diff --git a/README.md b/README.md index 72fc8b5..caae243 100644 --- a/README.md +++ b/README.md @@ -1,2 +1,72 @@ -# debtPayment +# IncomeVault Contracts to perform coupon payment + +## Initialization + +You must first initialize the submodules, with + +``` +forge install +``` + +See also the command's [documentation](https://book.getfoundry.sh/reference/forge/forge-install). + +Later you can update all the submodules with: + +``` +forge update +``` + +See also the command's [documentation](https://book.getfoundry.sh/reference/forge/forge-update). + + + +## Compilation + +The official documentation is available in the Foundry [website](https://book.getfoundry.sh/reference/forge/build-commands) + +``` + forge build --contracts src/RuleEngine.sol +``` + +``` + forge build --contracts src/RuleWhiteList.sol +``` + +## Testing + +You can run the tests with + +``` +forge test +``` + +To run a specific test, use + +``` +forge test --match-contract --match-test +``` + +See also the test framework's [official documentation](https://book.getfoundry.sh/forge/tests), and that of the [test commands](https://book.getfoundry.sh/reference/forge/test-commands). + +### Coverage + +* Perform a code coverage + +``` +forge coverage --ffi +``` + +* Generate LCOV report + +``` +forge coverage --report lcov +``` + +- Generate `index.html` + +```bash +forge coverage --report lcov && genhtml lcov.info --branch-coverage --output-dir coverage +``` + +See [Solidity Coverage in VS Code with Foundry](https://mirror.xyz/devanon.eth/RrDvKPnlD-pmpuW7hQeR5wWdVjklrpOgPCOA-PJkWFU) & [Foundry forge coverage](https://www.rareskills.io/post/foundry-forge-coverage) diff --git a/classDiagram.png b/classDiagram.png deleted file mode 100644 index 5f3586a..0000000 Binary files a/classDiagram.png and /dev/null differ diff --git a/classDiagram.svg b/classDiagram.svg deleted file mode 100644 index f8c1804..0000000 --- a/classDiagram.svg +++ /dev/null @@ -1,133 +0,0 @@ - - - - - - -UmlClassDiagram - - - -0 - -IncomeVault -src/IncomeVault.sol - -Private: -   __gap: uint256[50] - -Internal: -    __IncomeVault_init(admin: address, ERC20TokenPayment_: IERC20, cmtat_token: ICMTATSnapshot, ruleEngine_: IRuleEngine, authorizationEngineIrrevocable: IAuthorizationEngine) <<onlyInitializing>> -    _msgSender(): (sender: address) -    _msgData(): bytes -    _contextSuffixLength(): uint256 -Public: -    constructor(forwarderIrrevocable: address) -    initialize(admin: address, ERC20TokenPayment_: IERC20, cmtat_token: ICMTATSnapshot, ruleEngine_: IRuleEngine, authorizationEngineIrrevocable: IAuthorizationEngine) <<initializer>> - - - -3 - -<<Abstract>> -IncomeVaultOpen -src/public/IncomeVaultOpen.sol - -Private: -   __gap: uint256[50] - -Public: -    claimDividend(time: uint256) <<nonReentrant>> -    claimDividendBatch(time: uint256) <<nonReentrant>> - - - -0->3 - - - - - -4 - -<<Abstract>> -IncomeVaultRestricted -src/public/IncomeVaultRestricted.sol - -Private: -   __gap: uint256[50] - -Public: -    deposit(time: uint256, amount: uint256) <<onlyRole>> -    withdraw(time: uint256, amount: uint256, withdrawAddress: address) <<onlyRole>> -    withdrawAll(amount: uint256, withdrawAddress: address) <<onlyRole>> -    distributeDividend(addresses: address[], time: uint256) <<onlyRole>> -    setStatusClaim(time: uint256, status: bool) <<onlyRole>> - - - -0->4 - - - - - -1 - -<<Abstract>> -IncomeVaultInternal -src/lib/IncomeVaultInternal.sol - -Public: -   CMTAT_TOKEN: ICMTATSnapshot -   ERC20TokenPayment: IERC20 -   claimedDividend: mapping(address=>mapping(uint256=>bool)) -   segragatedDividend: mapping(uint256=>uint256) -   segragatedClaim: mapping(uint256=>bool) - -Internal: -    _computeDividendBatch(time: uint256, tokenHolders: address[], tokenHoldersBalance: uint256[], tokenTotalSupply: uint256): (tokenHolderDividend: uint256[]) -    _computeDividend(time: uint256, senderBalance: uint256, tokenTotalSupply: uint256): (tokenHolderDividend: uint256) -    _transferDividend(time: uint256, tokenHolder: address, tokenHolderDividend: uint256) - - - -2 - -<<Abstract>> -IncomeVaultInvariantStorage -src/lib/IncomeVaultInvariantStorage.sol - -Public: -   INCOME_VAULT_OPERATOR_ROLE: bytes32 -   INCOME_VAULT_DEPOSIT_ROLE: bytes32 -   INCOME_VAULT_DISTRIBUTE_ROLE: bytes32 -   INCOME_VAULT_WITHDRAW_ROLE: bytes32 - -Public: -    <<event>> newDeposit(time: uint256, sender: address, dividend: uint256) -    <<event>> DividendClaimed(time: uint256, sender: address, dividend: uint256) - - - -1->2 - - - - - -3->1 - - - - - -4->1 - - - - - diff --git a/doc/TOOLCHAIN.md b/doc/TOOLCHAIN.md index 5d3ced7..7e96bcf 100644 --- a/doc/TOOLCHAIN.md +++ b/doc/TOOLCHAIN.md @@ -53,6 +53,10 @@ Warning: ## Generate documentation +### Coverage + + + ### [docgen](https://github.com/OpenZeppelin/solidity-docgen) >Solidity-docgen is a program that extracts documentation for a Solidity project. diff --git a/doc/audits/tools/v1.0.2-slither-report.md b/doc/audits/tools/v1.0.2-slither-report.md deleted file mode 100644 index 74c91fd..0000000 --- a/doc/audits/tools/v1.0.2-slither-report.md +++ /dev/null @@ -1,254 +0,0 @@ -Summary - - [calls-loop](#calls-loop) (3 results) (Low) - - [dead-code](#dead-code) (3 results) (Informational) - - [solc-version](#solc-version) (5 results) (Informational) - - [low-level-calls](#low-level-calls) (1 results) (Informational) - - [naming-convention](#naming-convention) (18 results) (Informational) - - [similar-names](#similar-names) (2 results) (Informational) -## calls-loop - -> Remark: -> -> - The RuleEngine is a trusted contract deployed by the issuer. -> -> It is not a problem to perform external call to this contract -> -> - When a ruleEngine is created, the issuer has indeed to keep in mind to limit the number of rules. - -Impact: Low -Confidence: Medium - - - [ ] ID-0 -[RuleEngine.detectTransferRestriction(address,address,uint256)](src/RuleEngine.sol#L127-L146) has external calls inside a loop: [restriction = _rules[i].detectTransferRestriction(_from,_to,_amount)](src/RuleEngine.sol#L133-L137) - -src/RuleEngine.sol#L127-L146 - - - - [ ] ID-1 -[RuleEngine.messageForTransferRestriction(uint8)](src/RuleEngine.sol#L156-L169) has external calls inside a loop: [_rules[i].messageForTransferRestriction(_restrictionCode)](src/RuleEngine.sol#L161-L162) - -src/RuleEngine.sol#L156-L169 - - - - [ ] ID-2 -[RuleEngine.messageForTransferRestriction(uint8)](src/RuleEngine.sol#L156-L169) has external calls inside a loop: [_rules[i].canReturnTransferRestrictionCode(_restrictionCode)](src/RuleEngine.sol#L160) - -src/RuleEngine.sol#L156-L169 - - -## dead-code -Impact: Informational -Confidence: Medium - -> msgData: -> -> - Implemented to be gasless compatible (see MetaTxModule) -> -> - If we remove this function, we will have the following error: -> -> "Derived contract must override function "_msgData". Two or more base classes define function with same name and parameter types." - - - [ ] ID-3 -[MetaTxModuleStandalone._msgData()](src/modules/MetaTxModuleStandalone.sol#L25-L33) is never used and should be removed - -src/modules/MetaTxModuleStandalone.sol#L25-L33 - - - - [ ] ID-4 -[RuleEngine._msgData()](src/RuleEngine.sol#L186-L193) is never used and should be removed - -src/RuleEngine.sol#L186-L193 - - - - [ ] ID-5 -[RuleWhitelist._msgData()](src/RuleWhiteList.sol#L191-L198) is never used and should be removed - -src/RuleWhiteList.sol#L191-L198 - - -## solc-version -Impact: Informational -Confidence: High - -> Remark: -> -> Not necessary, the latest solidity version at the time of this release is the version 0.8.20. -> The comment is good but we think that three versions backwards is enough. -> It is not the best practice to use an outdated version because each version -> fixes some bugs. - - - [ ] ID-6 -Pragma version[^0.8.17](script/RuleEngineScript.s.sol#L4) necessitates a version too recent to be trusted. Consider deploying with 0.6.12/0.7.6/0.8.16 - -script/RuleEngineScript.s.sol#L4 - - - - [ ] ID-7 -solc-0.8.17 is not recommended for deployment - - - [ ] ID-8 -Pragma version[^0.8.17](src/RuleWhiteList.sol#L3) necessitates a version too recent to be trusted. Consider deploying with 0.6.12/0.7.6/0.8.16 - -src/RuleWhiteList.sol#L3 - - - - [ ] ID-9 -Pragma version[^0.8.17](src/RuleEngine.sol#L3) necessitates a version too recent to be trusted. Consider deploying with 0.6.12/0.7.6/0.8.16 - -src/RuleEngine.sol#L3 - - - - [ ] ID-10 -Pragma version[^0.8.17](src/modules/MetaTxModuleStandalone.sol#L3) necessitates a version too recent to be trusted. Consider deploying with 0.6.12/0.7.6/0.8.16 - -src/modules/MetaTxModuleStandalone.sol#L3 - - -## low-level-calls -Impact: Informational -Confidence: High - -> The script is an example, it is not destined to be used for production - - - [ ] ID-11 - Low level call in [RuleEngineScript.run()](script/RuleEngineScript.s.sol#L15-L34): - - [(success) = address(CMTAT_Address).call(abi.encodeCall(ValidationModule.setRuleEngine,RULE_ENGINE))](script/RuleEngineScript.s.sol#L29-L31) - -script/RuleEngineScript.s.sol#L15-L34 - - -## naming-convention -Impact: Informational -Confidence: High - -> Remark: -> -> It is not really necessary to rename all the variables. It will generate a lot of work for a minor improvement. - - - [ ] ID-12 -Parameter [RuleWhitelist.addressIsWhitelisted(address)._targetAddress](src/RuleWhiteList.sol#L127) is not in mixedCase - -src/RuleWhiteList.sol#L127 - - - - [ ] ID-13 -Parameter [RuleEngine.detectTransferRestriction(address,address,uint256)._amount](src/RuleEngine.sol#L130) is not in mixedCase - -src/RuleEngine.sol#L130 - - - - [ ] ID-14 -Parameter [RuleWhitelist.removeAddressFromTheWhitelist(address)._removeWhitelistAddress](src/RuleWhiteList.sol#L101) is not in mixedCase - -src/RuleWhiteList.sol#L101 - - - - [ ] ID-15 -Parameter [RuleEngine.detectTransferRestriction(address,address,uint256)._to](src/RuleEngine.sol#L129) is not in mixedCase - -src/RuleEngine.sol#L129 - - - - [ ] ID-16 -Parameter [RuleEngine.detectTransferRestriction(address,address,uint256)._from](src/RuleEngine.sol#L128) is not in mixedCase - -src/RuleEngine.sol#L128 - - - - [ ] ID-17 -Variable [RuleEngine._rules](src/RuleEngine.sol#L17) is not in mixedCase - -src/RuleEngine.sol#L17 - - - - [ ] ID-18 -Parameter [RuleEngine.messageForTransferRestriction(uint8)._restrictionCode](src/RuleEngine.sol#L157) is not in mixedCase - -src/RuleEngine.sol#L157 - - - - [ ] ID-19 -Parameter [RuleWhitelist.validateTransfer(address,address,uint256)._to](src/RuleWhiteList.sol#L134) is not in mixedCase - -src/RuleWhiteList.sol#L134 - - - - [ ] ID-20 -Parameter [RuleWhitelist.canReturnTransferRestrictionCode(uint8)._restrictionCode](src/RuleWhiteList.sol#L157) is not in mixedCase - -src/RuleWhiteList.sol#L157 - - - - [ ] ID-21 -Parameter [RuleEngine.validateTransfer(address,address,uint256)._amount](src/RuleEngine.sol#L151) is not in mixedCase - -src/RuleEngine.sol#L151 - - - - [ ] ID-22 -Parameter [RuleWhitelist.detectTransferRestriction(address,address,uint256)._to](src/RuleWhiteList.sol#L144) is not in mixedCase - -src/RuleWhiteList.sol#L144 - - - - [ ] ID-23 -Parameter [RuleWhitelist.messageForTransferRestriction(uint8)._restrictionCode](src/RuleWhiteList.sol#L165) is not in mixedCase - -src/RuleWhiteList.sol#L165 - - - - [ ] ID-24 -Parameter [RuleWhitelist.detectTransferRestriction(address,address,uint256)._from](src/RuleWhiteList.sol#L143) is not in mixedCase - -src/RuleWhiteList.sol#L143 - - - - [ ] ID-25 -Parameter [RuleEngine.validateTransfer(address,address,uint256)._from](src/RuleEngine.sol#L149) is not in mixedCase - -src/RuleEngine.sol#L149 - - - - [ ] ID-26 -Parameter [RuleWhitelist.validateTransfer(address,address,uint256)._from](src/RuleWhiteList.sol#L133) is not in mixedCase - -src/RuleWhiteList.sol#L133 - - - - [ ] ID-27 -Parameter [RuleWhitelist.addAddressToTheWhitelist(address)._newWhitelistAddress](src/RuleWhiteList.sol#L85) is not in mixedCase - -src/RuleWhiteList.sol#L85 - - - - [ ] ID-28 -Parameter [RuleEngine.validateTransfer(address,address,uint256)._to](src/RuleEngine.sol#L150) is not in mixedCase - -src/RuleEngine.sol#L150 - - - - [ ] ID-29 -Parameter [RuleWhitelist.validateTransfer(address,address,uint256)._amount](src/RuleWhiteList.sol#L135) is not in mixedCase - -src/RuleWhiteList.sol#L135 - - -## similar-names -Impact: Informational -Confidence: Medium - -> True, but it is the goal to use similar name -> -> The two variables define two similar things, but one for the text and the other for the code. - - - [ ] ID-30 -Variable [RuleWhitelist.CODE_ADDRESS_TO_NOT_WHITELISTED](src/RuleWhiteList.sol#L27) is too similar to [RuleWhitelist.TEXT_ADDRESS_TO_NOT_WHITELISTED](src/RuleWhiteList.sol#L21-L22) - -src/RuleWhiteList.sol#L27 - - - - [ ] ID-31 -Variable [RuleWhitelist.CODE_ADDRESS_FROM_NOT_WHITELISTED](src/RuleWhiteList.sol#L26) is too similar to [RuleWhitelist.TEXT_ADDRESS_FROM_NOT_WHITELISTED](src/RuleWhiteList.sol#L19-L20) - -src/RuleWhiteList.sol#L26 - diff --git a/doc/audits/tools/v1.0.3-slither-report.md b/doc/audits/tools/v1.0.3-slither-report.md deleted file mode 100644 index dc5009e..0000000 --- a/doc/audits/tools/v1.0.3-slither-report.md +++ /dev/null @@ -1,18 +0,0 @@ -**THIS CHECKLIST IS NOT COMPLETE**. Use `--show-ignored-findings` to show all the results. -Summary - - [solc-version](#solc-version) (1 results) (Informational) -## solc-version - -> Remark: -> -> Not necessary, the latest solidity version at the time of this release is the version 0.8.23. -> The comment is good but we think that three versions backwards is enough. -> It is not the best practice to use an outdated version because each version -> fixes some bugs. - -Impact: Informational -Confidence: High - - - [ ] ID-0 -solc-0.8.20 is not recommended for deployment - diff --git a/doc/general.md b/doc/general.md new file mode 100644 index 0000000..d7666bc --- /dev/null +++ b/doc/general.md @@ -0,0 +1,46 @@ +# Technical choice + +[TOC] + +## Functionality + +### Upgradeable + +The `IncomeVault` is upgradeable and can be deployed with a Transparent Proxy. + +### Urgency mechanism + +Through the ValidationModule, the contract can be put in paused, forbidding all claims. + + +### Gasless support + +> The gasless integration was not part of the audit performed by ABDK on the version [1.0.1](https://github.com/CMTA/RuleEngine/releases/tag/1.0.1) + +The IncomeVault contract supports client-side gasless transactions using the [Gas Station Network](https://docs.opengsn.org/#the-problem) (GSN) pattern, the main open standard for transfering fee payment to another account than that of the transaction issuer. The contract uses the OpenZeppelin contract `ERC2771Context`, which allows a contract to get the original client with `_msgSender()` instead of the fee payer given by `msg.sender` . + +At deployment, the parameter `forwarder` inside the contract constructor has to be set with the defined address of the forwarder. Please note that the forwarder can not be changed after deployment. + +Please see the OpenGSN [documentation](https://docs.opengsn.org/contracts/#receiving-a-relayed-call) for more details on what is done to support GSN in the contract. + +## Schema + +### UML + +![uml](./schema/classDiagram.svg) + + + +## Graph + +### IncomeVault + +![surya_graph_IncomeVault](../doc/surya/graph/surya_graph_IncomeVault.png) + +### IncomeVaultOpen + +![surya_graph_IncomeVaultOpen](../doc/surya/graph/surya_graph_IncomeVaultOpen.png) + +### IncomeVaultRestricted + +![surya_graph_IncomeVaultRestricted](../doc/surya/graph/surya_graph_IncomeVaultRestricted.png) diff --git a/doc/schema/classDiagram.png b/doc/schema/classDiagram.png index 248fe06..5f3586a 100644 Binary files a/doc/schema/classDiagram.png and b/doc/schema/classDiagram.png differ diff --git a/doc/schema/classDiagram.svg b/doc/schema/classDiagram.svg index b0db9bf..f8c1804 100644 --- a/doc/schema/classDiagram.svg +++ b/doc/schema/classDiagram.svg @@ -4,68 +4,130 @@ - - + + UmlClassDiagram - + 0 - -DebtVault -src/DebtVault.sol - -Internal: -   POINTS_MULTIPLIER: uint128 -Public: -   CMTAT_TOKEN: ICMTATSnapshot -   ERC20TokenPayment: IERC20 -   claimedDividend: mapping(address=>mapping(uint256=>bool)) -   segragatedDividend: mapping(uint256=>uint256) -   segragatedClaim: mapping(uint256=>bool) - -Internal: -    __DebtVault_init(admin: address, ERC20TokenPayment_: IERC20, cmtat_token: ICMTATSnapshot, ruleEngine_: IRuleEngine, authorizationEngineIrrevocable: IAuthorizationEngine) <<onlyInitializing>> -    _computeDividendBatch(time: uint256, tokenHolders: address[], tokenHoldersBalance: uint256[], tokenTotalSupply: uint256): (tokenHolderDividend: uint256[]) -    _computeDividend(time: uint256, senderBalance: uint256, tokenTotalSupply: uint256): (tokenHolderDividend: uint256) -    _transferDividend(time: uint256, tokenHolder: address, tokenHolderDividend: uint256) -    _msgSender(): (sender: address) -    _msgData(): bytes -    _contextSuffixLength(): uint256 -Public: -    constructor(forwarderIrrevocable: address) -    initialize(admin: address, ERC20TokenPayment_: IERC20, cmtat_token: ICMTATSnapshot, ruleEngine_: IRuleEngine, authorizationEngineIrrevocable: IAuthorizationEngine) <<initializer>> -    claimDividend(time: uint256) <<nonReentrant>> -    deposit(time: uint256, amount: uint256) <<onlyRole>> -    withdraw(time: uint256, amount: uint256, withdrawAddress: address) <<onlyRole>> -    withdrawAll(amount: uint256, withdrawAddress: address) <<onlyRole>> -    distributeDividend(addresses: address[], time: uint256) <<onlyRole>> -    setStatusClaim(time: uint256, status: bool) <<onlyRole>> + +IncomeVault +src/IncomeVault.sol + +Private: +   __gap: uint256[50] + +Internal: +    __IncomeVault_init(admin: address, ERC20TokenPayment_: IERC20, cmtat_token: ICMTATSnapshot, ruleEngine_: IRuleEngine, authorizationEngineIrrevocable: IAuthorizationEngine) <<onlyInitializing>> +    _msgSender(): (sender: address) +    _msgData(): bytes +    _contextSuffixLength(): uint256 +Public: +    constructor(forwarderIrrevocable: address) +    initialize(admin: address, ERC20TokenPayment_: IERC20, cmtat_token: ICMTATSnapshot, ruleEngine_: IRuleEngine, authorizationEngineIrrevocable: IAuthorizationEngine) <<initializer>> + + + +3 + +<<Abstract>> +IncomeVaultOpen +src/public/IncomeVaultOpen.sol + +Private: +   __gap: uint256[50] + +Public: +    claimDividend(time: uint256) <<nonReentrant>> +    claimDividendBatch(time: uint256) <<nonReentrant>> + + + +0->3 + + + + + +4 + +<<Abstract>> +IncomeVaultRestricted +src/public/IncomeVaultRestricted.sol + +Private: +   __gap: uint256[50] + +Public: +    deposit(time: uint256, amount: uint256) <<onlyRole>> +    withdraw(time: uint256, amount: uint256, withdrawAddress: address) <<onlyRole>> +    withdrawAll(amount: uint256, withdrawAddress: address) <<onlyRole>> +    distributeDividend(addresses: address[], time: uint256) <<onlyRole>> +    setStatusClaim(time: uint256, status: bool) <<onlyRole>> + + + +0->4 + + 1 - -<<Abstract>> -DebtVaultInvariantStorage -src/invariantStorage/DebtVaultInvariantStorage.sol - -Public: -   DEBT_VAULT_OPERATOR_ROLE: bytes32 -   DEBT_VAULT_DEPOSIT_ROLE: bytes32 -   DEBT_VAULT_DISTRIBUTE_ROLE: bytes32 -   DEBT_VAULT_WITHDRAW_ROLE: bytes32 - -Public: -    <<event>> newDeposit(time: uint256, sender: address, dividend: uint256) -    <<event>> DividendClaimed(time: uint256, sender: address, dividend: uint256) + +<<Abstract>> +IncomeVaultInternal +src/lib/IncomeVaultInternal.sol + +Public: +   CMTAT_TOKEN: ICMTATSnapshot +   ERC20TokenPayment: IERC20 +   claimedDividend: mapping(address=>mapping(uint256=>bool)) +   segragatedDividend: mapping(uint256=>uint256) +   segragatedClaim: mapping(uint256=>bool) + +Internal: +    _computeDividendBatch(time: uint256, tokenHolders: address[], tokenHoldersBalance: uint256[], tokenTotalSupply: uint256): (tokenHolderDividend: uint256[]) +    _computeDividend(time: uint256, senderBalance: uint256, tokenTotalSupply: uint256): (tokenHolderDividend: uint256) +    _transferDividend(time: uint256, tokenHolder: address, tokenHolderDividend: uint256) - - -0->1 - - + + +2 + +<<Abstract>> +IncomeVaultInvariantStorage +src/lib/IncomeVaultInvariantStorage.sol + +Public: +   INCOME_VAULT_OPERATOR_ROLE: bytes32 +   INCOME_VAULT_DEPOSIT_ROLE: bytes32 +   INCOME_VAULT_DISTRIBUTE_ROLE: bytes32 +   INCOME_VAULT_WITHDRAW_ROLE: bytes32 + +Public: +    <<event>> newDeposit(time: uint256, sender: address, dividend: uint256) +    <<event>> DividendClaimed(time: uint256, sender: address, dividend: uint256) + + + +1->2 + + + + + +3->1 + + + + + +4->1 + + diff --git a/surya_graph_IncomeVault.png b/doc/surya/graph/surya_graph_IncomeVault.png similarity index 100% rename from surya_graph_IncomeVault.png rename to doc/surya/graph/surya_graph_IncomeVault.png diff --git a/surya_graph_IncomeVaultOpen.png b/doc/surya/graph/surya_graph_IncomeVaultOpen.png similarity index 100% rename from surya_graph_IncomeVaultOpen.png rename to doc/surya/graph/surya_graph_IncomeVaultOpen.png diff --git a/surya_graph_IncomeVaultRestricted.png b/doc/surya/graph/surya_graph_IncomeVaultRestricted.png similarity index 100% rename from surya_graph_IncomeVaultRestricted.png rename to doc/surya/graph/surya_graph_IncomeVaultRestricted.png diff --git a/surya_report_debtVault.md b/doc/surya/report/surya_report_IncomeVault.md similarity index 56% rename from surya_report_debtVault.md rename to doc/surya/report/surya_report_IncomeVault.md index 4bd8c8e..ae004fd 100644 --- a/surya_report_debtVault.md +++ b/doc/surya/report/surya_report_IncomeVault.md @@ -5,7 +5,7 @@ | File Name | SHA-1 Hash | |-------------|--------------| -| src/DebtVault.sol | 929b5bd142558e73e27170b837e822bafe85a125 | +| src/IncomeVault.sol | 3a400ede203c2bc4ce3dc8aa0436867f6e445b6a | ### Contracts Description Table @@ -15,13 +15,10 @@ |:----------:|:-------------------:|:----------------:|:----------------:|:---------------:| | └ | **Function Name** | **Visibility** | **Mutability** | **Modifiers** | |||||| -| **DebtVault** | Implementation | MetaTxModuleStandalone, ReentrancyGuard, DebtVaultInvariantStorage, AuthorizationModuleStandalone ||| -| └ | | Public ❗️ | 🛑 | MetaTxModuleStandalone | -| └ | claimDividend | Public ❗️ | 🛑 | nonReentrant | -| └ | deposit | Public ❗️ | 🛑 | onlyRole | -| └ | withdraw | Public ❗️ | 🛑 | onlyRole | -| └ | withdrawAll | Public ❗️ | 🛑 | onlyRole | -| └ | setStatusClaim | Public ❗️ | 🛑 | onlyRole | +| **IncomeVault** | Implementation | Initializable, ContextUpgradeable, IncomeVaultRestricted, IncomeVaultOpen, MetaTxModule ||| +| └ | | Public ❗️ | 🛑 | MetaTxModule | +| └ | initialize | Public ❗️ | 🛑 | initializer | +| └ | __IncomeVault_init | Internal 🔒 | 🛑 | onlyInitializing | | └ | _msgSender | Internal 🔒 | | | | └ | _msgData | Internal 🔒 | | | | └ | _contextSuffixLength | Internal 🔒 | | | diff --git a/doc/surya/surya_graph_DebtVault.png b/doc/surya/surya_graph_DebtVault.png deleted file mode 100644 index 760737e..0000000 Binary files a/doc/surya/surya_graph_DebtVault.png and /dev/null differ diff --git a/doc/technical/general.md b/doc/technical/general.md deleted file mode 100644 index 09dd066..0000000 --- a/doc/technical/general.md +++ /dev/null @@ -1,43 +0,0 @@ -# Technical choice - -[TOC] - -## Schema - -### UML - -![uml](../schema/classDiagram.svg) - - - -## Functionality - -### Upgradeable - -The DebtVault is currently not upgradeable. - -### Urgency mechanism -* Pause - There are no functionalities to put in pause the contracts. - -* We have removed the possibility to Kill the contracts, to destroy the bytecode, from - the different contracts (RuleEngine and Rule) for the following reasons: - - * The opcode SELFDESTRUCT which the property of destroying the contract (= deletion of any storage keys or code) will be remove with the Cancun Upgrade, an upgrade of the Ethereum network. - - Therefore, when the Ethereum Network will integrate this upgrade, this functionality will no longer be available. - - See [https://eips.ethereum.org/EIPS/eip-6780](https://eips.ethereum.org/EIPS/eip-6780) & [https://github.com/ethereum/execution-specs/blob/master/network-upgrades/mainnet-upgrades/cancun.md](https://github.com/ethereum/execution-specs/blob/master/network-upgrades/mainnet-upgrades/cancun.md) - - -### Gasless support - -> The gasless integration was not part of the audit performed by ABDK on the version [1.0.1](https://github.com/CMTA/RuleEngine/releases/tag/1.0.1) - -The DebtVault contract supports client-side gasless transactions using the [Gas Station Network](https://docs.opengsn.org/#the-problem) (GSN) pattern, the main open standard for transfering fee payment to another account than that of the transaction issuer. The contract uses the OpenZeppelin contract `ERC2771Context`, which allows a contract to get the original client with `_msgSender()` instead of the fee payer given by `msg.sender` . - -At deployment, the parameter `forwarder` inside the contract constructor has to be set with the defined address of the forwarder. Please note that the forwarder can not be changed after deployment. - -Please see the OpenGSN [documentation](https://docs.opengsn.org/contracts/#receiving-a-relayed-call) for more details on what is done to support GSN in the contract. - -https://github.com/ethereum/solidity/issues/10698) diff --git a/lcov.info b/lcov.info new file mode 100644 index 0000000..625cc22 --- /dev/null +++ b/lcov.info @@ -0,0 +1,282 @@ +TN: +SF:src/IncomeVault.sol +FN:33,IncomeVault.initialize +FNDA:0,IncomeVault.initialize +DA:40,0 +DA:40,0 +FN:52,IncomeVault.__IncomeVault_init +FNDA:0,IncomeVault.__IncomeVault_init +DA:59,0 +DA:59,0 +DA:59,0 +BRDA:59,0,0,- +BRDA:59,0,1,- +DA:60,0 +DA:60,0 +DA:62,0 +DA:62,0 +DA:62,0 +DA:62,0 +BRDA:62,1,0,- +BRDA:62,1,1,- +DA:63,0 +DA:63,0 +DA:65,0 +DA:65,0 +DA:66,0 +DA:66,0 +DA:67,0 +DA:67,0 +DA:68,0 +DA:68,0 +DA:69,0 +DA:69,0 +DA:72,0 +DA:72,0 +DA:73,0 +DA:73,0 +DA:74,0 +DA:74,0 +DA:76,0 +DA:76,0 +DA:78,0 +DA:78,0 +DA:79,0 +DA:79,0 +FN:85,IncomeVault._msgSender +FNDA:0,IncomeVault._msgSender +DA:91,0 +DA:91,0 +DA:91,0 +FN:97,IncomeVault._msgData +FNDA:0,IncomeVault._msgData +DA:103,0 +DA:103,0 +DA:103,0 +FN:106,IncomeVault._contextSuffixLength +FNDA:0,IncomeVault._contextSuffixLength +DA:109,0 +DA:109,0 +DA:109,0 +FNF:5 +FNH:0 +LF:19 +LH:0 +BRF:4 +BRH:0 +end_of_record +TN: +SF:src/lib/IncomeVaultInternal.sol +FN:28,IncomeVaultInternal._computeDividendBatch +FNDA:0,IncomeVaultInternal._computeDividendBatch +DA:29,0 +DA:29,0 +DA:30,0 +DA:30,0 +DA:31,0 +DA:31,0 +DA:31,0 +DA:31,0 +DA:32,0 +DA:32,0 +BRDA:32,0,0,- +BRDA:32,0,1,- +DA:33,0 +DA:33,0 +FN:43,IncomeVaultInternal._computeDividend +FNDA:0,IncomeVaultInternal._computeDividend +DA:44,0 +DA:44,0 +BRDA:44,1,0,- +BRDA:44,1,1,- +DA:45,0 +DA:45,0 +DA:53,0 +DA:53,0 +DA:55,0 +DA:55,0 +FN:63,IncomeVaultInternal._transferDividend +FNDA:0,IncomeVaultInternal._transferDividend +DA:65,0 +DA:65,0 +DA:66,0 +DA:66,0 +DA:69,0 +DA:69,0 +BRDA:69,2,0,- +BRDA:69,2,1,- +DA:72,0 +DA:72,0 +FNF:3 +FNH:0 +LF:13 +LH:0 +BRF:6 +BRH:0 +end_of_record +TN: +SF:src/public/IncomeVaultOpen.sol +FN:17,IncomeVaultOpen.claimDividend +FNDA:0,IncomeVaultOpen.claimDividend +DA:19,0 +DA:19,0 +BRDA:19,0,0,- +BRDA:19,0,1,- +DA:20,0 +DA:20,0 +DA:22,0 +DA:22,0 +DA:22,0 +DA:24,0 +BRDA:24,1,0,- +BRDA:24,1,1,- +DA:25,0 +DA:25,0 +DA:28,0 +DA:28,0 +DA:28,0 +DA:29,0 +DA:29,0 +BRDA:29,2,0,- +BRDA:29,2,1,- +DA:30,0 +DA:30,0 +DA:33,0 +DA:33,0 +DA:33,0 +DA:36,0 +DA:36,0 +BRDA:36,3,0,- +BRDA:36,3,1,- +DA:37,0 +DA:37,0 +DA:39,0 +DA:39,0 +FN:47,IncomeVaultOpen.claimDividendBatch +FNDA:0,IncomeVaultOpen.claimDividendBatch +DA:49,0 +DA:49,0 +DA:49,0 +DA:49,0 +DA:50,0 +DA:50,0 +BRDA:50,4,0,- +BRDA:50,4,1,- +DA:51,0 +DA:51,0 +DA:54,0 +DA:54,0 +DA:54,0 +DA:55,0 +DA:55,0 +DA:55,0 +DA:56,0 +DA:56,0 +DA:59,0 +DA:59,0 +DA:59,0 +DA:60,0 +DA:60,0 +DA:60,0 +DA:60,0 +DA:61,0 +DA:61,0 +DA:61,0 +BRDA:61,5,0,- +BRDA:61,5,1,- +DA:62,0 +DA:62,0 +DA:62,0 +DA:65,0 +DA:65,0 +BRDA:65,6,0,- +BRDA:65,6,1,- +DA:66,0 +DA:66,0 +DA:69,0 +DA:69,0 +FNF:2 +FNH:0 +LF:25 +LH:0 +BRF:14 +BRH:0 +end_of_record +TN: +SF:src/public/IncomeVaultRestricted.sol +FN:23,IncomeVaultRestricted.deposit +FNDA:0,IncomeVaultRestricted.deposit +DA:24,0 +DA:24,0 +DA:24,0 +DA:25,0 +DA:25,0 +BRDA:25,0,0,- +BRDA:25,0,1,- +DA:26,0 +DA:26,0 +DA:28,0 +DA:28,0 +DA:29,0 +DA:29,0 +DA:31,0 +DA:31,0 +FN:40,IncomeVaultRestricted.withdraw +FNDA:0,IncomeVaultRestricted.withdraw +DA:42,0 +DA:42,0 +DA:43,0 +DA:43,0 +BRDA:43,1,0,- +BRDA:43,1,1,- +DA:44,0 +DA:44,0 +DA:46,0 +DA:46,0 +DA:48,0 +DA:48,0 +FN:56,IncomeVaultRestricted.withdrawAll +FNDA:0,IncomeVaultRestricted.withdrawAll +DA:58,0 +DA:58,0 +DA:60,0 +DA:60,0 +FN:68,IncomeVaultRestricted.distributeDividend +FNDA:0,IncomeVaultRestricted.distributeDividend +DA:70,0 +DA:70,0 +BRDA:70,2,0,- +BRDA:70,2,1,- +DA:71,0 +DA:71,0 +DA:74,0 +DA:74,0 +DA:74,0 +DA:76,0 +DA:76,0 +DA:76,0 +DA:78,0 +DA:78,0 +DA:78,0 +DA:78,0 +DA:80,0 +DA:80,0 +BRDA:80,3,0,- +BRDA:80,3,1,- +DA:82,0 +DA:82,0 +BRDA:82,4,0,- +BRDA:82,4,1,- +DA:83,0 +DA:83,0 +FN:95,IncomeVaultRestricted.setStatusClaim +FNDA:0,IncomeVaultRestricted.setStatusClaim +DA:96,0 +DA:96,0 +FNF:5 +FNH:0 +LF:22 +LH:0 +BRF:10 +BRH:0 +end_of_record diff --git a/package.json b/package.json index 819ced5..9fbb044 100644 --- a/package.json +++ b/package.json @@ -9,7 +9,7 @@ "lint:sol:prettier": "npx prettier --write 'src/**/*.sol' 'test/**/*.sol' 'script/**/*.sol'", "uml": "npx sol2uml class src", "uml:test": "npx sol2uml class test", - "surya:report": "npx surya mdreport surya_report_debtVault.md src/DebtVault.sol", + "surya:report": "npx surya mdreport surya_report_IncomeVault.md src/IncomeVault.sol", "surya:graph": "npx surya graph src/IncomeVault.sol | dot -Tpng > surya_graph_IncomeVault.png && npx surya graph src/public/IncomeVaultRestricted.sol | dot -Tpng > surya_graph_IncomeVaultRestricted.png && npx surya graph src/public/IncomeVaultOpen.sol | dot -Tpng > surya_graph_IncomeVaultOpen.png ", "docgen": "npx hardhat docgen" }, diff --git a/slither-report.md b/slither-report.md deleted file mode 100644 index 7b9a892..0000000 --- a/slither-report.md +++ /dev/null @@ -1,75 +0,0 @@ -**THIS CHECKLIST IS NOT COMPLETE**. Use `--show-ignored-findings` to show all the results. -Summary - - [dead-code](#dead-code) (1 results) (Informational) - - [solc-version](#solc-version) (3 results) (Informational) - - [naming-convention](#naming-convention) (5 results) (Informational) - - [unused-state](#unused-state) (1 results) (Informational) -## dead-code -Impact: Informational -Confidence: Medium - - [ ] ID-0 -[debtVault._msgData()](src/distributionModule.sol#L162-L169) is never used and should be removed - -src/distributionModule.sol#L162-L169 - - -## solc-version -Impact: Informational -Confidence: High - - [ ] ID-1 -solc-0.8.20 is not recommended for deployment - - - [ ] ID-2 -Pragma version[^0.8.20](src/modules/MetaTxModuleStandalone.sol#L3) necessitates a version too recent to be trusted. Consider deploying with 0.8.18. - -src/modules/MetaTxModuleStandalone.sol#L3 - - - - [ ] ID-3 -Pragma version[^0.8.20](src/distributionModule.sol#L3) necessitates a version too recent to be trusted. Consider deploying with 0.8.18. - -src/distributionModule.sol#L3 - - -## naming-convention -Impact: Informational -Confidence: High - - [ ] ID-4 -Parameter [debtVault.setTokenCMTAT(CMTAT_BASE).cmtat_token](src/distributionModule.sol#L141) is not in mixedCase - -src/distributionModule.sol#L141 - - - - [ ] ID-5 -Variable [debtVault.CMTAT_TOKEN](src/distributionModule.sol#L34) is not in mixedCase - -src/distributionModule.sol#L34 - - - - [ ] ID-6 -Variable [debtVault.ERC20TokenPayment](src/distributionModule.sol#L37) is not in mixedCase - -src/distributionModule.sol#L37 - - - - [ ] ID-7 -Contract [debtVault](src/distributionModule.sol#L17-L176) is not in CapWords - -src/distributionModule.sol#L17-L176 - - - - [ ] ID-8 -Parameter [debtVault.setTokenPayment(IERC20).ERC20TokenPayment_](src/distributionModule.sol#L135) is not in mixedCase - -src/distributionModule.sol#L135 - - -## unused-state -Impact: Informational -Confidence: High - - [ ] ID-9 -[debtVault.POINTS_MULTIPLIER](src/distributionModule.sol#L36) is never used in [debtVault](src/distributionModule.sol#L17-L176) - -src/distributionModule.sol#L36 - - diff --git a/surya_graph_DebtVault.png b/surya_graph_DebtVault.png deleted file mode 100644 index e69de29..0000000 diff --git a/test/IncomeVault.t.sol b/test/IncomeVault.t.sol index 5ce3afc..3af1145 100644 --- a/test/IncomeVault.t.sol +++ b/test/IncomeVault.t.sol @@ -160,9 +160,6 @@ contract IncomeVaultTest is Test, HelperContract { // First deposit _performDeposit(); - - - // Second deposit uint256 newTime = defaultSnapshotTime + 50; uint256[] memory times = new uint256[](2);