Token and vouching mechanics #115
Conversation
| @@ -0,0 +1 @@ | |||
| *.sol linguist-language=Solidity | |||
There was a problem hiding this comment.
Should we move this to the root of the repo?
| @@ -0,0 +1,23 @@ | |||
| pragma solidity ^0.4.23; | |||
|
|
|||
| contract Migrations { | |||
There was a problem hiding this comment.
Let's remove this contract altogether
|
|
||
|
|
||
| import "./ZepToken.sol"; | ||
| import "openzeppelin-solidity/contracts/math/SafeMath.sol"; |
There was a problem hiding this comment.
Ok for now, but keep in mind that we'll need to use oz-zos and not oz-sol when tackling #116
| contract Vouching { | ||
| using SafeMath for uint256; | ||
|
|
||
| struct Dependency { |
There was a problem hiding this comment.
Not a fan of the name. Dependency makes sense in a context where it is a dependency of something else. I'd prefer PackageEntry or something like that.
There was a problem hiding this comment.
Also don't like Dependency, but PackageEntry is somewhat confusing.. I don't have a better proposal though, any other ideas? Entry on its own is too dry?
There was a problem hiding this comment.
I find Entry a bit generic.
We're kinda indexing packages by their name in the registry mapping, so how about PackageIndexEntry ?
There was a problem hiding this comment.
How about Vouchable? And I'd change dependencyAddress to packageAddress.
|
|
||
| mapping (string => Dependency) private _registry; | ||
| uint256 private _minimumStake; | ||
| ZepToken private _token; |
There was a problem hiding this comment.
Let's use a generic ERC20 here
There was a problem hiding this comment.
Will do, but may I ask why though? It's not like we will use Vouching with other tokens..
There was a problem hiding this comment.
In particular, we might need to call other specific ZEP methods when doing the TPL integration..
There was a problem hiding this comment.
As discussed offline, we'll move to use a generic ERC20 here to keep things decoupled.
packages/vouching/package.json
Outdated
| }, | ||
| "keywords": [], | ||
| "author": "", | ||
| "license": "ISC", |
There was a problem hiding this comment.
Aren't we using MIT so far in the other packages?
packages/vouching/package.json
Outdated
| @@ -0,0 +1,24 @@ | |||
| { | |||
| "name": "zos-vouching", | |||
| "version": "1.0.0", | |||
There was a problem hiding this comment.
Let's follow the same version as the other packages.
| event DependencyRemoved(string name); | ||
|
|
||
| constructor(uint256 minimumStake, ZepToken token) public { | ||
| require(token != address(0)); |
There was a problem hiding this comment.
Even if they are not yet supported by truffle, let's add revert reasons to all requires.
|
Already pushed some updates. Now waiting for the opened discussions to be settled to make the final changes. |
| string public constant symbol = "ZEP"; | ||
| uint8 public constant decimals = 18; | ||
|
|
||
| uint256 public constant TOTAL_SUPPLY = 100000000 * (10 ** uint256(decimals)); |
There was a problem hiding this comment.
we can use 1e8 instead of 100000000 to be clearer
| module.exports = { | ||
| inLogs, | ||
| inTransaction, | ||
| }; |
There was a problem hiding this comment.
nice! we can move this ones to lib
| require(initialStake >= _minimumStake, "Initial stake must be equal or greater than minimum stake"); | ||
| require(owner != address(0), "Owner address cannot be zero"); | ||
| require(dependencyAddress != address(0), "Dependency address cannot be zero"); | ||
| // name should not be already registered |
There was a problem hiding this comment.
this comment is redundant considering the error message
| event DependencyCreated(string name, address indexed owner, address indexed dependencyAddress, uint256 initialStake); | ||
| event Vouched(string name, uint256 amount); | ||
| event Unvouched(string name, uint256 amount); | ||
| event DependencyRemoved(string name); |
There was a problem hiding this comment.
I'm not sure if indexing strings is still being not simple, here is some research I did for the previous release (see zeppelinos/zos-lib#199)
* Removed truffle leftovers * Added revert reasons to requires in contract * Refactored getDependency function * Added new test case for unvouch * Updated package version to 1.4.1 and license to MIT
* Tests now use chai (should and bignumber) * Deleted unused import in contract * Made total supply definition clearer in contract
spalladino
force-pushed
the
vouching
branch
from
3e1abf5
to
ecfc2e6
Compare
| ERC20 private _token; | ||
|
|
||
| modifier onlyDependencyOwner(string name) { | ||
| require(msg.sender == _registry[name].owner, "Not allowed"); |
There was a problem hiding this comment.
We could use a more descriptive error message here, sth like "Sender must be the dependency owner"
|
|
||
| function remove(string name) external onlyDependencyOwner(name) { | ||
| // Owner surrenders _minimumStake to the system | ||
| _token.transfer(msg.sender, _registry[name].stake.sub(_minimumStake)); |
There was a problem hiding this comment.
same here... remember that all the methods of the ERC20 interface are supposed to return a boolean value in order to tell whether the call was successful or not
| require(dependencyAddress != address(0), "Dependency address cannot be zero"); | ||
| require(_registry[name].dependencyAddress == address(0), "The name has already been registered"); | ||
|
|
||
| _token.transferFrom(owner, this, initialStake); |
There was a problem hiding this comment.
This transfer should be wrapped within a require statement
There was a problem hiding this comment.
I tackled all instances of this issue using SafeERC20 methods.
| require(initialStake >= _minimumStake, "Initial stake must be equal or greater than minimum stake"); | ||
| require(owner != address(0), "Owner address cannot be zero"); | ||
| require(dependencyAddress != address(0), "Dependency address cannot be zero"); | ||
| require(_registry[name].dependencyAddress == address(0), "The name has already been registered"); |
There was a problem hiding this comment.
What about "Given dependency name was already registererd"?
| } | ||
|
|
||
| function vouch(string name, uint256 amount) external onlyDependencyOwner(name) { | ||
| _token.transferFrom(msg.sender, this, amount); |
| require(remainingStake >= _minimumStake, "Remaining stake must be equal or greater than minimum stake"); | ||
|
|
||
| _registry[name].stake = remainingStake; | ||
| _token.transfer(msg.sender, amount); |
packages/vouching/package.json
Outdated
| "devDependencies": { | ||
| "chai": "^4.1.2", | ||
| "chai-bignumber": "^2.0.2", | ||
| "ganache-cli": "6.1.0", |
There was a problem hiding this comment.
I think we are not using this one right?
* Make Vouching upgradeable * Updated Vouching tests * Updated package dependencies to include zos-lib and openzeppelin-zos * Fix CI * Replace let with const in Vouching test
|
I'm coming up with a possible implementation for indexing dependency names. Still testing locally. When it's ready, I'll branch out from EDIT: already opened PR (#133) |
| @@ -55,9 +57,9 @@ contract Vouching is Initializable { | |||
| require(initialStake >= _minimumStake, "Initial stake must be equal or greater than minimum stake"); | |||
| require(owner != address(0), "Owner address cannot be zero"); | |||
| require(dependencyAddress != address(0), "Dependency address cannot be zero"); | |||
| require(_registry[name].dependencyAddress == address(0), "The name has already been registered"); | |||
| require(_registry[name].dependencyAddress == address(0), "Given dependency name was already registererd"); | |||
There was a problem hiding this comment.
NIT: reads strangely, I propose "The provided name is already registered".
| * @dev Constructor that gives msg.sender all of existing tokens, and sets it as the owner | ||
| */ | ||
| constructor() public { | ||
| owner = msg.sender; |
There was a problem hiding this comment.
you shouldn't do this manually since the Ownable constructor is taking care of it
|
|
||
| module.exports = { | ||
| assertRevert, | ||
| }; |
There was a problem hiding this comment.
Please remove this one since you're already using the one in zos-lib
|
Already fixed latest issues, should be ready now. |
| contract Vouching { | ||
| using SafeMath for uint256; | ||
|
|
||
| struct Dependency { |
There was a problem hiding this comment.
How about Vouchable? And I'd change dependencyAddress to packageAddress.
|
@facuspagnuolo do you want to update your review, as it is blocking the merge? |
This PR adds a new package implementing the
ZEPtoken and theVouchingmechanics, closing #101 and #108.Pending Work:
We are opening this as is so as to get a first round of review on the vouching mechanics, which are independent of the above.
Notes:
(Opening on
mastersince that's where we started from.. Cannot automatically merge onnext:-/ )