Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Disallow Sending XTZ to Entrypoints #17

Open
wants to merge 1 commit into
base: keefertaylor/smartpy-upgrade
Choose a base branch
from
Open

Disallow Sending XTZ to Entrypoints #17

Show file tree
Hide file tree
Changes from all commits
Commits
Show all changes
1 commit
Select commit
File filter

Filter by extension

Filter by extension
Conversations
Failed to load comments.
Loading
Jump to
Jump to file
Failed to load files.
Loading
Diff view
Diff view
3 changes: 3 additions & 0 deletions smart_contracts/common/errors.py
View file
Open in desktop
Original file line number Diff line number Diff line change
Expand Up @@ -83,3 +83,6 @@

# A given parameter was an unacceptable value
ERROR_BAD_DAO_PARAM = "ERROR_BAD_DAO_PARAM"

# This endpoint does not accept XTZ sent to it, and XTZ was sent.
ERROR_BAD_AMOUNT = "BAD_AMOUNT"
18 changes: 18 additions & 0 deletions smart_contracts/community-fund.py
View file
Open in desktop
Original file line number Diff line number Diff line change
Expand Up @@ -45,6 +45,9 @@ def default(self):
def setGovernorContract(self, newGovernorAddress):
sp.set_type(newGovernorAddress, sp.TAddress)

# Verify that the call did not include XTZ.
sp.verify(sp.amount == sp.mutez(0), Errors.ERROR_BAD_AMOUNT)

# Verify command came from governor.
sp.verify(sp.sender == self.data.governorAddress, Errors.ERROR_NOT_GOVERNOR)

Expand All @@ -56,6 +59,9 @@ def setGovernorContract(self, newGovernorAddress):
def send(self, params):
sp.set_type(params, sp.TRecord(numberOfTokens = sp.TNat, destination = sp.TAddress).layout(("numberOfTokens", "destination")))

# Verify that the call did not include XTZ.
sp.verify(sp.amount == sp.mutez(0), Errors.ERROR_BAD_AMOUNT)

# Verify command came from governor.
sp.verify(sp.sender == self.data.governorAddress, Errors.ERROR_NOT_GOVERNOR)

Expand All @@ -73,6 +79,9 @@ def send(self, params):
def rescueXTZ(self, params):
sp.set_type(params, sp.TRecord(destinationAddress = sp.TAddress).layout("destinationAddress"))

# Verify that the call did not include XTZ.
sp.verify(sp.amount == sp.mutez(0), Errors.ERROR_BAD_AMOUNT)

# Verify the requester is the governor.
sp.verify(sp.sender == self.data.governorAddress, Errors.ERROR_NOT_GOVERNOR)
sp.send(params.destinationAddress, sp.balance)
Expand All @@ -86,6 +95,9 @@ def rescueFA12(self, params):
destination = sp.TAddress,
).layout(("tokenContractAddress", ("amount", "destination"))))

# Verify that the call did not include XTZ.
sp.verify(sp.amount == sp.mutez(0), Errors.ERROR_BAD_AMOUNT)

# Verify the requester is the governor.
sp.verify(sp.sender == self.data.governorAddress, Errors.ERROR_NOT_GOVERNOR)

Expand All @@ -112,6 +124,9 @@ def rescueFA2(self, params):
destination = sp.TAddress,
).layout(("tokenContractAddress", ("tokenId", ("amount", "destination")))))

# Verify that the call did not include XTZ.
sp.verify(sp.amount == sp.mutez(0), Errors.ERROR_BAD_AMOUNT)

# Verify the requester is the governor.
sp.verify(sp.sender == self.data.governorAddress, Errors.ERROR_NOT_GOVERNOR)

Expand Down Expand Up @@ -151,6 +166,9 @@ def rescueFA2(self, params):
def setDelegate(self, newDelegate):
sp.set_type(newDelegate, sp.TOption(sp.TKeyHash))

# Verify that the call did not include XTZ.
sp.verify(sp.amount == sp.mutez(0), Errors.ERROR_BAD_AMOUNT)

# Verify the caller is the governor.
sp.verify(sp.sender == self.data.governorAddress, Errors.ERROR_NOT_GOVERNOR)

Expand Down
86 changes: 76 additions & 10 deletions smart_contracts/community-fund.tz
View file
Open in desktop
Original file line number Diff line number Diff line change
Expand Up @@ -14,8 +14,19 @@ code
{
IF_LEFT
{
SWAP; # @storage : @parameter%rescueFA12
# == rescueFA12 ==
# sp.verify(sp.amount == sp.tez(0), 'BAD_AMOUNT') # @parameter%rescueFA12 : @storage
PUSH mutez 0; # mutez : @parameter%rescueFA12 : @storage
AMOUNT; # @amount : mutez : @parameter%rescueFA12 : @storage
COMPARE; # int : @parameter%rescueFA12 : @storage
EQ; # bool : @parameter%rescueFA12 : @storage
IF
{}
{
PUSH string "BAD_AMOUNT"; # string : @parameter%rescueFA12 : @storage
FAILWITH; # FAILED
}; # @parameter%rescueFA12 : @storage
SWAP; # @storage : @parameter%rescueFA12
# sp.verify(sp.sender == self.data.governorAddress, 'NOT_GOVERNOR') # @storage : @parameter%rescueFA12
DUP; # @storage : @storage : @parameter%rescueFA12
DUG 2; # @storage : @parameter%rescueFA12 : @storage
Expand All @@ -35,7 +46,7 @@ code
CONTRACT %transfer (pair (address %from) (pair (address %to) (nat %value))); # option (contract (pair (address %from) (pair (address %to) (nat %value)))) : @parameter%rescueFA12 : @storage
IF_NONE
{
PUSH int 93; # int : @parameter%rescueFA12 : @storage
PUSH int 105; # int : @parameter%rescueFA12 : @storage
FAILWITH; # FAILED
}
{}; # @some : @parameter%rescueFA12 : @storage
Expand All @@ -53,8 +64,19 @@ code
CONS; # list operation : @storage
}
{
SWAP; # @storage : @parameter%rescueFA2
# == rescueFA2 ==
# sp.verify(sp.amount == sp.tez(0), 'BAD_AMOUNT') # @parameter%rescueFA2 : @storage
PUSH mutez 0; # mutez : @parameter%rescueFA2 : @storage
AMOUNT; # @amount : mutez : @parameter%rescueFA2 : @storage
COMPARE; # int : @parameter%rescueFA2 : @storage
EQ; # bool : @parameter%rescueFA2 : @storage
IF
{}
{
PUSH string "BAD_AMOUNT"; # string : @parameter%rescueFA2 : @storage
FAILWITH; # FAILED
}; # @parameter%rescueFA2 : @storage
SWAP; # @storage : @parameter%rescueFA2
# sp.verify(sp.sender == self.data.governorAddress, 'NOT_GOVERNOR') # @storage : @parameter%rescueFA2
DUP; # @storage : @storage : @parameter%rescueFA2
DUG 2; # @storage : @parameter%rescueFA2 : @storage
Expand All @@ -74,7 +96,7 @@ code
CONTRACT %transfer (list (pair (address %from_) (list %txs (pair (address %to_) (pair (nat %token_id) (nat %amount)))))); # option (contract (list (pair (address %from_) (list %txs (pair (address %to_) (pair (nat %token_id) (nat %amount))))))) : @parameter%rescueFA2 : @storage
IF_NONE
{
PUSH int 119; # int : @parameter%rescueFA2 : @storage
PUSH int 134; # int : @parameter%rescueFA2 : @storage
FAILWITH; # FAILED
}
{}; # @some : @parameter%rescueFA2 : @storage
Expand Down Expand Up @@ -106,8 +128,19 @@ code
{
IF_LEFT
{
SWAP; # @storage : @parameter%rescueXTZ
# == rescueXTZ ==
# sp.verify(sp.amount == sp.tez(0), 'BAD_AMOUNT') # @parameter%rescueXTZ : @storage
PUSH mutez 0; # mutez : @parameter%rescueXTZ : @storage
AMOUNT; # @amount : mutez : @parameter%rescueXTZ : @storage
COMPARE; # int : @parameter%rescueXTZ : @storage
EQ; # bool : @parameter%rescueXTZ : @storage
IF
{}
{
PUSH string "BAD_AMOUNT"; # string : @parameter%rescueXTZ : @storage
FAILWITH; # FAILED
}; # @parameter%rescueXTZ : @storage
SWAP; # @storage : @parameter%rescueXTZ
# sp.verify(sp.sender == self.data.governorAddress, 'NOT_GOVERNOR') # @storage : @parameter%rescueXTZ
DUP; # @storage : @storage : @parameter%rescueXTZ
DUG 2; # @storage : @parameter%rescueXTZ : @storage
Expand All @@ -125,7 +158,7 @@ code
CONTRACT unit; # option (contract unit) : @storage
IF_NONE
{
PUSH int 78; # int : @storage
PUSH int 87; # int : @storage
FAILWITH; # FAILED
}
{}; # @some : @storage
Expand All @@ -137,8 +170,19 @@ code
CONS; # list operation : @storage
}
{
SWAP; # @storage : @parameter%send
# == send ==
# sp.verify(sp.amount == sp.tez(0), 'BAD_AMOUNT') # @parameter%send : @storage
PUSH mutez 0; # mutez : @parameter%send : @storage
AMOUNT; # @amount : mutez : @parameter%send : @storage
COMPARE; # int : @parameter%send : @storage
EQ; # bool : @parameter%send : @storage
IF
{}
{
PUSH string "BAD_AMOUNT"; # string : @parameter%send : @storage
FAILWITH; # FAILED
}; # @parameter%send : @storage
SWAP; # @storage : @parameter%send
# sp.verify(sp.sender == self.data.governorAddress, 'NOT_GOVERNOR') # @storage : @parameter%send
DUP; # @storage : @storage : @parameter%send
DUG 2; # @storage : @parameter%send : @storage
Expand All @@ -159,7 +203,7 @@ code
CONTRACT %transfer (pair (address %from) (pair (address %to) (nat %value))); # option (contract (pair (address %from) (pair (address %to) (nat %value)))) : list operation : @parameter%send : @storage
IF_NONE
{
PUSH int 63; # int : list operation : @parameter%send : @storage
PUSH int 69; # int : list operation : @parameter%send : @storage
FAILWITH; # FAILED
}
{}; # @some : list operation : @parameter%send : @storage
Expand All @@ -176,8 +220,19 @@ code
{
IF_LEFT
{
SWAP; # @storage : @parameter%setDelegate
# == setDelegate ==
# sp.verify(sp.amount == sp.tez(0), 'BAD_AMOUNT') # @parameter%setDelegate : @storage
PUSH mutez 0; # mutez : @parameter%setDelegate : @storage
AMOUNT; # @amount : mutez : @parameter%setDelegate : @storage
COMPARE; # int : @parameter%setDelegate : @storage
EQ; # bool : @parameter%setDelegate : @storage
IF
{}
{
PUSH string "BAD_AMOUNT"; # string : @parameter%setDelegate : @storage
FAILWITH; # FAILED
}; # @parameter%setDelegate : @storage
SWAP; # @storage : @parameter%setDelegate
# sp.verify(sp.sender == self.data.governorAddress, 'NOT_GOVERNOR') # @storage : @parameter%setDelegate
DUP; # @storage : @storage : @parameter%setDelegate
DUG 2; # @storage : @parameter%setDelegate : @storage
Expand All @@ -198,8 +253,19 @@ code
CONS; # list operation : @storage
}
{
SWAP; # @storage : @parameter%setGovernorContract
# == setGovernorContract ==
# sp.verify(sp.amount == sp.tez(0), 'BAD_AMOUNT') # @parameter%setGovernorContract : @storage
PUSH mutez 0; # mutez : @parameter%setGovernorContract : @storage
AMOUNT; # @amount : mutez : @parameter%setGovernorContract : @storage
COMPARE; # int : @parameter%setGovernorContract : @storage
EQ; # bool : @parameter%setGovernorContract : @storage
IF
{}
{
PUSH string "BAD_AMOUNT"; # string : @parameter%setGovernorContract : @storage
FAILWITH; # FAILED
}; # @parameter%setGovernorContract : @storage
SWAP; # @storage : @parameter%setGovernorContract
# sp.verify(sp.sender == self.data.governorAddress, 'NOT_GOVERNOR') # @storage : @parameter%setGovernorContract
DUP; # @storage : @storage : @parameter%setGovernorContract
DUG 2; # @storage : @parameter%setGovernorContract : @storage
Expand Down
23 changes: 22 additions & 1 deletion smart_contracts/dao.py
View file
Open in desktop
Original file line number Diff line number Diff line change
Expand Up @@ -199,7 +199,10 @@ def __init__(
@sp.entry_point
def propose(self, proposal):
sp.set_type(proposal, Proposal.PROPOSAL_TYPE)


# Verify that the call did not include XTZ.
sp.verify(sp.amount == sp.mutez(0), Errors.ERROR_BAD_AMOUNT)

# Verify a poll is not under vote.
sp.verify(~self.data.poll.is_some(), Errors.ERROR_POLL_UNDERWAY)

Expand Down Expand Up @@ -244,6 +247,9 @@ def propose(self, proposal):
def endVoting(self, unit):
sp.set_type(unit, sp.TUnit)

# Verify that the call did not include XTZ.
sp.verify(sp.amount == sp.mutez(0), Errors.ERROR_BAD_AMOUNT)

# Verify a poll is underway.
sp.verify(self.data.poll.is_some(), Errors.ERROR_NO_POLL)

Expand Down Expand Up @@ -326,6 +332,9 @@ def endVoting(self, unit):
def vote(self, voteValue):
sp.set_type(voteValue, sp.TNat)

# Verify that the call did not include XTZ.
sp.verify(sp.amount == sp.mutez(0), Errors.ERROR_BAD_AMOUNT)

# Verify contract is in the correct state.
sp.verify(self.data.state == STATE_MACHINE_IDLE, Errors.ERROR_BAD_STATE)

Expand Down Expand Up @@ -373,6 +382,9 @@ def vote(self, voteValue):
def voteCallback(self, returnedData):
sp.set_type(returnedData, sp.TRecord(result = sp.TNat, address = sp.TAddress, level = sp.TNat))

# Verify that the call did not include XTZ.
sp.verify(sp.amount == sp.mutez(0), Errors.ERROR_BAD_AMOUNT)

# Verify contract is in the correct state.
sp.verify(self.data.state == STATE_MACHINE_WAITING_FOR_BALANCE, Errors.ERROR_BAD_STATE)

Expand Down Expand Up @@ -430,6 +442,9 @@ def voteCallback(self, returnedData):
def executeTimelock(self, unit):
sp.set_type(unit, sp.TUnit)

# Verify that the call did not include XTZ.
sp.verify(sp.amount == sp.mutez(0), Errors.ERROR_BAD_AMOUNT)

# Verify an item is in the timelock
sp.verify(self.data.timelockItem.is_some(), Errors.ERROR_NO_ITEM_IN_TIMELOCK)

Expand Down Expand Up @@ -460,6 +475,9 @@ def executeTimelock(self, unit):
def cancelTimelock(self, unit):
sp.set_type(unit, sp.TUnit)

# Verify that the call did not include XTZ.
sp.verify(sp.amount == sp.mutez(0), Errors.ERROR_BAD_AMOUNT)

# Verify an item is in the timelock
sp.verify(self.data.timelockItem.is_some(), Errors.ERROR_NO_ITEM_IN_TIMELOCK)

Expand All @@ -486,6 +504,9 @@ def cancelTimelock(self, unit):
def setParameters(self, newGovernanceParameters):
sp.set_type(newGovernanceParameters, GOVERNANCE_PARAMETERS_TYPE)

# Verify that the call did not include XTZ.
sp.verify(sp.amount == sp.mutez(0), Errors.ERROR_BAD_AMOUNT)

# Only the DAO can change its own parameters.
sp.verify(sp.sender == sp.self_address, Errors.ERROR_NOT_DAO)

Expand Down
Loading