Skip to content

Commit

Permalink
Change priceLiquidity check amount and add constructor checks
Browse files Browse the repository at this point in the history
  • Loading branch information
@kree-dotcom
kree-dotcom committed Dec 16, 2022
1 parent 708a496 commit 76bb63d
Show file tree
Hide file tree
Showing 3 changed files with 35 additions and 12 deletions.
1 change: 0 additions & 1 deletion contracts/DepositReceipt_Base.sol
View file
Original file line number Diff line number Diff line change
Expand Up @@ -20,7 +20,6 @@ abstract contract DepositReceipt_Base is ERC721Enumerable, AccessControl {

uint256 private constant HEARTBEAT_TIME = 24 hours; //Check heartbeat frequency when adding new feeds
uint256 constant BASE = 1 ether; //division base
uint256 constant HUNDRED_TOKENS = 1e20; //due to constructor restrictions we know the non-USDC token has 18d.p.
uint256 constant HUNDRED = 100; //used to scale 100 token price to 1 token price

//Mapping from NFTid to number of associated poolTokens
Expand Down
24 changes: 16 additions & 8 deletions contracts/DepositReceipt_ETH.sol
View file
Original file line number Diff line number Diff line change
Expand Up @@ -10,12 +10,13 @@ contract DepositReceipt_ETH is DepositReceipt_Base {
address private constant WETH = 0x4200000000000000000000000000000000000006;

//Chainlink oracle sources
IAggregatorV3 ETHPriceFeed;
IAggregatorV3 tokenPriceFeed;
IAggregatorV3 public ETHPriceFeed;
IAggregatorV3 public tokenPriceFeed;

// ten to the power of the number of decimals given by both price feeds
uint256 immutable oracleBase;
uint256 private immutable oracleBase;

uint256 private immutable swapSize; //amount swapped to validate exchange rate, due to constructor restrictions we know both tokens are 18.d.p

/**
* @notice Zero address checks done in Templater that generates DepositReceipt and so not needed here.
Expand All @@ -27,9 +28,11 @@ contract DepositReceipt_ETH is DepositReceipt_Base {
address _token1,
bool _stable,
address _ETHPriceFeed,
address _tokenPriceFeed)
address _tokenPriceFeed,
uint256 _swapSize)
ERC721(_name, _symbol){


require(_swapSize > 0, "swapSize not set");
//we dont want the `DEFAULT_ADMIN_ROLE` to exist as this doesn't require a
// time delay to add/remove any role and so is dangerous.
//So we ignore it and set our weaker admin role.
Expand All @@ -48,6 +51,8 @@ contract DepositReceipt_ETH is DepositReceipt_Base {
//equality cannot be checked for strings so we hash them first.
if (keccak256(token0Symbol) == keccak256(WETHSymbol)){
require( IERC20Metadata(_token1).decimals() == 18, "Token does not have 18dp");

//because the value of WETH is not stable like USDC we cannot do the same setup exchange rate check used in depositReceipt_USDC
}
else
{
Expand Down Expand Up @@ -79,7 +84,10 @@ contract DepositReceipt_ETH is DepositReceipt_Base {
tokenMinPrice = tokenAggregator.minAnswer();
tokenMaxPrice = tokenAggregator.maxAnswer();
// because we have checked both oracles have the same amount of decimals we only store one OracleBase
oracleBase = 10 ** ETHOracleDecimals;
oracleBase = 10 ** ETHOracleDecimals;

//set the scale of the exchange swap used for priceLiquidity
swapSize = _swapSize;

}

Expand All @@ -101,7 +109,7 @@ contract DepositReceipt_ETH is DepositReceipt_Base {
//check swap value of 100tokens to USDC to protect against flash loan attacks
uint256 amountOut; //amount received by trade
bool stablePool; //if the traded pool is stable or volatile.
(amountOut, stablePool) = router.getAmountOut(HUNDRED_TOKENS, token1, WETH);
(amountOut, stablePool) = router.getAmountOut(swapSize, token1, WETH);

require(stablePool == stable, "pricing occuring through wrong pool" );

Expand Down Expand Up @@ -129,7 +137,7 @@ contract DepositReceipt_ETH is DepositReceipt_Base {
//check swap value of 100tokens to WETH to protect against flash loan attacks
uint256 amountOut; //amount received by trade
bool stablePool; //if the traded pool is stable or volatile.
(amountOut, stablePool) = router.getAmountOut(HUNDRED_TOKENS, token0, WETH);
(amountOut, stablePool) = router.getAmountOut(swapSize, token0, WETH);
require(stablePool == stable, "pricing occuring through wrong pool" );
uint256 tokenOraclePrice = getOraclePrice(tokenPriceFeed, tokenMaxPrice, tokenMinPrice);
uint256 ETHOraclePrice = getOraclePrice(ETHPriceFeed, ETHMaxPrice, ETHMinPrice);
Expand Down
22 changes: 19 additions & 3 deletions contracts/DepositReceipt_USDC.sol
View file
Original file line number Diff line number Diff line change
@@ -1,6 +1,7 @@
pragma solidity =0.8.9;

import "./DepositReceipt_Base.sol";
import "hardhat/console.sol";

contract DepositReceipt_USDC is DepositReceipt_Base {

Expand All @@ -9,11 +10,16 @@ contract DepositReceipt_USDC is DepositReceipt_Base {
uint256 private constant ALLOWED_DEVIATION = 5e16; //5% in 1e18 / ETH scale
address private constant USDC = 0x7F5c764cBc14f9669B88837ca1490cCa17c31607;

uint256 private constant HUNDRED_USDC = 1e8;
uint256 private constant HUNDRED_FIVE_USDC = 1e8 + 5e6;

//Chainlink oracle source
IAggregatorV3 public priceFeed;
// ten to the power of the number of decimals given by the price feed
uint256 private immutable oracleBase;

uint256 private immutable swapSize;

/**
* @notice Zero address checks done in Templater that generates DepositReceipt and so not needed here.
**/
Expand All @@ -23,7 +29,8 @@ contract DepositReceipt_USDC is DepositReceipt_Base {
address _token0,
address _token1,
bool _stable,
address _priceFeed)
address _priceFeed,
uint256 _swapSize)
ERC721(_name, _symbol){

//we dont want the `DEFAULT_ADMIN_ROLE` to exist as this doesn't require a
Expand All @@ -41,18 +48,26 @@ contract DepositReceipt_USDC is DepositReceipt_Base {

bytes memory USDCSymbol = abi.encodePacked("USDC");
bytes memory token0Symbol = abi.encodePacked(IERC20Metadata(_token0).symbol());
uint256 amountOut;
//equality cannot be checked for strings so we hash them first.
if (keccak256(token0Symbol) == keccak256(USDCSymbol)){
require( IERC20Metadata(_token1).decimals() == 18, "Token does not have 18dp");
(amountOut, ) = router.getAmountOut(_swapSize, _token1, USDC);
}
else
{
bytes memory token1Symbol = abi.encodePacked(IERC20Metadata(_token1).symbol());

require( keccak256(token1Symbol) == keccak256(USDCSymbol), "One token must be USDC");
require( IERC20Metadata(_token0).decimals() == 18, "Token does not have 18dp");

(amountOut, ) = router.getAmountOut(_swapSize, _token0, USDC);


}
//rough check to ensure we provide the right scale swapSize output of USDC
require(amountOut >= HUNDRED_USDC, "swap amount too small");
require(amountOut <= HUNDRED_FIVE_USDC, "swap amount too big");

token0 = _token0;
token1 = _token1;
Expand All @@ -63,6 +78,7 @@ contract DepositReceipt_USDC is DepositReceipt_Base {
tokenMinPrice = aggregator.minAnswer();
tokenMaxPrice = aggregator.maxAnswer();
oracleBase = 10 ** priceFeed.decimals(); //Chainlink USD oracles have 8d.p.
swapSize = _swapSize;
}

/**
Expand All @@ -84,7 +100,7 @@ contract DepositReceipt_USDC is DepositReceipt_Base {
//check swap value of 100tokens to USDC to protect against flash loan attacks
uint256 amountOut; //amount received by trade
bool stablePool; //if the traded pool is stable or volatile.
(amountOut, stablePool) = router.getAmountOut(HUNDRED_TOKENS, token1, USDC);
(amountOut, stablePool) = router.getAmountOut(swapSize, token1, USDC);
require(stablePool == stable, "pricing occuring through wrong pool" );

uint256 oraclePrice = getOraclePrice(priceFeed, tokenMaxPrice, tokenMinPrice);
Expand All @@ -107,7 +123,7 @@ contract DepositReceipt_USDC is DepositReceipt_Base {
//check swap value of 100tokens to USDC to protect against flash loan attacks
uint256 amountOut; //amount received by trade
bool stablePool; //if the traded pool is stable or volatile.
(amountOut, stablePool) = router.getAmountOut(HUNDRED_TOKENS, token0, USDC);
(amountOut, stablePool) = router.getAmountOut(swapSize, token0, USDC);
require(stablePool == stable, "pricing occuring through wrong pool" );

uint256 oraclePrice = getOraclePrice(priceFeed, tokenMaxPrice, tokenMinPrice);
Expand Down

0 comments on commit 76bb63d

Please sign in to comment.