Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom

DCA bot pancakeswap audit #1

Open
wants to merge 5 commits into
base: empty
Choose a base branch
from
Open

DCA bot pancakeswap audit #1

wants to merge 5 commits into from

Conversation

measure-fi
Copy link

No description provided.

@measure-fi measure-fi mentioned this pull request May 12, 2023
Closed
@measure-fi measure-fi changed the title Audit PR DO NOT MERGE DCA bot audit May 12, 2023
@measure-fi measure-fi changed the title DCA bot audit DCA bot pancakeswap audit May 12, 2023
@measure-fi measure-fi self-assigned this May 12, 2023
measure-fi
measure-fi commented May 12, 2023
View reviewed changes
.circleci/config.yml
filters:
branches:
only:
- master
Copy link
Author

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

Note that this repo only has a main branch.

Cargo.toml
[package]
name = "dca-bot-pancakeswap-cw"
version = "0.1.0"
authors = ["wc117"]
Copy link
Author

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

Is this a Halo reference?

README.md

There is a view function in the smart contract that returns swappable id, minimal out amount, and remaining trade counts that can be swapped on Uniswap V2 or a DEX that works just like it.

A scheduler or script fetch the swappable id from the Vyper smart contract and run `swap` function with the id and minimal out amount.
Copy link
Author

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

s/fetch/fetches, s/run/runs

Not sure what "minimal out amount" means in context.

README.md

Users can deposit their token or coin into a Vyper smart contract on EVM chain.

There is a view function in the smart contract that returns swappable id, minimal out amount, and remaining trade counts that can be swapped on Uniswap V2 or a DEX that works just like it.
Copy link
Author

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

If it is a function named view use backticks, otherwise name it here (and name these other things e.g.

returns swappable id (swap_id)

artifacts/dca_bot_pancakeswap_cw.wasm
Copy link
Author

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

It feels like the entire artifacts/ directory should not be here, and should be in .gitignore.

src/contract.rs
amount_out_min: Uint256,
number_trades: Uint256,
) -> Result<Response<PalomaMsg>, ContractError> {
let state = STATE.load(deps.storage)?;
Copy link
Author

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

This can be loaded way down where it's used.

src/error.rs
Comment on lines +14 to +15
// Add any other custom errors you like here.
// Look at https://docs.rs/thiserror/1.0.21/thiserror/ for details.
Copy link
Author

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

We can delete some of the boilerplate probably.

src/contract.rs
number_trades.to_be_bytes().as_slice(),
),
)? {
if timestamp.plus_seconds(retry_delay).lt(&env.block.time) {
Copy link
Author

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

The fact that this is a separate if seems like a bug.

@measure-fi
Copy link
Author

@wc117

Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Reviewers
No reviews
Assignees

@measure-fi measure-fi

Labels
None yet
Projects
None yet
Milestone
No milestone
Development

Successfully merging this pull request may close these issues.
2 participants
@measure-fi @wc117