Comptroller: Policy Hooks

Key takeaway: Compound V2's Comptroller exposes a hook pattern: mintAllowed, redeemAllowed, borrowAllowed, liquidateBorrowAllowed, and others. Each cToken function calls the relevant hook before mutating state, giving the Comptroller pre-flight veto power based on cross-market conditions. This indirection is what enables features like pause guardians and per-market mint caps without modifying the cToken contracts. The hooks are also where the Comptroller defends against insolvency by blocking actions that would push a user underwater.

What You Are Building

You are building the policy hooks that CTokens call before executing operations. Every mint, redeem, borrow, repay, and liquidation goes through the Comptroller for permission first. These hooks are how the Comptroller enforces risk constraints across the entire protocol. You will also build liquidateCalculateSeizeTokens, the formula that determines how much collateral a liquidator receives.

The hook pattern is a security boundary. If a hook is missing, has incorrect logic, or can be bypassed, the entire protocol is at risk. The $80M COMP distribution bug in 2021 was caused by a broken hook during a Comptroller upgrade. Getting these right is non-negotiable.