EBIP-7: Enroot BDV Update

Committed: December 9, 2022


Beanstalk Community Multisig

Emergency Process Note

Per the process outlined in the BCM Emergency Response Procedures, the BCM can take swift action to protect Beanstalk in the event of a bug or security vulnerability.


The enrootDeposit(s) functions could Enroot any tokens on the Deposit Whitelist. Only Unripe tokens on the Deposit Whitelist should be able to be Enrooted.

The difference between enrootDeposit(s) and λ → λ Converts is that enrootDeposit(s) credits the Grown Stalk received from the additional BDV while λ → λ Converts do not.

Thus, BEAN3CRV LP Depositors could Enroot their BEAN3CRV LP Deposits when the BDV was higher and receive excess Grown Stalk.

The impact of this was marginal, particularly given that this is only possible with BEAN3CRV LP, but when deltaB < 0 it was possible to take advantage of the issue.


Add the following check to the enrootDeposit(s) functions:

require(s.u[token].underlyingToken != address(0), "Silo: token not unripe");

Contract Changes

Silo Facet

The following SiloFacet is still part of Beanstalk:

The following SiloFacet is added to Beanstalk:

SiloFacet Function Changes

Name Selector Action Type New Functionality
enrootDeposit 0xd5d2ea8c Replace Call
enrootDeposits 0x83b9e85d Replace Call

SiloFacet Event Changes



Effective immediately upon commit by the BCM, which has already happened.