GithubHelp home page GithubHelp logo

2023-02-kuma's Introduction

KUMA Protocol Versus contest details

  • Total Prize Pool: $38,600 USDC
    • HM awards: $25,500 USDC
    • QA report awards: $3,000 USDC
    • Gas report awards: $1,500 USDC
    • Judge + presort awards: $8,100 USDC
    • Scout awards: $500 USDC
  • Join C4 Discord to register
  • Submit findings using the C4 form
  • Read our guidelines for more details
  • Starts February 17, 2023 20:00 UTC
  • Ends February 22, 2023 20:00 UTC

Overview

This repo contains source contracts and testing suites for the MCAG contracts and the KUMA Protocol. Each corresponding project directory contains documentation in the /docs folder.

The src/kuma-protocol/ folder contains the contracts that comprise the decentralized KUMA protocol. See docs/kuma-protocol/ for KUMA protocol docs.

The src/mcag-contracts/ contains contracts that are managed by the centralized MCAG entity. See docs/mcag-contracts/ for MCAG contracts docs.

Scope

Files in scope

File SLOC Description and Coverage Libraries
Contracts (12)
src/kuma-protocol/KUMAAccessController.sol 9 - @openzeppelin/*
src/mcag-contracts/AccessController.sol 16 - @openzeppelin/*
src/mcag-contracts/Blacklist.sol 33 Central registry for blacklisted addresses that are not allowed to interact with the NFT,   100.00% @openzeppelin/*
src/kuma-protocol/KBCToken.sol 67 A Clone Bond NFT Token that is issued when the KIBT yield is not high enough to buy back the original Bond NFT,   100.00% @openzeppelin/* @openzeppelin-upgradeable/* @mcag/*
src/mcag-contracts/MCAGAggregator.sol 67 Oracle that MCAG manages to publish central bank rates,   100.00% @openzeppelin/*
src/kuma-protocol/MCAGRateFeed.sol 🧮 75 Contract that reads the price from the MCAG central bank rate oracle,   100.00% @openzeppelin/* @mcag/*
src/mcag-contracts/KYCToken.sol 77 Untransferable NFT that MCAG will airdrop to KYC users,   100.00% @openzeppelin/*
src/kuma-protocol/KUMAAddressProvider.sol 🧮 118 AddressProvider that stores the mappings for the KIBT, KUMASwap and KUMAFeeCollector for each risk class,   100.00% @openzeppelin/*
src/mcag-contracts/KUMABondToken.sol 134 NFT that MCAG will issue for each purchased real world bond,   100.00% @openzeppelin/*
src/kuma-protocol/KUMAFeeCollector.sol 🧮 159 100.00% @openzeppelin/*
src/kuma-protocol/KIBToken.sol 🧮 251 Interesting Bearing ERC20, one for each risk class,   100.00% @openzeppelin-upgradeable/* @openzeppelin/*
src/kuma-protocol/KUMASwap.sol 🧮 Σ 394 Main contract that always swapping a Bond NFT for the KIBT ERC20, one KUMASwap per risk class (country, term, currency),   100.00% @openzeppelin/* @mcag/* @openzeppelin-upgradeable/*
Interfaces (10)
src/mcag-contracts/interfaces/IBlacklist.sol 11 - @openzeppelin/*
src/kuma-protocol/interfaces/IMCAGRateFeed.sol 14 - @openzeppelin/* @mcag/*
src/mcag-contracts/interfaces/MCAGAggregatorInterface.sol 15 -
src/mcag-contracts/interfaces/IKYCToken.sol 17 - @openzeppelin/*
src/kuma-protocol/interfaces/IKBCToken.sol 20 - @openzeppelin-upgradeable/*
src/kuma-protocol/interfaces/IKUMAFeeCollector.sol 22 -
src/kuma-protocol/interfaces/IKUMAAddressProvider.sol 27 - @openzeppelin/*
src/mcag-contracts/interfaces/IKUMABondToken.sol 32 - @openzeppelin/*
src/kuma-protocol/interfaces/IKIBToken.sol 38 - @openzeppelin/* @openzeppelin-upgradeable/*
src/kuma-protocol/interfaces/IKUMASwap.sol 59 - @openzeppelin/*
Total (over 22 files): 1655 100.00%

Out of scope

All other files in the repo

External imports

Additional Context

Please see the docs/ folder for more context.

Scoping Details

- If you have a public code repo, please share it here: n/a
- How many contracts are in scope?: 22
- Total SLoC for these contracts?:  1634
- How many external imports are there?: n/a
- How many separate interfaces and struct definitions are there for the contracts within scope?: 3 structs, 10 interfaces
- Does most of your code generally use composition or inheritance?: inheritance
- How many external calls?: n/a
- What is the overall line coverage percentage provided by your tests?: 100%
- Is there a need to understand a separate part of the codebase / get context in order to audit this part of the protocol?: KUMA Protocol will depend on the Mimo Capital AG contracts
- Please describe required context: Please read the docs in each respective folder
- Does it use an oracle?: No
- Does the token conform to the ERC20 standard?: Yes
- Are there any novel or unique curve logic or mathematical models?: No
- Does it use a timelock function?: No
- Is it an NFT?: Yes
- Does it have an AMM?: No
- Is it a fork of a popular project?: No
- Does it use rollups?: No
- Is it multi-chain?: No
- Does it use a side-chain?: No

Tests

This repo contains relevant tests for the two source projects. To run tests:

  1. Make sure all git submodules are installed using git submodule update --init
  2. Run forge test

Make sure forge is at least on the following version: forge 0.2.0 (1a56901 2023-02-15T00:05:20.802314Z)

To skip invariant and fuzz tests run forge test --no-match-path "{*invariant*,*fuzz*}"

Quickstart Command

Alternatively use the following quickstart command:

rm -Rf 2023-02-kuma || true && git clone https://github.com/code-423n4/2023-02-kuma.git -j8 --recurse-submodules && cd 2023-02-kuma && git submodule update --init && foundryup && forge install && forge build && forge test --gas-report

Running Static Analysis

The root folder contains a slither.config.json file that can be used to run static analysis on the kuma-protocol project. Refer to the foundry docs on how to run Slither

Invariant testing

For the following files the invariants should be run with fail_on_revert = true in the foundry.toml:

[invariant]
runs = 256
depth = 256
fail_on_revert = true

Then run the tests with forge test --match-path "*fail.on.revert*"

2023-02-kuma's People

Contributors

m19 avatar kartoonjoy avatar itsmetechjay avatar

Stargazers

avatar kingman23 avatar avatar

Watchers

Ashok avatar Alex The Entreprenerd avatar avatar

Forkers

omprakashtk locastro12 kingman978 randolph3022 0xjoichiro louislung

Recommend Projects

  • React photo React

    A declarative, efficient, and flexible JavaScript library for building user interfaces.

  • Vue.js photo Vue.js

    🖖 Vue.js is a progressive, incrementally-adoptable JavaScript framework for building UI on the web.

  • Typescript photo Typescript

    TypeScript is a superset of JavaScript that compiles to clean JavaScript output.

  • TensorFlow photo TensorFlow

    An Open Source Machine Learning Framework for Everyone

  • Django photo Django

    The Web framework for perfectionists with deadlines.

  • D3 photo D3

    Bring data to life with SVG, Canvas and HTML. 📊📈🎉

Recommend Topics

  • javascript

    JavaScript (JS) is a lightweight interpreted programming language with first-class functions.

  • web

    Some thing interesting about web. New door for the world.

  • server

    A server is a program made to process requests and deliver data to clients.

  • Machine learning

    Machine learning is a way of modeling and interpreting data that allows a piece of software to respond intelligently.

  • Game

    Some thing interesting about game, make everyone happy.

Recommend Org

  • Facebook photo Facebook

    We are working to build community through open source technology. NB: members must have two-factor auth.

  • Microsoft photo Microsoft

    Open source projects and samples from Microsoft.

  • Google photo Google

    Google ❤️ Open Source for everyone.

  • D3 photo D3

    Data-Driven Documents codes.