Skip to main content

Minting and Burning Logic

The $DERA contract enforces a tightly bound mint/burn gateway governed exclusively by the DeraEngine contract.

  • Minting:

    When a user deposits a whitelisted stablecoin (e.g., USDC), DeraEngine:

    • Validates the asset and amount
    • Allocates capital to DeFi connectors
    • Calls mint() on DERA1 to issue yield-generating tokens to the user

  • Burning:

    When a user withdraws, DeraEngine:

    • Calls burn() on DERA1 to destroy the corresponding token amount
    • Recovers funds from underlying pools via connectors
    • Returns base stablecoins to the user

These functions are not publicly accessible and cannot be triggered by users directly. This preserves the integrity of the token supply and ensures a 1:1 relationship between protocol TVL and circulating DERA.

Key Features

FeatureDescription
Omnichain TransfersFully OFTv2-compliant, enabling seamless token movement across chains via LayerZero
Mint/Burn DisciplineIssuance and redemption are tied directly to real asset flows, governed solely by DeraEngine
Secure Access ControlUses OpenZeppelin's AccessControlDefaultAdminRules with two-step admin transfer and scoped roles
1:1 BackingEvery DERA token in circulation is backed by protocol-deployed TVL across verified DeFi pools
ERC-20 CompatibilityFully compatible with wallets, exchanges, DeFi protocols, and indexers
Modular SeparationToken logic is isolated from DeFi pool logic and engine operations, simplifying audits and upgrades
Cross-Chain SafetyULN architecture prevents token duplication, ordering issues, and centralization risks

Dera Engine

DeraEngine.sol is the central hub through which users interact with the protocol. In addition to inheriting from DeraAdmin, it exposes the user-facing functions: depositTokenAndMintDera and burnDeraWithdrawFunds. These functions support trustless conversion between stablecoins and yield-generating  DERA tokens.

Key actions include:

  • Deposits: Users provide a specified amount of a whitelisted stablecoin. The engine then calculates proportional allocations, routes the capital to various pools via connectors, and mints the user DERA tokens.

  • Withdrawals: Users burn DERA tokens. The engine then fetches liquidity from pools based on current allocations and returns USDC as the unified redemption asset.

Security is enforced with OpenZeppelin's ReentrancyGuard to prevent exploit loops. Role-restricted modifiers ensure that only authorized entities can access admin-level logic.

State variables (via DeraAdmin )  include:

  • DERA1: Immutable address of the DERA token.

  • USDC_TOKEN_ADDRESS: Immutable address of the accepted deposit token, USDC

  • DERA_SAFETY_ESCROW_ADDRESS: Immutable address of Dera's Safety Escrow contract

  • feeRecipient: Address of the performance/service fee recipient

  • Dynamic tracking of protocol pools and allocations, and Dera's TVL.

All state changes emit logs, ensuring on-chain auditability. DeraEngine is also the admin of deployed connectors, enabling it to trigger external function calls like interest fee withdrawal and asset rebalancing.

Dera Admin (abstract contract)

DeraAdmin.sol defines the administrative interface for configuring the protocol. It is inherited by DeraEngine.sol for its storage and helper functions,  and provides fine-grained control over:

  • Service Fees: Capped at 1% to manage protocol service charges.

  • Pool Management: Adding/removing pools, setting allocations/reallocating funds.

  • Fee Manager Role Management:  Granting and revoking fee withdrawal initiation permissions

  • Performance Fees: Configuration and withdrawal initiation.

  • Recovery: Enables the protocol admin to recover tokens that are unintentionally held by protocol contracts. This includes:

  • Tokens mistakenly sent directly to contracts (i.e., not via intended functions)

  • Airdropped tokens from legitimate projects

  • Malicious or spam token drops designed to manipulate or exploit contract behavior

This functionality ensures operational safety, preserves treasury cleanliness, and allows the team to prevent unexpected token accumulation from affecting accounting or logic execution. Recovery operations are gated by ADMIN_ROLE and trigger on-chain event logs for full transparency.

All functions are restricted to ADMIN_ROLE, and key state changes trigger event logs (ProtocolPoolAdded, FundsReallocated, etc.) to ensure traceability.

DeFi Protocol Connector contracts

DeFi Protocol Connector contracts enable Dera to interact with third-party DeFi protocols such as Aave, Compound, and Fluid. These logic wrappers abstract the intricacies of each platform and facilitate secure integration with a modular, upgradeable approach.

Key responsibilities include:

  • Deposit & Withdrawal Logic: The connectors implement the IDefiProtocolConnector interface to standardize interactions.

  • Fee Withdrawal Logic

Each DeFi protocol connector tracks user-deposited capital and yield generation through two core state variables inherited from the BaseDefiProtocolConnector abstract contract:

  • netUnderlyingAssetDeposits: Tracks the total principal deposited by the protocol into the underlying pool.

  • currentYield: Continuously updated to reflect accrued interest based on pool token share value or rebase mechanisms.

The increase in LP token value (or rebase amount) determines the protocol's yield and, by extension, the withdrawable performance fee.

To support structured and secure fee handling:

  • Each connector defines a performanceFeePercentage variable, representing the portion of yield that can be withdrawn as protocol revenue.

  • The withdrawPerformanceFee() function, callable only by the DeraEngine, transfers this accrued fee to the configured fee recipient.

  • Connector contracts also maintain references to the associated engine and pool addresses for authorization and allocation mapping.

Pausability for Risk Containment

In addition to dynamic yield logic, each connector inherits OpenZeppelin's Pausable contract, allowing the protocol to pause individual connectors without halting the entire system. This feature enables:

  • Temporary suspension of deposits, withdrawals, and fee operations for a specific pool in the event of:

  • On-chain exploits or vulnerabilities in the connected DeFi protocol

  • Irregular yield behavior or reporting anomalies

  • Scheduled maintenance or parameter updates

Connector pausing is governed by access-controlled functions and emits Paused and Unpaused events for full traceability. This mechanism helps isolate risk at the pool level, enhancing the protocol's overall fault tolerance and aligning with MiCA's operational continuity mandates.

Dera Safety Escrow --- Security Mechanism

The DeraSafetyEscrow contract is a dedicated security mechanism designed to ensure continuous fund accessibility in the event that a primary DeFi connector becomes unresponsive, misbehaves, or encounters liquidity failure.

It is tightly integrated with the DeraEngine and functions as a redundant withdrawal route that preserves capital access without compromising the integrity of the system.

Key Security Functions:

  • Emergency Withdrawals: If a connector fails to return funds, the engine can reroute withdrawal operations through DeraSafetyEscrow, ensuring users can still redeem their assets.

  • Controlled Access: Only callable by the DeraEngine, with strict role enforcement to prevent unauthorized or external use.

  • Operational Continuity: Helps maintain MiCA-compliant system availability and resilience under stress conditions or third-party protocol disruptions.

This mechanism reinforces the protocol's commitment to user fund safety and ensures graceful recovery paths under all circumstances.

  • architecture diagram + contract interactions (we also add a code-level explanation)