Skip to main content

VaultRegistry

File: contracts/src/core/VaultRegistry.sol
Pattern: UUPS Upgradeable
Inherits: Initializable, OwnableUpgradeable, UUPSUpgradeable The VaultRegistry is the on-chain source of truth for all vaults deployed through the protocol. Only the authorized VaultFactory can write to it. Anyone can read from it to verify whether a given address is a legitimate ZibaXeer vault.

State Variables

VariableTypeDescription
isRegisteredVaultmapping(address => bool)Whether an address is a registered vault
leaderToVaultsmapping(address => address[])All vault addresses a leader manages
authorizedFactoryaddressThe only address allowed to call registerVault

Events

VaultRegistered

event VaultRegistered(address indexed leader, address indexed vault);

FactoryUpdated

event FactoryUpdated(address indexed oldFactory, address indexed newFactory);

Functions

registerVault

function registerVault(address leader, address vault) external onlyFactory
Access: authorizedFactory only Called automatically by VaultFactory.createVault() after proxy deployment. Marks the vault as registered and appends it to the leader’s vault list.

setAuthorizedFactory

function setAuthorizedFactory(address _factory) external onlyOwner
Updates the factory address. Emits FactoryUpdated.

Read Access

// Check if an address is a legitimate ZibaXeer vault
bool isLegit = registry.isRegisteredVault(0xVaultAddress);

// Get all vaults a leader manages
address[] memory vaults = registry.leaderToVaults(0xLeaderAddress);

Security

The onlyFactory modifier prevents any external actor from registering arbitrary addresses as vaults. The authorizedFactory can only be updated by the contract owner (protocol DAO or multi-sig), making the registry tamper-proof under normal operation.
The onlyFactory modifier prevents any external actor from registering arbitrary addresses as vaults: 
modifier onlyFactory() {
    require(msg.sender == authorizedFactory, "Caller is not the authorized Factory");
    _;
}
The authorizedFactory can only be changed by the contract owner (protocol DAO/multi-sig).