yash/chore/configure-params

[0xpanicError]

Note

High Risk
Changes mainnet upgrade script limits for withdrawals, liquifier pricing, redemption watermarks, and pause durations; constant drift vs deployed impls would fail verification or misconfigure production.

Overview
Introduces SecurityUpgradesConstants in Constants.s.sol as the single source of truth for the 26Q2 security-upgrade deploy, transactions, and revert Forge scripts, replacing duplicated “must match deploy” blocks in each file.

Shared config now lives in one place: release GIT_COMMIT_SHA / CREATE2 & timelock salts, immutable constructor args, role holders/IDs, legacy revokes, rate-limiter bucket IDs, timelock handles, and operational setpoints. Script-local inputs (deploy outputs, impl addresses, PRE_* rollback impls) stay in each script.

Parameter updates (relative to the old per-script values) include: real commit hash instead of zero; Liquifier tighter oracle guards (e.g. 2-day stale window, 2% max deviation, 1 bps min discount); EtherFiAdmin daily validator-approval cap 100 (was 1000); EtherFiRedemptionManager low-watermark 5% TVL (was 20%); WithdrawRequestNFT share-rate band 1.05–1.25 ether (was ~0.95–1.15); post-upgrade 20k ether/day finalized-withdrawal operational limit (was unset/0); LP withdraw min/max bounds centralized; and non-zero PAUSE_UNTIL_* durations (8h–2d) for Batch 2 instead of zeros.

^{Reviewed by Cursor Bugbot for commit 6fa61ff. Bugbot is set up for automated code reviews on this repo. Configure here.}

[chatgpt-codex-connector]

Codex usage limits have been reached for code reviews. Please check with the admins of this repo to increase the limits by adding credits.
Credits must be used to enable repository wide code reviews.

[cursor]

Cursor Bugbot has reviewed your changes and found 2 potential issues.

^{❌ Bugbot Autofix is OFF. To automatically fix reported issues with cloud agents, enable autofix in the Cursor dashboard.}

^{Reviewed by Cursor Bugbot for commit 6fa61ff. Configure here.}