feat: add Moonwell lending provider (Base, Optimism)

[ggonzalez94]

Summary

• Add Moonwell as a new lending+yield provider on Base and Optimism with full read and execution support.
• Markets, rates, positions (supply/collateral/borrow), yield opportunities, and yield positions read via on-chain RPC multicall batching (no API key required).
• Execution planning for lend supply|withdraw|borrow|repay and yield deposit|withdraw using Compound v2-style mToken contracts.
• Auto-resolve mToken by underlying asset via Comptroller.getAllMarkets() + Multicall3, or use --pool-address for explicit mToken.
• --on-behalf-of properly rejected (Compound v2 operates on msg.sender only).
• Alternate recipient properly rejected at planner level.
• Optimism USDC bootstrap address corrected to native USDC (0x0b2c...ff85); bridged USDC.e added as separate entry.
• --amount max support added (resolves to uint256.max for full-balance repay).
• Contract addresses verified against official Moonwell docs.
• Mintlify docs updated across all provider references.

Supersedes fork PR #36 (all original code preserved, with review fixes merged).

Security review notes

• ABI encodings verified correct for mint/redeemUnderlying/borrow/repayBorrow
• Multicall3 defensive guard against empty calls
• All multicall sub-calls use AllowFailure=true, preventing RPC panics from malformed responses
• Inputs validated: sender address, asset address, positive amount, recipient=sender enforcement
• No path exists to drain funds via crafted inputs (all execution targets are the mToken contract for the resolved underlying asset)
• Comptroller and RewardDistributor addresses verified against Moonwell official docs

Test plan

• go test ./... passes
• go vet ./... passes
• go build ./... passes
• Planner tests: supply (with approval+enterMarkets), withdraw, borrow, repay, alternate-recipient rejection, unsupported verb, auto-resolve via multicall
• Client tests: markets, rates, positions (filtering by type), yield opportunities, yield positions, unsupported chain, rate-to-APY math
• Registry tests: moonwell on-behalf-of rejection (lend + yield), provider normalization aliases
• Contract addresses verified against official Moonwell documentation

🤖 Generated with Claude Code

---

Note

High Risk
High risk because it adds new on-chain RPC reading and transaction planning/execution paths (lend/yield) with new contract/ABI metadata; mistakes could mis-route funds or break execution on supported chains.

Overview
Adds Moonwell provider support across lend and yield, wiring it into provider routing and CLI flags/enums so Moonwell can be selected for markets/rates/positions/opportunities/positions and for plan|submit|status execution.

Implements Moonwell on-chain reads and execution planning: a new Moonwell provider client uses RPC + Multicall3 batching to compute markets/rates/positions/yield data, and a new planner builds Compound v2 mToken transactions (with optional auto-resolution of mToken via Comptroller.getAllMarkets()), explicitly rejecting unsupported semantics like --on-behalf-of and alternate recipients.

Updates shared plumbing and metadata: adds Moonwell contract addresses and ABIs to the registry, extends lend positions requests with an optional rpc_url, adds --amount max normalization to uint256.max, fixes Optimism USDC bootstrap mapping (and adds USDC.e), and updates README/CHANGELOG/Mintlify docs to reflect the new provider and caveats.

^{Written by Cursor Bugbot for commit d33f4bc. This will update automatically on new commits. Configure here.}

[cursor]

Cursor Bugbot has reviewed your changes and found 2 potential issues.

^{Bugbot Autofix is OFF. To automatically fix reported issues with cloud agents, enable autofix in the Cursor dashboard.}

[cursor]

Unchecked type assertion can panic on malformed RPC

Medium Severity

plannerExecMulticall3 uses an unchecked type assertion (dec[0].([]struct{...})) that will panic if the RPC returns unexpected data. The equivalent function execMulticall3 in client.go uses the safe form (decoded[0].([]struct{...}) with , ok check and error return). A malformed or unexpected RPC response would crash the CLI instead of returning a user-friendly error.

Additional Locations (1)

• internal/providers/moonwell/client.go#L815-L822

 

[cursor]

Exported function MoonwellRewardDistributor is never called anywhere

Low Severity

MoonwellRewardDistributor and its backing map moonwellRewardDistributorByChainID are defined and exported but never referenced anywhere in the codebase. A grep for MoonwellRewardDistributor only returns the definition site. This is dead code that adds maintenance burden without providing any value.

 

[chatgpt-codex-connector]

💡 Codex Review

Here are some automated review suggestions for this pull request.

Reviewed commit: d33f4bc398

ℹ️ About Codex in GitHub

Your team has set up Codex to review pull requests in this repo. Reviews are triggered when you

• Open a pull request for review
• Mark a draft as ready
• Comment "@codex review".

If Codex has suggestions, it will comment; otherwise it will react with 👍.

Codex can also answer questions or update the PR. Try commenting "@codex address that feedback".

[chatgpt-codex-connector]

Scope max amount sentinel to repay-only flows

NormalizeAmount now converts --amount max to uint256.max unconditionally, but this helper is shared by many non-repay paths (swap/bridge quotes and lend/yield planners). As a result, commands that do not define a max semantic now accept it and proceed with an unrealistic base-unit amount instead of returning a usage error, which can produce unusable quotes or reverting plans (for example, withdraw paths become redeemUnderlying(2^256-1)). This is a behavior regression from strict numeric validation and should be gated to the specific repay flows that support it.

Useful? React with 👍 / 👎.