d-bis/dodo-contractV2
4
0
Fork 0
Code Issues Pull Requests Actions Packages Projects Releases Wiki Activity

dev

Browse Source
This commit is contained in:
owen05
2021-09-09 11:07:21 +08:00
parent 6dfb96b86e
commit 66891972b1
3 changed files with 10 additions and 32 deletions
Download Patch File Download Diff File Expand all files Collapse all files

33
README.md
View File

@@ -1,34 +1,13 @@
# DODO V2: Help 1 Trillion People Issue Token
## Audit Scope
## Audit Report
- contracts/NFTPool/impl/FilterAdmin.sol
[Audited by Peckshield](https://github.com/DODOEX/contractV2/blob/main/audit/PeckShield-Audit-DODOV2-v1.0.pdf)
- contracts/NFTPool/impl/FilterModel01.sol
## Bug Bounty 💰
- contracts/NFTPool/impl/NFTPoolFeeModel.sol
### Rewards
- contracts/external/ERC20/InitializableInternalMintableERC20.sol
Severity of bugs will be assessed under the [CVSS Risk Rating](https://www.first.org/cvss/calculator/3.0) scale, as follows:
- contracts/SmartRoute/proxies/DODONFTPoolProxy.sol
- Critical (9.0-10.0): Up to $100,000
- High (7.0-8.9): Up to $10,000
- Medium (4.0-6.9): Up to $5,000
- Low (0.1-3.9): Up to $1,000
In addition to assessing severity, rewards will be considered based on the impact of the discovered vulnerability as well as the level of difficulty in discovering such vulnerability.
### Disclosure
Any vulnerability or bug discovered must be reported only to the following email: contact@dodoex.io; must not be disclosed publicly; must not be disclosed to any other person, entity or email address prior to disclosure to the contact@dodoex.io email; and must not be disclosed in any way other than to the contact@dodoex.io email. In addition, disclosure to contact@dodoex.io must be made promptly following discovery of the vulnerability. Please include as much information about the vulnerability as possible, including:
- The conditions on which reproducing the bug is contingent.
- The steps needed to reproduce the bug or, preferably, a proof of concept.
- The potential implications of the vulnerability being abused.
A detailed report of a vulnerability increases the likelihood of a reward and may increase the reward amount.
Anyone who reports a unique, previously-unreported vulnerability that results in a change to the code or a configuration change and who keeps such vulnerability confidential until it has been resolved by our engineers will be recognized publicly for their contribution, if agreed.
## Contact Us
Send E-mail to contact@dodoex.io

5
contracts/NFTPool/impl/FilterAdmin.sol
View File

@@ -134,8 +134,6 @@ contract FilterAdmin is InitializableInternalMintableERC20, ReentrancyGuard {
require(IFilterModel(filter).getAvaliableNFTOut() >= times, "EXCEED_MAX_AMOUNT");
uint256 totalPrice = 0;
uint256[] memory tokenIds;
uint256[] memory amounts;
for(uint256 i = 0; i < times; i++) {
totalPrice = totalPrice.add(IFilterModel(filter).getNFTRandomOutPrice());
(address nftContract, uint256 tokenId) = IFilterModel(filter).getRandomOutId();
@@ -222,10 +220,7 @@ contract FilterAdmin is InitializableInternalMintableERC20, ReentrancyGuard {
require(!isIncludeFilter(filter), "FILTER_NOT_INCLUDE");
_FILTER_REGISTRY_.push(filter);
}
//TODO: remove Filter是否有必要
//=============== Internal ==============
function _nftInFeeTransfer(uint256 totalPrice) internal returns (uint256 poolFeeAmount, uint256 mtFeeAmount) {
uint256 mtFeeRate = IFeeModel(_MT_FEE_MODEL_).getNFTInFee(address(this), msg.sender);

4
contracts/NFTPool/impl/FilterModel01.sol
View File

@@ -169,6 +169,10 @@ contract FilterModel01 is InitializableOwnable, IERC721Receiver {
(, totalPrice) = geometricCalc(base, _CR_RANDOM_OUT_, amount);
}
function version() virtual external pure returns (string memory) {
return "FILTER_01 1.0.0";
}
// ================= Ownable ================
function transferOutERC721(address nftContract, address assetTo, uint256 nftId) external onlyOwner {
require(nftContract == _NFT_COLLECTION_, "WRONG_NFT_COLLECTION");