Guards are configured and executed using GuardManager.sol.

• Guards can only be configured at vault registration/creation

• Definitions are persisted using @solmate/utils/SSTORE2.sol

Definition:

struct GuardDefinition {
   address contractAddress;
   string methodSignature;
   bytes32 expectedValue;
   GuardParamType[] methodParamTypes;
   bytes[] methodParamValues;
   bytes2 operator;
}

• Can be any “view” (read-only) function call - they are not allowed to change the state

• Can dynamically resolve some parameters (e.g. SmartVault address, executor address, receiver address, asset owner address, depositing token addresses, etc.)

• Can be configured to run at different points in the deposit/withdrawal process:

• Deposit (user initiates deposit)

• Withdrawal (user initiates redeem/fastRedeem)

• BurnNFT (user burns deposit NFT)

• TransferSVTs (user transfers his SVTs)

• TransferNFT (user transfers his NFTs)

Spool will be launched with a generic whitelisting contract AllowlistGuard.sol

• Smart Vault Administrators can add/remove addresses for their Vaults

Examples:

• Deposit executor whitelist

• Deposit beneficiary whitelist

• Deposit source assets owner whitelist

• Deposit timelock (users can’t burn deposit NFT until a certain time has elapsed)

• NFT gating (users are required to own a certain NFT to be eligible for entering a vault)

Actions

• Actions are configured and executed using ActionManager.sol

• Actions can only be configured at vault registration/creation

• Actions can modify state

• Only actions whitelisted by the Spool DAO can be used in Smart Vault creation

• Actions have to implement the IAction interface.