ing

2021-03-31 14:10:27 +08:00
parent 80744534d5
commit 5d288c047a
5 changed files with 67 additions and 103 deletions
--- a/README.md
+++ b/README.md
@@ -1,79 +1,35 @@
-# Audit Scope
+# DODO V2: Help 1 Trillion People Issue Token
 *IN PROCESS*
 ## Contract Directory
 *IN PROCESS*
 - CrowdPooling/
 - DODOPrivatePool/
 - DODOVendingMachine/
 - DODOFee/
 - DODOToken/
 - Factory/
 - helper/
 - intf/
 - lib/
 - SmartRoute/
 ## Contract Address
 *IN PROCESS*
 - DODOApprove: 0xCB859eA579b28e02B87A1FDE08d087ab9dbE5149
 - DODOApproveProxy: 0x335aC99bb3E51BDbF22025f092Ebc1Cf2c5cC619
 - DODOIncentive: 0x989DcAA95801C527C5B73AA65d3962dF9aCe1b0C
 - DODOV2Proxy02: 0x1cf4Ae0Fae772B64d83D175d9E3eE06240f6Dc9a
 ---
 - CPFactory: 0xE8C9A78725D0451FA19878D5f8A3dC0D55FECF25
 - DPPFactory: 0x6B4Fa0bc61Eddc928e0Df9c7f01e407BfcD3e5EF
 - DVMFactory: 0xc9eD9B18e447e600238fe50e944B9062B664DEa4
 - ERC20Factory: 0x44D5dF24d5Ef52A791D6436Fa45A8D426f6de34e
 - UpCpFactory: 0x0c4b4F1D5F5c989457cdD6f5102308b33c922281
 ---
 - DVMTemplate: 0x01FEEA29da5Ae41B0b5F6b10b93EE34752eF80d7
 - DPPTemplate: 0xB76de21f04F677f07D9881174a1D8E624276314C
 - DPPAdmin Template: 0x5515363c0412AdD5c72d3E302fE1bD7dCBCF93Fe
 - CPTemplate: 0x327344B382EE1b44FB0a72945fCDCC7243200dD7
 --- 
 - vDODOToken: 0xc4436fBAE6eBa5d95bf7d53Ae515F8A707Bd402A
 - DODOMigrationBSC: 0x02fCB21dc1cf221939C1d4277fB54016b5d32bC7
 --- 
 - MtFeeRateModel: 0x5e84190a270333aCe5B9202a3F4ceBf11b81bB01
 - PermissionModel: 0x6B208E08dcF6BD51F50C5Da09d15B2D8E5C46Cf2
 - FeeRateImpl: 0x4775b1858f1e417C9609D455C3Ad8751ec01daC4
 ## Audit Report
 [Audited by Peckshield](https://github.com/DODOEX/contractV2/blob/main/audit/PeckShield-Audit-DODOV2-v1.0.pdf)
 ## Bug Bounty 💰
 ### Rewards
 Severity of bugs will be assessed under the [CVSS Risk Rating](https://www.first.org/cvss/calculator/3.0) scale, as follows:
 - Critical (9.0-10.0): Up to $100,000
 - High (7.0-8.9): Up to $10,000
 - Medium (4.0-6.9): Up to $5,000
 - Low (0.1-3.9): Up to $1,000
 In addition to assessing severity, rewards will be considered based on the impact of the discovered vulnerability as well as the level of difficulty in discovering such vulnerability.
 ### Disclosure
 Any vulnerability or bug discovered must be reported only to the following email: contact@dodoex.io; must not be disclosed publicly; must not be disclosed to any other person, entity or email address prior to disclosure to the contact@dodoex.io email; and must not be disclosed in any way other than to the contact@dodoex.io email. In addition, disclosure to contact@dodoex.io must be made promptly following discovery of the vulnerability. Please include as much information about the vulnerability as possible, including:
 - The conditions on which reproducing the bug is contingent.
 - The steps needed to reproduce the bug or, preferably, a proof of concept.
 - The potential implications of the vulnerability being abused.
 A detailed report of a vulnerability increases the likelihood of a reward and may increase the reward amount.
 Anyone who reports a unique, previously-unreported vulnerability that results in a change to the code or a configuration change and who keeps such vulnerability confidential until it has been resolved by our engineers will be recognized publicly for their contribution, if agreed.
 ## Contact Us
 Send E-mail to contact@dodoex.io
--- a/contracts/CollateralVault/impl/NFTCollateralVault.sol
+++ b/contracts/CollateralVault/impl/NFTCollateralVault.sol
@@ -16,7 +16,7 @@ import {IERC1155Receiver} from "../../intf/IERC1155Receiver.sol";
 contract NFTCollateralVault is InitializableOwnable, IERC721Receiver, IERC1155Receiver {
-    function transferOwnership(address newOwner) public override onlyOwner {
+    function directTransferOwnership(address newOwner) public onlyOwner {
        emit OwnershipTransferred(_OWNER_, newOwner);
        _OWNER_ = newOwner;
    }
@@ -24,38 +24,40 @@ contract NFTCollateralVault is InitializableOwnable, IERC721Receiver, IERC1155Re
    //TODO? assetTo
    function withdrawERC721(address nftContract, uint256 tokenId) public onlyOwner {
        IERC721(nftContract).safeTransferFrom(msg.sender, _OWNER_, tokenId, "");
        // IERC721(nftContract).safeTransferFrom(address(this), _OWNER_, tokenId, "");
    }
    //TODO? assetTo
    function withdrawERC1155(address nftContract, uint256[] memory tokenIds, uint256[] memory amounts) public onlyOwner {
        IERC1155(nftContract).safeBatchTransferFrom(msg.sender, _OWNER_, tokenIds, amounts, "");
        // IERC1155(nftContract).safeBatchTransferFrom(address(this), _OWNER_, tokenIds, amounts, "");
    }
    function onERC721Received(
-        address operator,
+        address,
-        address from,
+        address,
-        uint256 tokenId,
+        uint256,
-        bytes calldata data
+        bytes calldata
    ) external override returns (bytes4) {
        return IERC721Receiver.onERC721Received.selector;
    }
    function onERC1155Received(
-        address operator,
+        address,
-        address from,
+        address,
-        uint256 id,
+        uint256,
-        uint256 value,
+        uint256,
-        bytes calldata data
+        bytes calldata
    ) external override returns (bytes4){
        return IERC1155Receiver.onERC1155Received.selector;
    }
    function onERC1155BatchReceived(
-        address operator,
+        address,
-        address from,
+        address,
-        uint256[] calldata ids,
+        uint256[] calldata,
-        uint256[] calldata values,
+        uint256[] calldata,
-        bytes calldata data
+        bytes calldata
    ) external override returns (bytes4){
        return IERC1155Receiver.onERC1155BatchReceived.selector;
    }
--- a/contracts/DODOFee/FeeDistributer.sol
+++ b/contracts/DODOFee/FeeDistributer.sol
@@ -18,6 +18,8 @@ contract FeeDistributor is InitializableOwnable {
    using SafeMath for uint256;
    using SafeERC20 for IERC20;
    // ============ Storage ============
    address public _BASE_TOKEN_;
    address public _QUOTE_TOKEN_;
    uint256 public _BASE_RESERVE_;
@@ -32,6 +34,7 @@ contract FeeDistributor is InitializableOwnable {
    mapping(address => uint256) internal _QUOTE_DEBT_;
    mapping(address => uint256) internal _SHARES_;
    function init(
      address baseToken,
      address quoteToken,
@@ -45,6 +48,7 @@ contract FeeDistributor is InitializableOwnable {
        _STAKE_VAULT_ = address(new StakeVault());
    }
    //TODO: 用户的手续费base or quote 直接转到该合约中，stakeVault保存的是？
    function stake(address to) external {
      _accuReward();
      uint256 stakeVault = IERC20(_STAKE_TOKEN_).balanceOf(_STAKE_VAULT_);
--- a/contracts/GeneralizedFragment/Fragment.sol
+++ b/contracts/GeneralizedFragment/Fragment.sol
@@ -10,23 +10,25 @@ pragma solidity 0.6.9;
 import {SafeMath} from "../lib/SafeMath.sol";
 import {SafeERC20} from "../lib/SafeERC20.sol";
 import {DecimalMath} from "../lib/DecimalMath.sol";
 import {InitializableOwnable} from "../lib/InitializableOwnable.sol";
 import {IDVM} from "../DODOVendingMachine/intf/IDVM.sol";
 import {ICloneFactory} from "../lib/CloneFactory.sol";
 import {IERC20} from "../intf/IERC20.sol";
 import {InitializableMintableERC20} from "../external/ERC20/InitializableMintableERC20.sol";
 //TODO?：why mintable
 contract Fragment is InitializableMintableERC20 {
    using SafeMath for uint256;
    using SafeERC20 for IERC20;
-    uint256 _BUYOUT_TIMESTAMP_;
+    // ============ Storage ============
    bool public _IS_BUYOUT_;
    uint256 public _BUYOUT_TIMESTAMP_;
    uint256 public _BUYOUT_PRICE_;
-    address _COLLATERAL_VAULT_;
+    address public _COLLATERAL_VAULT_;
-    address _QUOTE_;
+    address public _QUOTE_;
-    address _DVM_;
+    address public _DVM_;
    bool _IS_BUYOUT_;
    uint256 _BUYOUT_PRICE_;
    function init(
      address owner, 
@@ -52,15 +54,15 @@ contract Fragment is InitializableMintableERC20 {
        // init FRAG distribution
        totalSupply = supply;
        balances[owner] = DecimalMath.mulFloor(supply, ownerRatio);
-        balances[dvm] = supply.sub( balances[owner]);
+        balances[dvm] = supply.sub(balances[owner]);
        emit Transfer(address(0), owner, balances[owner]);
        emit Transfer(address(0), dvm, balances[dvm]);
        // init DVM liquidity
        //TODO?: transfer FRAG to DVM
        IDVM(_DVM_).buyShares(address(this));
    }
    //需要先转入QUOTE
    function buyout() external {
      require(!_IS_BUYOUT_, "ALREADY BUYOUT");
      _IS_BUYOUT_ = true;
@@ -83,10 +85,10 @@ contract Fragment is InitializableMintableERC20 {
      IERC20(_QUOTE_).safeTransfer(_OWNER_, ownerQuote);
    }
-    // buyout之后的恒定兑换
+    // buyout之后的恒定兑换，需要先转入FRAG
    function redeem(address to) external {
      require(_IS_BUYOUT_, "NEED BUYOUT");
-      //TODO? amount
+
      IERC20(_QUOTE_).safeTransfer(to, DecimalMath.mulFloor(_BUYOUT_PRICE_, balances[address(this)]));
      _clearSelfBalance();
    }
--- a/contracts/lib/InitializableOwnable.sol
+++ b/contracts/lib/InitializableOwnable.sol
@@ -44,7 +44,7 @@ contract InitializableOwnable {
        _OWNER_ = newOwner;
    }
-    function transferOwnership(address newOwner) public virtual onlyOwner {
+    function transferOwnership(address newOwner) public onlyOwner {
        emit OwnershipTransferPrepared(_OWNER_, newOwner);
        _NEW_OWNER_ = newOwner;
    }