Smart Treasury - Peer Review

Peer Review

Hi All,

The snapshot vote for an audit vs peer review has closed with peer review having ~72% of the vote. Snapshot vote

With the vote out of the way, I would now like to invite members from the community to review the github repo [[ here ]].

The code has been internally reviewed by @gravityblast and @william .

As a high level overview to reviewers, there are two contracts which have been developed for the smart treasury

  1. Bootstrap contract - SmartTreasuryBootstrap.sol
  2. FeeCollector contract - FeeCollector.sol

The purpose of the boostrap contract is to correctly configure the smart treasury with the parameters agreed upon by governance, and to deposit the correct amount of IDLE and WETH into the initial pool.

The purpose of the fee collector is to route fees which are generated by the IDLE protocol into WETH and send it to the smart treasury, and the fee treasury based on an allocation parameter. In the future, more accounts can be added to this list (such as the community treasury etc).

The initial configuration of the smart treasury is probably the most technical part of the contract, and the deployment is summarised here. Post reference: Progress Update 1

Once the smart treasury is created, the address must be set in the fee collector. After which

More details on the proposal spec can be found here Progress Update 2

The repo has unit tests and integration tests which are located under the tests/ directory. The steps to replicate the full end-end proposal process is under migrations/

In order to run the tests, a local ganache main-net fork may need to be run with further instructions on the README.

The peer-review will close on 2021-01-24T00:00:00Z. After which (If there are no outstanding issues) I will proceed with the IIP.

@emilianobonassi @endymionjkb @Fernando @MickdeGraaf

Thanks,
Asaf

5 Likes

Fantastic job @8bitporkchop !
Impressive!

4 Likes

Amazing job @8bitporkchop !

I think we can structure the peer review in the same way we structured the ‘internal’ review so each reviewer should open up one issue with his findings in the public github repo and we can then discuss most of the code related things there

5 Likes

great job @8bitporkchop !

6 Likes

Thanks @8bitporkchop ! I asked @endymionjkb to prioritize this and though he’s extremely busy he already reviewed it!

Cheers and looking forward to seeing this live =)

5 Likes

Hi everyone, I’m just a random user and solidity dev. I started taking a look at the contracts. I just created one issue with some gas optimization on the state variables Use immutable keyword for state variables only set in constructor · Issue #8 · AsafSilman/idle-smart-treasury · GitHub

9 Likes

Hey @8bitporkchop, congratulations on all the progress :tada:

I’ve had a quick look at the repo and commit history, but couldn’t tell whether you’ve already ran it through static analyzers like slither and mythril. If not - could be a cheap way to get some extra review by bots.

6 Likes

Thank you @patitonar, this is very useful information, thank you for your input :smiley: I have updated the code with your recommendations.

5 Likes

I haven’t yet, this sounds like a good idea

3 Likes

Hey @patitonar, thanks for sharing those inputs with us!
We are glad to receive more feedback on the Smart Treasury.

As mentioned in the discussion, the Treasury Committee should tip volunteers for their efforts :slight_smile:

4 Likes

Great job @8bitporkchop !

Taking a look and provide my feedback shortly.

3 Likes

Thanks for the warm welcome! I created this new issue with more notes from my review Minor improvements from review · Issue #10 · AsafSilman/idle-smart-treasury · GitHub

5 Likes

I’ve created too this new issue for my review

Thanks again for your contribution @8bitporkchop !

6 Likes

Edit: Converted into issue.

Well done! Although I’m no auditor I would be comfortable in having funds in these contracts.

6 Likes

Thank you @MickdeGraaf a GitHub issue will be super handy. Thanks for your time to review :smile:

4 Likes

Thank you @emilianobonassi , I will be going through your recommendations thoroughly. Thank you for your time to review :smiley:

5 Likes

Thanks @patitonar , glad to have you as part of the community :rocket:

5 Likes

Hi All,

I’ve gone through each issue from the github by members of the community with the commit at 7cb28e being the most up-to date version of the code. Please review the comments on the relevant issue. I will be extending the review for two more days 2021-01-27T00:00:00Z for anyone else to contribute some feedback on the code, after which I will be using this version of the code in the IIP. :smiley:

@emilianobonassi, @EndymionJkb | @Fernando , @MickdeGraaf, @patitonar

7 Likes

Great @8bitporkchop !

Taking another look before deadline :muscle:

6 Likes

@8bitporkchop LGTM

Ready to go!

5 Likes