rndquu
rndquu
In case of a security incident we should: 1. Pause all of the contracts 2. Notify the core team that something went wrong Possible solutions for monitoring: - https://docs.chain.link/chainlink-automation -...
Resolves https://github.com/ubiquity/ubiquity-dollar/issues/833
We should implement fuzzing tests for [LibUbiquityPool](https://github.com/ubiquity/ubiquity-dollar/blob/a1b11e1b944227144d7cc19ab320220d9fce8b69/packages/contracts/src/dollar/libraries/LibUbiquityPool.sol). I think it would be enough to fuzz only "user scenarios": - [Dollar token mint](https://github.com/ubiquity/ubiquity-dollar/blob/a1b11e1b944227144d7cc19ab320220d9fce8b69/packages/contracts/src/dollar/libraries/LibUbiquityPool.sol#L486) - [Dollar token redeem](https://github.com/ubiquity/ubiquity-dollar/blob/a1b11e1b944227144d7cc19ab320220d9fce8b69/packages/contracts/src/dollar/libraries/LibUbiquityPool.sol#L594) - [collecting redemption](https://github.com/ubiquity/ubiquity-dollar/blob/a1b11e1b944227144d7cc19ab320220d9fce8b69/packages/contracts/src/dollar/libraries/LibUbiquityPool.sol#L710) Possible...
We should implement formal verification for [LibUbiquityPool](https://github.com/ubiquity/ubiquity-dollar/blob/a1b11e1b944227144d7cc19ab320220d9fce8b69/packages/contracts/src/dollar/libraries/LibUbiquityPool.sol). So collaborator who's going to take this issue should carefully study the [LibUbiquityPool](https://github.com/ubiquity/ubiquity-dollar/blob/a1b11e1b944227144d7cc19ab320220d9fce8b69/packages/contracts/src/dollar/libraries/LibUbiquityPool.sol) and think of the invariants that should be tested. Invariants...
After the deployment we'll have most of the liquidity resided in the [LibUbiquityPool](https://github.com/ubiquity/ubiquity-dollar/blob/a1b11e1b944227144d7cc19ab320220d9fce8b69/packages/contracts/src/dollar/libraries/LibUbiquityPool.sol) so it makes sense to make its security better by imlementing more fuzzing and invariant tests, adding...
Depends on https://github.com/ubiquity/ubiquity-dollar/pull/832 There is the new [UbiquityPool](https://github.com/ubiquity/ubiquity-dollar/blob/286c0cdf0841655e46b91b55d9ee56899a281508/packages/contracts/src/dollar/facets/UbiquityPoolFacet.sol) contract (facet) where users can mint and redeem `Dollar` tokens for collateral tokens. Minting example: 1. User calls [mintDollar()](https://github.com/ubiquity/ubiquity-dollar/blob/286c0cdf0841655e46b91b55d9ee56899a281508/packages/contracts/src/dollar/facets/UbiquityPoolFacet.sol#L77) and sends 100...
There is only one audit's issue that we haven't fixed yet: https://github.com/sherlock-audit/2023-12-ubiquity-judging/issues/60 This is not critical but during a black swan event it will make the pool insolvent to some...
- [x] https://github.com/ubiquity/ubiquity-dollar/pull/832 - [ ] https://github.com/ubiquity/ubiquity-dollar/issues/833 - [x] https://github.com/ubiquity/ubiquity-dollar/issues/830 - [x] https://github.com/ubiquity/ubiquity-dollar/issues/827 - [ ] Fix some minor issues in the UI when the deploy script is ready
Check [this](https://github.com/Decurity/semgrep-smart-contracts) repository which introduces a workflow for scanning security issues from https://semgrep.dev/p/smart-contracts. What should be done: - add a new workflow to scan for security issues via `semgrep`
Depends on https://github.com/ubiquity/ubiquity-dollar/issues/563 What should be done: - when https://github.com/ubiquity/ubiquity-dollar/issues/563 is ready find out a number of [runs](https://book.getfoundry.sh/reference/config/testing#runs-1) so that github CI could run for up to 6 hours (github...