Priority queue Audit fixes

script/upgrades/priority-queue/deployPriorityQueue.s.sol

@@ -41,7 +41,7 @@ contract DeployPriorityQueue is Script, Utils {
         console2.log("");
 
         console2.log("To compute exact addresses, run with mainnet fork:");
-        console2.log("  forge script script/upgrades/priority-queue/deployPriorityQueue.s.sol:DeployPriorityQueue --sig 'dryRunWithFork()' --fork-url <RPC_URL>");
+        console2.log("  forge script script/upgrades/priority-queue/deployPriorityQueue.s.sol:DeployPriorityQueue --sig 'dryRun()' --fork-url <RPC_URL>");
     }
 
     function run() public {
@@ -125,9 +125,8 @@ contract DeployPriorityQueue is Script, Utils {
         console2.log("EtherFiRedemptionManager Implementation:", etherFiRedemptionManagerImpl);
         console2.log("");
         console2.log("NEXT STEPS:");
-        console2.log("1. Initialize PriorityWithdrawalQueue proxy");
-        console2.log("2. Upgrade LiquidityPool proxy to new implementation");
-        console2.log("3. Upgrade EtherFiRedemptionManager proxy to new implementation");
-        console2.log("4. Grant necessary roles in RoleRegistry");
+        console2.log("1. Upgrade LiquidityPool proxy to new implementation");
+        console2.log("2. Upgrade EtherFiRedemptionManager proxy to new implementation");
+        console2.log("3. Grant necessary roles in RoleRegistry");
     }
 }

script/upgrades/priority-queue/transactionsPriorityQueue.s.sol

@@ -147,9 +147,10 @@ contract PriorityQueueTransactions is Script, Utils {
         console2.log("Transaction Details:");
         console2.log("--------------------");
         console2.log("1. Upgrade LiquidityPool to:", liquidityPoolImpl);
-        console2.log("2. Grant PRIORITY_WITHDRAWAL_QUEUE_ADMIN_ROLE to:", ETHERFI_OPERATING_ADMIN);
-        console2.log("3. Grant PRIORITY_WITHDRAWAL_QUEUE_WHITELIST_MANAGER_ROLE to:", ETHERFI_OPERATING_ADMIN);
-        console2.log("4. Grant PRIORITY_WITHDRAWAL_QUEUE_REQUEST_MANAGER_ROLE to:", ADMIN_EOA);
+        console2.log("2. Upgrade EtherFiRedemptionManager to:", etherFiRedemptionManagerImpl);
+        console2.log("3. Grant PRIORITY_WITHDRAWAL_QUEUE_ADMIN_ROLE to:", ETHERFI_OPERATING_ADMIN);
+        console2.log("4. Grant PRIORITY_WITHDRAWAL_QUEUE_WHITELIST_MANAGER_ROLE to:", ETHERFI_OPERATING_ADMIN);
+        console2.log("5. Grant PRIORITY_WITHDRAWAL_QUEUE_REQUEST_MANAGER_ROLE to:", ADMIN_EOA);
         console2.log("================================================");
         console2.log("");
 

script/utils/utils.sol

@@ -32,12 +32,24 @@ contract Utils is Script, Deployed {
     uint256 constant MIN_DELAY_TIMELOCK = 259200; // 72 hours
 
     function deploy(string memory contractName, bytes memory constructorArgs, bytes memory bytecode, bytes32 salt, bool logging, ICreate2Factory factory) internal returns (address) {
-        uint256 deployerPrivateKey = vm.envUint("PRIVATE_KEY");
         address predictedAddress = factory.computeAddress(salt, bytecode);
-        address deployedAddress = factory.deploy(bytecode, salt);
-        require(deployedAddress == predictedAddress, "Deployment address mismatch");
+        bool alreadyDeployed = predictedAddress.code.length > 0;
+        address deployedAddress = predictedAddress;
+
+        if (alreadyDeployed) {
+            // Idempotent path: script reruns should reuse the existing deployment.
+            require(factory.verify(predictedAddress, salt, bytecode), "Existing code at predicted address does not match");
+        } else {
+            deployedAddress = factory.deploy(bytecode, salt);
+            require(deployedAddress == predictedAddress, "Deployment address mismatch");
+        }
 
         if (logging) {
+            if (alreadyDeployed) {
+                console.log("\n=== Deployment Skipped (Already Deployed) ===");
+                console.log("Contract:", contractName);
+                console.log("Address:", predictedAddress);
+            }
 
             // 5. Create JSON deployment log (exact same format)
             string memory deployLog = string.concat(

src/LiquidityPool.sol

@@ -16,6 +16,7 @@ import "./interfaces/ILiquifier.sol";
 import "./interfaces/IEtherFiNode.sol";
 import "./interfaces/IEtherFiNodesManager.sol";
 import "./interfaces/IRoleRegistry.sol";
+import "./interfaces/IPriorityWithdrawalQueue.sol";
 
 contract LiquidityPool is Initializable, OwnableUpgradeable, UUPSUpgradeable, ILiquidityPool {
     using SafeERC20 for IERC20;
@@ -218,14 +219,22 @@ contract LiquidityPool is Initializable, OwnableUpgradeable, UUPSUpgradeable, IL
             msg.sender == priorityWithdrawalQueue,
             "Incorrect Caller"
         );
-        if (totalValueInLp < _amount || (msg.sender == address(withdrawRequestNFT) && ethAmountLockedForWithdrawal < _amount) || eETH.balanceOf(msg.sender) < _amount) revert InsufficientLiquidity();
+        if (totalValueInLp < _amount || eETH.balanceOf(msg.sender) < _amount) revert InsufficientLiquidity();
         if (_amount > type(uint128).max || _amount == 0 || share == 0) revert InvalidAmount();
 
-        totalValueInLp -= uint128(_amount);
+        if (msg.sender == priorityWithdrawalQueue && (totalValueInLp - ethAmountLockedForWithdrawal < _amount)) revert InsufficientLiquidity();
+
         if (msg.sender == address(withdrawRequestNFT)) {
+            if (ethAmountLockedForWithdrawal < _amount) revert InsufficientLiquidity();
+            if (priorityWithdrawalQueue != address(0)) {
+                uint128 priorityLocked = uint128(IPriorityWithdrawalQueue(priorityWithdrawalQueue).ethAmountLockedForPriorityWithdrawal());
+                if (totalValueInLp - priorityLocked < _amount) revert InsufficientLiquidity();
+            }
             ethAmountLockedForWithdrawal -= uint128(_amount);
         }
 
+        totalValueInLp -= uint128(_amount);
+
         eETH.burnShares(msg.sender, share);
 
         _sendFund(_recipient, _amount);