Skip to main content

Minting and Burning Logic

The DERA contract enforces a tightly bound mint/burn gateway governed exclusively by the DeraEngine contract.


Minting: When a user converts a whitelisted stablecoin, DeraEngine:

  • Validates the asset and amount
  • Allocates capital to DeFi connectors proportionally to current allocation weights
  • Calls mint() on DERA to issue DERA tokens to the user


Burning: When a user redeems, DeraEngine:

  • Calls burn() on DERA to destroy the corresponding token amount
  • Recovers funds from underlying pools via connectors
  • Returns the underlying stablecoin to the user


These functions are not publicly accessible and cannot be triggered by users directly. This preserves the integrity of the token supply and ensures a direct relationship between protocol TVL and circulating DERA supply.

Key Features

FeatureDescription
Omnichain TransfersFully OFTv2-compliant, enabling native token movement across EVM chains via LayerZero
Mint/Burn DisciplineIssuance and redemption are tied directly to real asset flows, governed solely by DeraEngine
Secure Access ControlOpenZeppelin AccessControlDefaultAdminRules with two-step admin transfer and scoped roles
Direct TVL BackingEvery DERA token in circulation is backed by protocol-deployed TVL across active DeFi integrations
ERC-20 CompatibilityFully compatible with wallets, exchanges, DeFi protocols, and indexers
Modular SeparationToken logic is isolated from DeFi pool logic and engine operations, simplifying audits and upgrades
Cross-Chain SafetyULN architecture prevents token duplication, ordering issues, and centralisation risks

Dera Engine

DeraEngine.sol is the central contract through which users interact with the protocol. It inherits from DeraAdmin and exposes two user-facing functions: depositTokenAndMintDera and burnDerAndWithdrawFunds.


Key responsibilities:

  • Conversions in: Validates the submitted stablecoin, calculates proportional allocations across active pools, routes capital to connectors, and mints DERA to the user
  • Redemptions: Burns DERA tokens, withdraws proportional liquidity from connectors, and returns the underlying stablecoin to the user


Security is enforced with OpenZeppelin's ReentrancyGuard on all external user functions. Role-restricted modifiers ensure only authorised entities can access admin-level logic.


Immutable state variables (via DeraAdmin):

  • DERA: Immutable address of the DERA token contract
  • USDC_TOKEN_ADDRESS: Immutable address of the accepted stablecoin
  • DERA_SAFETY_ESCROW_ADDRESS: Immutable address of the Safety Escrow contract


Dynamic state includes protocol pool addresses, allocation weights, and TVL tracking. All state changes emit on-chain logs for full auditability.

DeraAdmin

DeraAdmin.sol defines the administrative interface for configuring the protocol. It is inherited by DeraEngine.sol and provides control over:


  • Service Fees: Configurable withdrawal fee, capped at 0.1%
  • Pool Management: Adding and removing pools, setting and updating allocation weights, triggering reallocation
  • Fee Manager Role: Granting and revoking fee withdrawal permissions
  • Performance Fees: Configuration and withdrawal initiation
  • Fund Recovery: Retrieves tokens mistakenly transferred directly to Engine or connector contracts, including airdropped or spam tokens. Gated by ADMIN_ROLE and logged on-chain


All functions are restricted to ADMIN_ROLE. Key state changes emit events (ProtocolPoolAdded, FundsReallocated, etc.) for full traceability.

Protocol Connector Contracts

Protocol Connectors enable the Engine to interact with external DeFi protocols. Each connector implements the IDefiProtocolConnector interface and abstracts the integration logic for a specific protocol.


Each connector tracks two core state variables inherited from BaseDefiProtocolConnector:


  • netUnderlyingAssetDeposits: Total principal deposited into the underlying pool
  • currentYield: Continuously updated to reflect accrued interest based on pool token share value or rebase mechanism


Performance fee handling:

  • Each connector defines a performanceFeePercentage variable representing the portion of yield available as protocol revenue
  • withdrawPerformanceFee() is callable only by DeraEngine and transfers accrued fees to the configured fee recipient

Pausability


Each connector inherits OpenZeppelin's Pausable contract. Individual connectors can be paused without halting the broader system, enabling the protocol to:


  • Suspend interactions with a specific pool during an exploit or anomalous yield behaviour in the connected protocol
  • Perform scheduled maintenance or parameter updates in isolation


Connector pausing is access-controlled and emits Paused and Unpaused events. Withdrawals from the broader system are never pausable regardless of individual connector status.

Safety Escrow


DeraSafetyEscrow is a dedicated fallback contract ensuring continuous fund accessibility if a primary connector becomes unresponsive or fails.


  • Emergency Withdrawals: If a connector cannot return funds, the Engine reroutes withdrawal operations through the Safety Escrow
  • Controlled Access: Callable exclusively by DeraEngine
  • Operational Continuity: Maintains MiCA-aligned system availability under stress conditions or third-party protocol failure