d-bis/dodo-contractV2
4
0
Fork 0
Code Issues Pull Requests Actions Packages Projects Releases Wiki Activity

cpV2 for audit

Browse Source
This commit is contained in:
owen05
2021-12-05 11:19:11 +08:00
parent 343a6d2f11
commit d2691d68dd
7 changed files with 8804 additions and 48 deletions
Download Patch File Download Diff File Expand all files Collapse all files

37
README.md
View File

@@ -1,34 +1,13 @@
# DODO V2: Help 1 Trillion People Issue Token ## DODO CrowdPoolingV2 Audit Scope
## Audit Report - contracts/CrowdPooling/impl/CP.sol
- contracts/CrowdPooling/impl/CPFunding.sol
- contracts/CrowdPooling/impl/CPStorage.sol
- contracts/CrowdPooling/impl/CPVesting.sol
[Audited by Peckshield](https://github.com/DODOEX/contractV2/blob/main/audit/PeckShield-Audit-DODOV2-v1.0.pdf) *Note: CrowdPoolingV2 && CrowdPoolingV1 code diff*
## Bug Bounty 💰 - [https://github.com/DODOEX/contractV2/blob/starter/cpV2&&cpV1-diff.html](https://github.com/DODOEX/contractV2/blob/starter/cpV2&&cpV1-diff.html)
### Rewards ## DODO Starter Audit Scope
Severity of bugs will be assessed under the [CVSS Risk Rating](https://www.first.org/cvss/calculator/3.0) scale, as follows:
- Critical (9.0-10.0): Up to $100,000
- High (7.0-8.9): Up to $10,000
- Medium (4.0-6.9): Up to $5,000
- Low (0.1-3.9): Up to $1,000
In addition to assessing severity, rewards will be considered based on the impact of the discovered vulnerability as well as the level of difficulty in discovering such vulnerability.
### Disclosure
Any vulnerability or bug discovered must be reported only to the following email: contact@dodoex.io; must not be disclosed publicly; must not be disclosed to any other person, entity or email address prior to disclosure to the contact@dodoex.io email; and must not be disclosed in any way other than to the contact@dodoex.io email. In addition, disclosure to contact@dodoex.io must be made promptly following discovery of the vulnerability. Please include as much information about the vulnerability as possible, including:
- The conditions on which reproducing the bug is contingent.
- The steps needed to reproduce the bug or, preferably, a proof of concept.
- The potential implications of the vulnerability being abused.
A detailed report of a vulnerability increases the likelihood of a reward and may increase the reward amount.
Anyone who reports a unique, previously-unreported vulnerability that results in a change to the code or a configuration change and who keeps such vulnerability confidential until it has been resolved by our engineers will be recognized publicly for their contribution, if agreed.
## Contact Us
Send E-mail to contact@dodoex.io

6
contracts/CrowdPooling/impl/CP.sol
View File

@@ -23,7 +23,9 @@ import {SafeMath} from "../../lib/SafeMath.sol";
contract CP is CPVesting { contract CP is CPVesting {
using SafeMath for uint256; using SafeMath for uint256;
receive() external payable {} receive() external payable {
require(_INITIALIZED_ == false, "WE_NOT_SAVE_ETH_AFTER_INIT");
}
function init( function init(
address[] calldata addressList, address[] calldata addressList,
@@ -110,6 +112,6 @@ contract CP is CPVesting {
// ============ Version Control ============ // ============ Version Control ============
function version() virtual external pure returns (string memory) { function version() virtual external pure returns (string memory) {
return "CP 1.0.1"; return "CP 2.0.0";
} }
} }

4
contracts/Factory/CrowdPoolingFactory.sol
View File

@@ -51,7 +51,6 @@ contract CrowdPoolingFactory is InitializableOwnable {
// ============ modifiers =========== // ============ modifiers ===========
modifier valueCheck( modifier valueCheck(
address creator,
address cpAddress, address cpAddress,
address baseToken, address baseToken,
uint256[] memory timeLine, uint256[] memory timeLine,
@@ -64,6 +63,7 @@ contract CrowdPoolingFactory is InitializableOwnable {
uint256 baseTokenBalance = IERC20(baseToken).balanceOf(cpAddress); uint256 baseTokenBalance = IERC20(baseToken).balanceOf(cpAddress);
require(valueList[0].mul(100) <= baseTokenBalance.mul(valueList[2]).div(10**18).mul(_CAP_RATIO_),"CP_FACTORY : QUOTE_CAP_INVALID"); require(valueList[0].mul(100) <= baseTokenBalance.mul(valueList[2]).div(10**18).mul(_CAP_RATIO_),"CP_FACTORY : QUOTE_CAP_INVALID");
require(timeLine[3]>= _FREEZE_DURATION_, "CP_FACTORY : FREEZE_DURATION_INVALID");
_; _;
} }
@@ -107,7 +107,7 @@ contract CrowdPoolingFactory is InitializableOwnable {
uint256[] memory timeLine, uint256[] memory timeLine,
uint256[] memory valueList, uint256[] memory valueList,
bool[] memory switches bool[] memory switches
) external valueCheck(creator,cpAddress,tokens[0],timeLine,valueList) { ) external valueCheck(cpAddress,tokens[0],timeLine,valueList) {
{ {
address[] memory addressList = new address[](7); address[] memory addressList = new address[](7);
addressList[0] = creator; addressList[0] = creator;

18
contracts/SmartRoute/DODOV2Proxy02.sol
View File

@@ -467,15 +467,15 @@ contract DODOV2Proxy02 is IDODOV2Proxy01, ReentrancyGuard, InitializableOwnable
} }
//============ CrowdPooling Functions (bid) ============ //============ CrowdPooling Functions (bid) ============
function bid( // function bid(
address cpAddress, // address cpAddress,
uint256 quoteAmount, // uint256 quoteAmount,
uint8 flag, // 0 - ERC20, 1 - quoteInETH // uint8 flag, // 0 - ERC20, 1 - quoteInETH
uint256 deadLine // uint256 deadLine
) external override payable preventReentrant judgeExpired(deadLine) { // ) external override payable preventReentrant judgeExpired(deadLine) {
_deposit(msg.sender, cpAddress, IDODOV2(cpAddress)._QUOTE_TOKEN_(), quoteAmount, flag == 1); // _deposit(msg.sender, cpAddress, IDODOV2(cpAddress)._QUOTE_TOKEN_(), quoteAmount, flag == 1);
IDODOV2(cpAddress).bid(msg.sender); // IDODOV2(cpAddress).bid(msg.sender);
} // }
function addLiquidityToV1( function addLiquidityToV1(

12
contracts/SmartRoute/intf/IDODOV2Proxy01.sol
View File

@@ -92,12 +92,12 @@ interface IDODOV2Proxy01 {
// ) external payable; // ) external payable;
function bid( // function bid(
address cpAddress, // address cpAddress,
uint256 quoteAmount, // uint256 quoteAmount,
uint8 flag, // 0 - ERC20, 1 - quoteInETH // uint8 flag, // 0 - ERC20, 1 - quoteInETH
uint256 deadLine // uint256 deadLine
) external payable; // ) external payable;
function addLiquidityToV1( function addLiquidityToV1(
address pair, address pair,

10
contracts/SmartRoute/proxies/DODOCpProxy.sol
View File

@@ -137,6 +137,16 @@ contract DODOCpProxy is ReentrancyGuard {
); );
} }
function bid(
address cpAddress,
uint256 quoteAmount,
uint8 flag, // 0 - ERC20, 1 - quoteInETH
uint256 deadLine
) external payable preventReentrant judgeExpired(deadLine) {
_deposit(msg.sender, cpAddress, IDODOV2(cpAddress)._QUOTE_TOKEN_(), quoteAmount, flag == 1);
IDODOV2(cpAddress).bid(msg.sender);
}
//====================== internal ======================= //====================== internal =======================
function _deposit( function _deposit(

8765
cpV2&&cpV1-diff.html Normal file
View File

File diff suppressed because it is too large Load Diff