Merge branch 'main' into feat/88/compile

NeokingdomDAO · Nov 10, 2023 · ce80a89 · ce80a89
2 parents 65fbc53 + 4d78acf
commit ce80a89
Show file tree

Hide file tree

Showing 49 changed files with 1,034 additions and 128 deletions.
diff --git a/.openzeppelin/unknown-9001.json b/.openzeppelin/unknown-9001.json
diff --git a/README.md b/README.md
@@ -54,3 +54,12 @@ npx hardhat test
 # Deploy to production
 npx hardhat deploy --network evmos
 ```
+
+# Audits
+
+- [SolidProof](https://solidproof.io/)
+  - Tag: https://github.com/NeokingdomDAO/contracts/releases/tag/audit1
+  - Report: https://github.com/solidproof/projects/blob/main/2023/NeokingdomDAO/SmartContract_Audit_Solidproof_NeoKingdomDAO.pdf
+- [LeastAuthority](https://leastauthority.com)
+  - Tag: https://github.com/NeokingdomDAO/contracts/releases/tag/audit2
+  - Report: https://leastauthority.com/blog/audits/neokingdom-dao-smart-contracts/
diff --git a/contracts/GovernanceToken/GovernanceToken.sol b/contracts/GovernanceToken/GovernanceToken.sol
@@ -1,5 +1,5 @@
 // SPDX-License-Identifier: MIT
-pragma solidity ^0.8.16;
+pragma solidity 0.8.16;
 
 import "@openzeppelin/contracts-upgradeable/proxy/utils/Initializable.sol";
 import "@openzeppelin/contracts-upgradeable/token/ERC20/ERC20Upgradeable.sol";
@@ -46,6 +46,10 @@ contract GovernanceToken is Initializable, HasRole, GovernanceTokenSnapshot {
         string memory name,
         string memory symbol
     ) public initializer {
+        require(
+            address(roles) != address(0),
+            "GovernanceToken: 0x0 not allowed"
+        );
         _initialize(name, symbol);
         _setRoles(roles);
     }
@@ -154,6 +158,15 @@ contract GovernanceToken is Initializable, HasRole, GovernanceTokenSnapshot {
         uint256 amount
     ) public virtual onlyRole(Roles.RESOLUTION_ROLE) {
         _mint(to, amount);
+
+        if (
+            _shareholderRegistry.isAtLeast(
+                _shareholderRegistry.CONTRIBUTOR_STATUS(),
+                to
+            )
+        ) {
+            _redemptionController.afterMint(to, amount);
+        }
     }
 
     /**
@@ -292,16 +305,6 @@ contract GovernanceToken is Initializable, HasRole, GovernanceTokenSnapshot {
         super._afterTokenTransfer(from, to, amount);
         _voting.afterTokenTransfer(from, to, amount);
 
-        if (
-            from == address(0) &&
-            _shareholderRegistry.isAtLeast(
-                _shareholderRegistry.CONTRIBUTOR_STATUS(),
-                to
-            )
-        ) {
-            _redemptionController.afterMint(to, amount);
-        }
-
         // Invariants
         require(
             balanceOf(from) >= _vestingBalance[from],
@@ -342,7 +345,12 @@ contract GovernanceToken is Initializable, HasRole, GovernanceTokenSnapshot {
      * @param amount Amount of external tokens to wrap.
      */
     function _wrap(address from, uint amount) internal virtual {
-        tokenExternal.transferFrom(from, address(this), amount);
+        require(
+            tokenExternal.transferFrom(from, address(this), amount),
+            "GovernanceToken: transfer failed"
+        );
+        require(amount > 0, "GovernanceToken: attempt to wrap 0 tokens");
+
         uint256 settlementTimestamp = block.timestamp + settlementPeriod;
         depositedTokens[from].push(
             DepositedTokens(amount, settlementTimestamp)
@@ -360,7 +368,7 @@ contract GovernanceToken is Initializable, HasRole, GovernanceTokenSnapshot {
             DepositedTokens storage tokens = depositedTokens[from][i - 1];
             if (block.timestamp >= tokens.settlementTimestamp) {
                 if (tokens.amount > 0) {
-                    super._mint(from, tokens.amount);
+                    ERC20Upgradeable._mint(from, tokens.amount);
                     tokens.amount = 0;
                 } else {
                     break;

diff --git a/contracts/GovernanceToken/GovernanceTokenBase.sol b/contracts/GovernanceToken/GovernanceTokenBase.sol
@@ -1,6 +1,5 @@
 // SPDX-License-Identifier: MIT
-
-pragma solidity ^0.8.16;
+pragma solidity 0.8.16;
 
 import "@openzeppelin/contracts-upgradeable/token/ERC20/ERC20Upgradeable.sol";
 import "../RedemptionController/IRedemptionController.sol";
@@ -69,7 +68,10 @@ abstract contract GovernanceTokenBase is ERC20Upgradeable, IGovernanceToken {
     //}
 
     function _unwrap(address from, address to, uint amount) internal virtual {
-        tokenExternal.transfer(to, amount);
+        require(
+            tokenExternal.transfer(to, amount),
+            "GovernanceToken: transfer failed"
+        );
         super._burn(from, amount);
     }
 

diff --git a/contracts/GovernanceToken/GovernanceTokenSnapshot.sol b/contracts/GovernanceToken/GovernanceTokenSnapshot.sol
@@ -1,6 +1,5 @@
 // SPDX-License-Identifier: MIT
-
-pragma solidity ^0.8.16;
+pragma solidity 0.8.16;
 
 import "@openzeppelin/contracts/utils/Arrays.sol";
 import "./IGovernanceToken.sol";

diff --git a/contracts/GovernanceToken/IGovernanceToken.sol b/contracts/GovernanceToken/IGovernanceToken.sol
@@ -1,6 +1,5 @@
 // SPDX-License-Identifier: MIT
-
-pragma solidity ^0.8.16;
+pragma solidity 0.8.16;
 
 import "@openzeppelin/contracts-upgradeable/token/ERC20/IERC20Upgradeable.sol";
 import "../extensions/ISnapshot.sol";

diff --git a/contracts/InternalMarket/InternalMarket.sol b/contracts/InternalMarket/InternalMarket.sol
@@ -1,6 +1,5 @@
 // SPDX-License-Identifier: MIT
-
-pragma solidity ^0.8.16;
+pragma solidity 0.8.16;
 
 import "@openzeppelin/contracts/token/ERC20/ERC20.sol";
 import "@openzeppelin/contracts-upgradeable/proxy/utils/Initializable.sol";
@@ -23,13 +22,18 @@ contract InternalMarket is Initializable, HasRole, InternalMarketBase {
     /**
      * @dev Initializes the contract with the given roles and internal token.
      * @param roles DAORoles instance containing custom access control roles.
-     * @param tokenInternal_ Reference to governance token.
+     * @param governanceToken Reference to governance token.
      */
     function initialize(
         DAORoles roles,
-        IGovernanceToken tokenInternal_
+        IGovernanceToken governanceToken
     ) public initializer {
-        _initialize(tokenInternal_, 7 days);
+        require(
+            address(roles) != address(0) &&
+                address(governanceToken) != address(0),
+            "InternalMarket: 0x0 not allowed"
+        );
+        _initialize(governanceToken, 7 days);
         _setRoles(roles);
     }
 

diff --git a/contracts/InternalMarket/InternalMarketBase.sol b/contracts/InternalMarket/InternalMarketBase.sol
@@ -1,6 +1,5 @@
 // SPDX-License-Identifier: MIT
-
-pragma solidity ^0.8.16;
+pragma solidity 0.8.16;
 
 import "@openzeppelin/contracts/token/ERC20/ERC20.sol";
 import "../ShareholderRegistry/IShareholderRegistry.sol";
@@ -18,6 +17,7 @@ contract InternalMarketBase {
     );
 
     event OfferMatched(uint128 id, address from, address to, uint256 amount);
+    event Withdrawn(address from, address to, uint256 amount);
 
     struct Offer {
         uint256 expiredAt;
@@ -204,6 +204,8 @@ contract InternalMarketBase {
         } else {
             tokenInternal.unwrap(from, to, amount);
         }
+
+        emit Withdrawn(from, to, amount);
     }
 
     function _burn(address from, uint256 amount) internal virtual {

diff --git a/contracts/NeokingdomToken/INeokingdomToken.sol b/contracts/NeokingdomToken/INeokingdomToken.sol
@@ -1,6 +1,5 @@
 // SPDX-License-Identifier: MIT
-
-pragma solidity ^0.8.16;
+pragma solidity 0.8.16;
 
 import "@openzeppelin/contracts/token/ERC20/IERC20.sol";
 

diff --git a/contracts/NeokingdomToken/NeokingdomToken.sol b/contracts/NeokingdomToken/NeokingdomToken.sol
@@ -1,5 +1,5 @@
 // SPDX-License-Identifier: MIT
-pragma solidity ^0.8.9;
+pragma solidity 0.8.16;
 
 import "@openzeppelin/contracts/token/ERC20/ERC20.sol";
 import "@openzeppelin/contracts/token/ERC20/extensions/ERC20Burnable.sol";

diff --git a/contracts/RedemptionController/IRedemptionController.sol b/contracts/RedemptionController/IRedemptionController.sol
@@ -1,6 +1,5 @@
 // SPDX-License-Identifier: MIT
-
-pragma solidity ^0.8.16;
+pragma solidity 0.8.16;
 
 import "@openzeppelin/contracts-upgradeable/proxy/utils/Initializable.sol";
 import "@openzeppelin/contracts-upgradeable/access/AccessControlUpgradeable.sol";

diff --git a/contracts/RedemptionController/RedemptionController.sol b/contracts/RedemptionController/RedemptionController.sol
@@ -1,6 +1,5 @@
 // SPDX-License-Identifier: MIT
-
-pragma solidity ^0.8.16;
+pragma solidity 0.8.16;
 
 import "@openzeppelin/contracts-upgradeable/proxy/utils/Initializable.sol";
 import "./RedemptionControllerBase.sol";
@@ -36,6 +35,10 @@ contract RedemptionController is
      * @param roles The addresses of DAORoles for this contract.
      */
     function initialize(DAORoles roles) public initializer {
+        require(
+            address(roles) != address(0),
+            "RedemptionController: 0x0 not allowed"
+        );
         _setRoles(roles);
         _initialize();
     }

diff --git a/contracts/RedemptionController/RedemptionControllerBase.sol b/contracts/RedemptionController/RedemptionControllerBase.sol
@@ -1,7 +1,8 @@
 // SPDX-License-Identifier: MIT
-pragma solidity ^0.8.16;
+pragma solidity 0.8.16;
 
 import "./IRedemptionController.sol";
+import "hardhat/console.sol";
 
 // The contract tells how many tokens are redeemable by Contributors
 abstract contract RedemptionControllerBase is IRedemptionController {
@@ -29,6 +30,21 @@ abstract contract RedemptionControllerBase is IRedemptionController {
     mapping(address => MintBudget[]) internal _mintBudgets;
     mapping(address => uint256) internal _mintBudgetsStartIndex;
 
+    event RedemptionCreated(
+        address account,
+        uint256 index,
+        uint256 amount,
+        uint256 starts,
+        uint256 ends
+    );
+
+    event RedemptionUpdated(
+        address from,
+        uint256 index,
+        uint256 amountRequested,
+        uint256 amountRedeemed
+    );
+
     function _initialize() internal {
         redemptionStart = 60 days;
         redemptionWindow = 10 days;
@@ -69,7 +85,7 @@ abstract contract RedemptionControllerBase is IRedemptionController {
     }
 
     function _afterOffer(address account, uint256 amount) internal virtual {
-        // Find tokens minted ofer the last 3 months of activity, no earlier than 15 months
+        // Find tokens minted over the last 3 months of activity, no earlier than 15 months
         if (_mintBudgets[account].length == 0) {
             return;
         }
@@ -192,28 +208,44 @@ abstract contract RedemptionControllerBase is IRedemptionController {
         }
     }
 
-    function _afterRedeem(address account, uint256 amount) internal virtual {
+    function _afterRedeem(
+        address account,
+        uint256 amountRequested
+    ) internal virtual {
         Redeemable[] storage redeemables = _redeemables[account];
+        uint256 amountLeft = amountRequested;
 
-        for (uint256 i = 0; i < redeemables.length && amount > 0; i++) {
+        for (uint256 i = 0; i < redeemables.length && amountLeft > 0; i++) {
             Redeemable storage redeemable = redeemables[i];
             if (
                 block.timestamp >= redeemable.start &&
                 block.timestamp < redeemable.end
             ) {
-                if (amount < redeemable.amount) {
-                    redeemable.amount -= amount;
-                    amount = 0;
+                if (amountLeft < redeemable.amount) {
+                    redeemable.amount -= amountLeft;
+                    emit RedemptionUpdated(
+                        account,
+                        i,
+                        amountRequested,
+                        amountLeft
+                    );
+                    amountLeft = 0;
                 } else {
-                    amount -= redeemable.amount;
+                    amountLeft -= redeemable.amount;
+                    emit RedemptionUpdated(
+                        account,
+                        i,
+                        amountRequested,
+                        redeemable.amount
+                    );
                     redeemable.amount = 0;
                     // FIXME: delete object from array?
                 }
             }
         }
 
         require(
-            amount == 0,
+            amountLeft == 0,
             "Redemption controller: amount exceeds redeemable balance"
         );
     }
@@ -232,6 +264,13 @@ abstract contract RedemptionControllerBase is IRedemptionController {
             redemptionStarts,
             redemptionStarts + redemptionWindow
         );
+        emit RedemptionCreated(
+            account,
+            _redeemables[account].length,
+            amount,
+            offerRedeemable.start,
+            offerRedeemable.end
+        );
         _redeemables[account].push(offerRedeemable);
     }
 }
diff --git a/contracts/ResolutionManager/ResolutionManager.sol b/contracts/ResolutionManager/ResolutionManager.sol
@@ -1,5 +1,5 @@
 // SPDX-License-Identifier: MIT
-pragma solidity ^0.8.16;
+pragma solidity 0.8.16;
 
 import "@openzeppelin/contracts-upgradeable/proxy/utils/Initializable.sol";
 import { Roles } from "../extensions/Roles.sol";
@@ -26,6 +26,13 @@ contract ResolutionManager is Initializable, ResolutionManagerBase, HasRole {
         IGovernanceToken governanceToken,
         IVoting voting
     ) public initializer {
+        require(
+            address(roles) != address(0) &&
+                address(shareholderRegistry) != address(0) &&
+                address(governanceToken) != address(0) &&
+                address(voting) != address(0),
+            "ResolutionManager: 0x0 not allowed"
+        );
         _setRoles(roles);
         _initialize(shareholderRegistry, governanceToken, voting);
     }
@@ -167,13 +174,6 @@ contract ResolutionManager is Initializable, ResolutionManagerBase, HasRole {
      * @param resolutionId The id of the resolution to approve.
      */
     function approveResolution(uint256 resolutionId) external virtual {
-        require(
-            _shareholderRegistry.isAtLeast(
-                _shareholderRegistry.MANAGING_BOARD_STATUS(),
-                _msgSender()
-            ),
-            "Resolution: only managing board can approve"
-        );
         _approveResolution(resolutionId);
     }
 
@@ -182,13 +182,6 @@ contract ResolutionManager is Initializable, ResolutionManagerBase, HasRole {
      * @param resolutionId The id of the resolution to reject.
      */
     function rejectResolution(uint256 resolutionId) external virtual {
-        require(
-            _shareholderRegistry.isAtLeast(
-                _shareholderRegistry.MANAGING_BOARD_STATUS(),
-                _msgSender()
-            ),
-            "Resolution: only managing board can reject"
-        );
         _rejectResolution(resolutionId);
     }
 
@@ -209,13 +202,6 @@ contract ResolutionManager is Initializable, ResolutionManagerBase, HasRole {
         address[] memory executionTo,
         bytes[] memory executionData
     ) external virtual {
-        require(
-            _shareholderRegistry.isAtLeast(
-                _shareholderRegistry.MANAGING_BOARD_STATUS(),
-                _msgSender()
-            ),
-            "Resolution: only managing board can update"
-        );
         _updateResolution(
             resolutionId,
             dataURI,