Guaranteed Minimum APR Program #327

Drypto13 · 2023-04-01T21:16:12Z

No description provided.

0xosama · 2023-04-19T13:31:15Z

contracts/vaults/LiquidityLock.sol

+        IToken iToken = IToken(PROTOCOL.underlyingToLoanPool(base));
+        claimID = keccak256(abi.encode(address(iToken),msg.sender,endTimestamp));
+        require(claims[claimID].token == address(0), "already used id");
+        require(block.timestamp <= endTimestamp && endTimestamp-block.timestamp<tokenSettings.maxLockTime, "invalid ending time");


endTimestamp-block.timestamp<tokenSettings.maxLockTime is sufficient enough to check. it will fail anyway if block.timestamp <= endTimestamp is false

0xosama · 2023-04-19T13:47:35Z

contracts/vaults/LiquidityLock.sol

+        claimID = keccak256(abi.encode(address(iToken),msg.sender,endTimestamp));
+        require(claims[claimID].token == address(0), "already used id");
+        require(block.timestamp <= endTimestamp && endTimestamp-block.timestamp<tokenSettings.maxLockTime, "invalid ending time");
+        IERC20(base).safeTransferFrom(msg.sender, address(this), depositAmount);


at this point base can be any contract maliciously provided externally, I don't see how this can be reused later but probably we should sanitize it.

yanga128 · 2023-04-10T15:18:42Z

contracts/vaults/LiquidityLock.sol

+        TREASURY = t;
+    }
+
+    function lock(address base, uint256 depositAmount, uint256 endTimestamp) external returns (bytes32 claimID) {


What of instead of sending endstamp we send days from now

What of instead of sending endstamp we send days from now

why that would be better?

yanga128 · 2023-04-10T15:19:32Z

contracts/vaults/LiquidityLock.sol

+        Settings memory tokenSettings = lockSettings[base];
+        IToken iToken = IToken(PROTOCOL.underlyingToLoanPool(base));
+        claimID = keccak256(abi.encode(address(iToken),msg.sender,endTimestamp));
+        require(claims[claimID].token == address(0), "already used id");


would be nice to check if base != address(0)

yanga128 · 2023-04-10T15:21:11Z

contracts/vaults/LiquidityLock.sol

+        IToken iToken = IToken(PROTOCOL.underlyingToLoanPool(base));
+        claimID = keccak256(abi.encode(address(iToken),msg.sender,endTimestamp));
+        require(claims[claimID].token == address(0), "already used id");
+        require(block.timestamp <= endTimestamp && endTimestamp-block.timestamp<tokenSettings.maxLockTime, "invalid ending time");


why block.timestamp <= endTimestamp it might be <

If the timestamps are the same no issues arise so it is fine to leave within the check.

Drypto13 and others added 3 commits April 1, 2023 14:15

liquidity locking contract

8f6cadd

added increase lockup with test case

9abe7a1

Merge branch 'development' into liquidity-lock

424de61

0xosama reviewed Apr 19, 2023

View reviewed changes

full path instead of relative

c9b2f5b

yanga128 reviewed Apr 20, 2023

View reviewed changes

Drypto13 added 3 commits April 24, 2023 17:14

sanitize iToken and timestamp checks

f4445b8

fixed apr calc on test case

662b6e4

increaseLockup fix

3600524

Provide feedback

Saved searches

Use saved searches to filter your results more quickly

Guaranteed Minimum APR Program #327

Guaranteed Minimum APR Program #327

Drypto13 commented Apr 1, 2023

0xosama Apr 19, 2023

0xosama Apr 19, 2023

yanga128 Apr 10, 2023

0xosama Apr 20, 2023

yanga128 Apr 10, 2023

yanga128 Apr 10, 2023

Drypto13 Apr 24, 2023

Guaranteed Minimum APR Program #327

Are you sure you want to change the base?

Guaranteed Minimum APR Program #327

Conversation

Drypto13 commented Apr 1, 2023

0xosama Apr 19, 2023

Choose a reason for hiding this comment

0xosama Apr 19, 2023

Choose a reason for hiding this comment

yanga128 Apr 10, 2023

Choose a reason for hiding this comment

0xosama Apr 20, 2023

Choose a reason for hiding this comment

yanga128 Apr 10, 2023

Choose a reason for hiding this comment

yanga128 Apr 10, 2023

Choose a reason for hiding this comment

Drypto13 Apr 24, 2023

Choose a reason for hiding this comment