Giter Site home page Giter Site logo

auctioncontracts's Introduction

Build the project

Run:

$ yarn
$ cp .envrc.example .envrc
$ source .envrc
$ yarn compile

Run Tests

$ npx hardhat test

Deploy to Ganache

$ ./start_ganache.sh
$ yarn deploy ganache

Deploy to live networks

Edit .envrc.example then copy it to .envrc

$ cp .envrc.example .envrc
$ source .envrc

Make sure to update the enviroment variables with suitable values.

Now enable the env vars using direnv

$ eval "$(direnv hook bash)"
$ direnv allow

Deploy to a network:

$ yarn deploy rinkeby

Verify smart contract on etherscan

To verify the deployed contract run:

$ yarn etherscan-verify rinkeby --address

Gas cost estimation

To get a gas estimation for deployment of contracts and functions calls, the REPORT_GAS env variable must be set to true. To estimate with certaing gas price update the hardhat.config.js file. Gas estimation happens during test, only functions specified in tests will get an estimation. run with:

$ yarn test

Rinkeby deployments

UniverseAuctionHouse - https://rinkeby.etherscan.io/address/0x2345164eFfE24EA125ECD0ec9C7539D5422c367f

UniverseERC721Factory - https://rinkeby.etherscan.io/address/0x26E84797880B6435861E8730171B75e6257bCBa0

UniverseERC721 - https://rinkeby.etherscan.io/address/0xF7B12892699D6c94E83d864805A381548cfB2A29

UniverseERC721Core - https://rinkeby.etherscan.io/address/0xfD7D165344a04241AB3Cd07d021eEC17F03ADc51

auctioncontracts's People

Contributors

strenev avatar andonmitev avatar rshtirmer avatar speculor avatar taskudis avatar entrpyc avatar crisgarner avatar

Watchers

Troy Murray avatar Tim Kang avatar avatar avatar

Forkers

strenev

auctioncontracts's Issues

Specify Specific Version of Solidity

I suggest specifying a specific version of Solidity to use, particularly in the main contract that is deployed. In the future this will make it very clear what version of Solidity was used and can be handy for verifying source code.

I also suggest using the latest production version of Solidity because it is the most capable and has the most bugs fixed. It is also recommended by the main developer of the Solidity language: https://twitter.com/mudgen/status/1449754962318213125

However I think Solidity 0.7.x is fine too if that is preferred.

Fee sum can be overflowed

The sum variable in the _registerFees function can be overflowed by providing a very high fee.
This can be done to create a fee that is greater than 3000 and pass the require(sum <= 3000, "Fee should be less than 30%"); statement.

The batchMint function from UniverseERC721Core contract utilizes the _registerFees. Anybody can call the batchMint function to mint new NFTs with corrupted fees.

AuctionContracts/contracts/UniverseERC721.sol

Lines 99 to 116 in 8ce38cd

function _registerFees(uint256 _tokenId, Fee[] memory _fees) internal returns (bool) {
require(_fees.length <= 5, "No more than 5 recipients");
address[] memory recipients = new address[](_fees.length);
uint256[] memory bps = new uint256[](_fees.length);
uint256 sum = 0;
for (uint256 i = 0; i < _fees.length; i++) {
require(_fees[i].recipient != address(0x0), "Recipient should be present");
require(_fees[i].value != 0, "Fee value should be positive");
sum += _fees[i].value;
fees[_tokenId].push(_fees[i]);
recipients[i] = _fees[i].recipient;
bps[i] = _fees[i].value;
}
require(sum <= 3000, "Fee should be less than 30%");
if (_fees.length > 0) {
emit SecondarySaleFees(_tokenId, recipients, bps);
}
}

Recommend Projects

  • React photo React

    A declarative, efficient, and flexible JavaScript library for building user interfaces.

  • Vue.js photo Vue.js

    ๐Ÿ–– Vue.js is a progressive, incrementally-adoptable JavaScript framework for building UI on the web.

  • Typescript photo Typescript

    TypeScript is a superset of JavaScript that compiles to clean JavaScript output.

  • TensorFlow photo TensorFlow

    An Open Source Machine Learning Framework for Everyone

  • Django photo Django

    The Web framework for perfectionists with deadlines.

  • D3 photo D3

    Bring data to life with SVG, Canvas and HTML. ๐Ÿ“Š๐Ÿ“ˆ๐ŸŽ‰

Recommend Topics

  • javascript

    JavaScript (JS) is a lightweight interpreted programming language with first-class functions.

  • web

    Some thing interesting about web. New door for the world.

  • server

    A server is a program made to process requests and deliver data to clients.

  • Machine learning

    Machine learning is a way of modeling and interpreting data that allows a piece of software to respond intelligently.

  • Game

    Some thing interesting about game, make everyone happy.

Recommend Org

  • Facebook photo Facebook

    We are working to build community through open source technology. NB: members must have two-factor auth.

  • Microsoft photo Microsoft

    Open source projects and samples from Microsoft.

  • Google photo Google

    Google โค๏ธ Open Source for everyone.

  • D3 photo D3

    Data-Driven Documents codes.