.Rounding rounding) internal view virtual override returns (uint256) {
-        return assets.mulDiv(1 ether, price(), rounding);
-    }
-
-    function _convertToAssets(uint256 shares, Math.Rounding rounding) internal view virtual override returns (uint256) {
-        return shares.mulDiv(price(), 1 ether, rounding);
-    }
-
     // ---------------------------------------------------------------------------------------
 
     function _deposit(address caller, address receiver, uint256 assets, uint256 shares) internal virtual override {
+        if (shares == 0) revert ZeroShares();
         _accrueInterest();
 
         // If _asset is ERC-777, `transferFrom` can trigger a reentrancy BEFORE the transfer happens through the