ing
This commit is contained in:
owen05
106
README.md
106
README.md
@@ -1,79 +1,35 @@
|
||||
# Audit Scope
|
||||
|
||||
*IN PROCESS*
|
||||
|
||||
## Contract Directory
|
||||
|
||||
*IN PROCESS*
|
||||
|
||||
- CrowdPooling/
|
||||
|
||||
- DODOPrivatePool/
|
||||
|
||||
- DODOVendingMachine/
|
||||
|
||||
- DODOFee/
|
||||
|
||||
- DODOToken/
|
||||
|
||||
- Factory/
|
||||
|
||||
- helper/
|
||||
|
||||
- intf/
|
||||
|
||||
- lib/
|
||||
|
||||
- SmartRoute/
|
||||
|
||||
## Contract Address
|
||||
|
||||
*IN PROCESS*
|
||||
|
||||
- DODOApprove: 0xCB859eA579b28e02B87A1FDE08d087ab9dbE5149
|
||||
|
||||
- DODOApproveProxy: 0x335aC99bb3E51BDbF22025f092Ebc1Cf2c5cC619
|
||||
|
||||
- DODOIncentive: 0x989DcAA95801C527C5B73AA65d3962dF9aCe1b0C
|
||||
|
||||
- DODOV2Proxy02: 0x1cf4Ae0Fae772B64d83D175d9E3eE06240f6Dc9a
|
||||
|
||||
---
|
||||
|
||||
- CPFactory: 0xE8C9A78725D0451FA19878D5f8A3dC0D55FECF25
|
||||
|
||||
- DPPFactory: 0x6B4Fa0bc61Eddc928e0Df9c7f01e407BfcD3e5EF
|
||||
|
||||
- DVMFactory: 0xc9eD9B18e447e600238fe50e944B9062B664DEa4
|
||||
|
||||
- ERC20Factory: 0x44D5dF24d5Ef52A791D6436Fa45A8D426f6de34e
|
||||
|
||||
- UpCpFactory: 0x0c4b4F1D5F5c989457cdD6f5102308b33c922281
|
||||
|
||||
---
|
||||
|
||||
- DVMTemplate: 0x01FEEA29da5Ae41B0b5F6b10b93EE34752eF80d7
|
||||
|
||||
- DPPTemplate: 0xB76de21f04F677f07D9881174a1D8E624276314C
|
||||
|
||||
- DPPAdmin Template: 0x5515363c0412AdD5c72d3E302fE1bD7dCBCF93Fe
|
||||
|
||||
- CPTemplate: 0x327344B382EE1b44FB0a72945fCDCC7243200dD7
|
||||
|
||||
---
|
||||
|
||||
- vDODOToken: 0xc4436fBAE6eBa5d95bf7d53Ae515F8A707Bd402A
|
||||
|
||||
- DODOMigrationBSC: 0x02fCB21dc1cf221939C1d4277fB54016b5d32bC7
|
||||
|
||||
---
|
||||
|
||||
- MtFeeRateModel: 0x5e84190a270333aCe5B9202a3F4ceBf11b81bB01
|
||||
|
||||
- PermissionModel: 0x6B208E08dcF6BD51F50C5Da09d15B2D8E5C46Cf2
|
||||
|
||||
- FeeRateImpl: 0x4775b1858f1e417C9609D455C3Ad8751ec01daC4
|
||||
# DODO V2: Help 1 Trillion People Issue Token
|
||||
|
||||
## Audit Report
|
||||
|
||||
[Audited by Peckshield](https://github.com/DODOEX/contractV2/blob/main/audit/PeckShield-Audit-DODOV2-v1.0.pdf)
|
||||
|
||||
## Bug Bounty 💰
|
||||
|
||||
### Rewards
|
||||
|
||||
Severity of bugs will be assessed under the [CVSS Risk Rating](https://www.first.org/cvss/calculator/3.0) scale, as follows:
|
||||
|
||||
- Critical (9.0-10.0): Up to $100,000
|
||||
- High (7.0-8.9): Up to $10,000
|
||||
- Medium (4.0-6.9): Up to $5,000
|
||||
- Low (0.1-3.9): Up to $1,000
|
||||
|
||||
In addition to assessing severity, rewards will be considered based on the impact of the discovered vulnerability as well as the level of difficulty in discovering such vulnerability.
|
||||
|
||||
### Disclosure
|
||||
|
||||
Any vulnerability or bug discovered must be reported only to the following email: contact@dodoex.io; must not be disclosed publicly; must not be disclosed to any other person, entity or email address prior to disclosure to the contact@dodoex.io email; and must not be disclosed in any way other than to the contact@dodoex.io email. In addition, disclosure to contact@dodoex.io must be made promptly following discovery of the vulnerability. Please include as much information about the vulnerability as possible, including:
|
||||
|
||||
- The conditions on which reproducing the bug is contingent.
|
||||
- The steps needed to reproduce the bug or, preferably, a proof of concept.
|
||||
- The potential implications of the vulnerability being abused.
|
||||
|
||||
A detailed report of a vulnerability increases the likelihood of a reward and may increase the reward amount.
|
||||
|
||||
Anyone who reports a unique, previously-unreported vulnerability that results in a change to the code or a configuration change and who keeps such vulnerability confidential until it has been resolved by our engineers will be recognized publicly for their contribution, if agreed.
|
||||
|
||||
## Contact Us
|
||||
|
||||
Send E-mail to contact@dodoex.io
|
||||
|
||||
|
||||
@@ -16,7 +16,7 @@ import {IERC1155Receiver} from "../../intf/IERC1155Receiver.sol";
|
||||
|
||||
contract NFTCollateralVault is InitializableOwnable, IERC721Receiver, IERC1155Receiver {
|
||||
|
||||
function transferOwnership(address newOwner) public override onlyOwner {
|
||||
function directTransferOwnership(address newOwner) public onlyOwner {
|
||||
emit OwnershipTransferred(_OWNER_, newOwner);
|
||||
_OWNER_ = newOwner;
|
||||
}
|
||||
@@ -24,38 +24,40 @@ contract NFTCollateralVault is InitializableOwnable, IERC721Receiver, IERC1155Re
|
||||
//TODO? assetTo
|
||||
function withdrawERC721(address nftContract, uint256 tokenId) public onlyOwner {
|
||||
IERC721(nftContract).safeTransferFrom(msg.sender, _OWNER_, tokenId, "");
|
||||
// IERC721(nftContract).safeTransferFrom(address(this), _OWNER_, tokenId, "");
|
||||
}
|
||||
|
||||
//TODO? assetTo
|
||||
function withdrawERC1155(address nftContract, uint256[] memory tokenIds, uint256[] memory amounts) public onlyOwner {
|
||||
IERC1155(nftContract).safeBatchTransferFrom(msg.sender, _OWNER_, tokenIds, amounts, "");
|
||||
// IERC1155(nftContract).safeBatchTransferFrom(address(this), _OWNER_, tokenIds, amounts, "");
|
||||
}
|
||||
|
||||
function onERC721Received(
|
||||
address operator,
|
||||
address from,
|
||||
uint256 tokenId,
|
||||
bytes calldata data
|
||||
address,
|
||||
address,
|
||||
uint256,
|
||||
bytes calldata
|
||||
) external override returns (bytes4) {
|
||||
return IERC721Receiver.onERC721Received.selector;
|
||||
}
|
||||
|
||||
function onERC1155Received(
|
||||
address operator,
|
||||
address from,
|
||||
uint256 id,
|
||||
uint256 value,
|
||||
bytes calldata data
|
||||
address,
|
||||
address,
|
||||
uint256,
|
||||
uint256,
|
||||
bytes calldata
|
||||
) external override returns (bytes4){
|
||||
return IERC1155Receiver.onERC1155Received.selector;
|
||||
}
|
||||
|
||||
function onERC1155BatchReceived(
|
||||
address operator,
|
||||
address from,
|
||||
uint256[] calldata ids,
|
||||
uint256[] calldata values,
|
||||
bytes calldata data
|
||||
address,
|
||||
address,
|
||||
uint256[] calldata,
|
||||
uint256[] calldata,
|
||||
bytes calldata
|
||||
) external override returns (bytes4){
|
||||
return IERC1155Receiver.onERC1155BatchReceived.selector;
|
||||
}
|
||||
|
||||
@@ -18,6 +18,8 @@ contract FeeDistributor is InitializableOwnable {
|
||||
using SafeMath for uint256;
|
||||
using SafeERC20 for IERC20;
|
||||
|
||||
// ============ Storage ============
|
||||
|
||||
address public _BASE_TOKEN_;
|
||||
address public _QUOTE_TOKEN_;
|
||||
uint256 public _BASE_RESERVE_;
|
||||
@@ -32,6 +34,7 @@ contract FeeDistributor is InitializableOwnable {
|
||||
mapping(address => uint256) internal _QUOTE_DEBT_;
|
||||
mapping(address => uint256) internal _SHARES_;
|
||||
|
||||
|
||||
function init(
|
||||
address baseToken,
|
||||
address quoteToken,
|
||||
@@ -45,6 +48,7 @@ contract FeeDistributor is InitializableOwnable {
|
||||
_STAKE_VAULT_ = address(new StakeVault());
|
||||
}
|
||||
|
||||
//TODO: 用户的手续费base or quote 直接转到该合约中,stakeVault保存的是?
|
||||
function stake(address to) external {
|
||||
_accuReward();
|
||||
uint256 stakeVault = IERC20(_STAKE_TOKEN_).balanceOf(_STAKE_VAULT_);
|
||||
|
||||
@@ -10,23 +10,25 @@ pragma solidity 0.6.9;
|
||||
import {SafeMath} from "../lib/SafeMath.sol";
|
||||
import {SafeERC20} from "../lib/SafeERC20.sol";
|
||||
import {DecimalMath} from "../lib/DecimalMath.sol";
|
||||
import {InitializableOwnable} from "../lib/InitializableOwnable.sol";
|
||||
import {IDVM} from "../DODOVendingMachine/intf/IDVM.sol";
|
||||
import {ICloneFactory} from "../lib/CloneFactory.sol";
|
||||
import {IERC20} from "../intf/IERC20.sol";
|
||||
import {InitializableMintableERC20} from "../external/ERC20/InitializableMintableERC20.sol";
|
||||
|
||||
|
||||
//TODO?:why mintable
|
||||
contract Fragment is InitializableMintableERC20 {
|
||||
using SafeMath for uint256;
|
||||
using SafeERC20 for IERC20;
|
||||
|
||||
uint256 _BUYOUT_TIMESTAMP_;
|
||||
// ============ Storage ============
|
||||
|
||||
bool public _IS_BUYOUT_;
|
||||
uint256 public _BUYOUT_TIMESTAMP_;
|
||||
uint256 public _BUYOUT_PRICE_;
|
||||
|
||||
address _COLLATERAL_VAULT_;
|
||||
address _QUOTE_;
|
||||
address _DVM_;
|
||||
bool _IS_BUYOUT_;
|
||||
uint256 _BUYOUT_PRICE_;
|
||||
address public _COLLATERAL_VAULT_;
|
||||
address public _QUOTE_;
|
||||
address public _DVM_;
|
||||
|
||||
function init(
|
||||
address owner,
|
||||
@@ -52,15 +54,15 @@ contract Fragment is InitializableMintableERC20 {
|
||||
// init FRAG distribution
|
||||
totalSupply = supply;
|
||||
balances[owner] = DecimalMath.mulFloor(supply, ownerRatio);
|
||||
balances[dvm] = supply.sub( balances[owner]);
|
||||
balances[dvm] = supply.sub(balances[owner]);
|
||||
emit Transfer(address(0), owner, balances[owner]);
|
||||
emit Transfer(address(0), dvm, balances[dvm]);
|
||||
|
||||
// init DVM liquidity
|
||||
//TODO?: transfer FRAG to DVM
|
||||
IDVM(_DVM_).buyShares(address(this));
|
||||
}
|
||||
|
||||
//需要先转入QUOTE
|
||||
function buyout() external {
|
||||
require(!_IS_BUYOUT_, "ALREADY BUYOUT");
|
||||
_IS_BUYOUT_ = true;
|
||||
@@ -83,10 +85,10 @@ contract Fragment is InitializableMintableERC20 {
|
||||
IERC20(_QUOTE_).safeTransfer(_OWNER_, ownerQuote);
|
||||
}
|
||||
|
||||
// buyout之后的恒定兑换
|
||||
// buyout之后的恒定兑换,需要先转入FRAG
|
||||
function redeem(address to) external {
|
||||
require(_IS_BUYOUT_, "NEED BUYOUT");
|
||||
//TODO? amount
|
||||
|
||||
IERC20(_QUOTE_).safeTransfer(to, DecimalMath.mulFloor(_BUYOUT_PRICE_, balances[address(this)]));
|
||||
_clearSelfBalance();
|
||||
}
|
||||
|
||||
@@ -44,7 +44,7 @@ contract InitializableOwnable {
|
||||
_OWNER_ = newOwner;
|
||||
}
|
||||
|
||||
function transferOwnership(address newOwner) public virtual onlyOwner {
|
||||
function transferOwnership(address newOwner) public onlyOwner {
|
||||
emit OwnershipTransferPrepared(_OWNER_, newOwner);
|
||||
_NEW_OWNER_ = newOwner;
|
||||
}
|
||||
|
||||
Reference in New Issue
Block a user