EOSCrowdsale Contract Inspect Detils with PROGRAMMING

in #eos7 years ago

This two-day EOS normalizing crowdfunding, crowdfunding analysis of EOS under contract rub hotspots, technical

project address
https://github.com/EOSIO/eos-token-distribution

Project Directory
├── Dappfile // dapphub 出品的智能合约开发工具
├── Makefile
├── bin
│ └── deploy // 部署脚本
├── lib // 第三方依赖
│ ├── ds-auth // 权限控制
│ ├── ds-exec
│ ├── ds-guard
│ ├── ds-math // 数学运算
│ ├── ds-test // 测试框架
│ ├── ds-token // Token 框架
│ └── gnosis-multisig
└── src // 源码
├── eos.sol
└── eos.t.sol
This project uses Dapphub intelligent development framework contract produced dapp development. Dapphub a lot of useful open source libraries, greatly simplifies the development of smart cost contracts.

Code Analysis
variable
DSToken public EOS; // EOS Token
uint128 public totalSupply; // Token 总量
uint128 public foundersAllocation; // 开发团队保留份额
string public foundersKey; // 保留份额 Holder Address
uint public openTime; // window 0 开始时间
uint public createFirstDay; // window 0 供应量
uint public startTime; // window 1 开始时间
uint public numberOfDays; // window 总数
uint public createPerDay; // 每日供应量
The ICO EOS rules: the first five days as a window issued a total of 200 million Token. Five days later, every 23 hours to a window, release 2 million Token. Issued a total of one billion Token.

Constructor
// src/eos.sol

function EOSSale(
uint _numberOfDays,
uint128 _totalSupply,
uint _openTime,
uint _startTime,
uint128 _foundersAllocation,
string _foundersKey
) {
...

    // window 0 Token 供应量
createFirstDay = wmul(totalSupply, 0.2 ether);

// window 1 以及以后的每天 Token 供应量
createPerDay = div(
    sub(sub(totalSupply, foundersAllocation), createFirstDay),
    numberOfDays
);

...

}
wmulIs dapp_matha method provides. In dapp_math define two precision: WADand RAY, and 18 represent the accuracy of position 27. W denotes the operation begins with 18-bit accuracy.

Since there is no solidity of type float, you want to be multiplied by 0.2 multiplied 0.2 etherachieved.

Token initialization
// src/eos.sol

function initialize(DSToken eos) auth {
...

EOS = eos;
// 设置供应总量
EOS.mint(totalSupply);

// 保留 Token 发往 0xb1 这个地址
EOS.push(0xb1, foundersAllocation);
keys[0xb1] = foundersKey;

}
mint Dapp_token method is provided, to set the total supply Token.

Share of the development team is sent to the reservation 0xb1. This address is no one available, equal to lose this amount of Token, but also to ensure Token total supply unchanged. EOS team do not need this token, because after the on-line EOS, now Token Token will be exchanged for the EOS chain.

window time
// Each window is 23 hours long so that end-of-window rotates
// around the clock for all timezones.
function dayFor(uint timestamp) constant returns (uint) {
return timestamp < startTime
? 0
: sub(timestamp, startTime) / 23 hours + 1;
}
Five days before all window 0. After every 23 hours a window. The benefit of this is to have each window start time is rolling, time zones easier for investors to participate.

Purchase logic
function buyWithLimit(uint day, uint limit) payable {
// 限制时间
assert(time() >= openTime && today() <= numberOfDays);
// 最小购买额度 0.01 ether
assert(msg.value >= 0.01 ether);

// 购买记录
userBuys[day][msg.sender] += msg.value;
dailyTotals[day] += msg.value;

}
Token Exchange
function claim(uint day) {
// 防止重复兑换
if (claimed[day][msg.sender] || dailyTotals[day] == 0) {
return;
}

// This will have small rounding errors, but the token is
// going to be truncated to 8 decimal places or less anyway
// when launched on its own chain.

var dailyTotal = cast(dailyTotals[day]);
var userTotal  = cast(userBuys[day][msg.sender]);
// 指定 window 的 Token 供应量除以此 window 的 eth 总量
// 得到兑换比例
var price      = wdiv(cast(createOnDay(day)), dailyTotal);
// 兑换比例乘以指定 window 中此用户支付的 eth 数量得到兑换总量
var reward     = wmul(price, userTotal);
// 记录兑换标志
claimed[day][msg.sender] = true;
// 执行转账
EOS.push(msg.sender, reward);

}
EOS total registered key
function register(string key) {
// 众筹结束之后不再提供注册
assert(today() <= numberOfDays + 1);
assert(bytes(key).length <= 64);

keys[msg.sender] = key;

}
EOS EOS team require investors to generate public and private key on their own before the end of crowdfunding, and the resulting total key registered in the contract. So that after EOS formally launched, users can redeem Token on the EOS.

ETH 转移
function collect() auth {
// window 0 不能转移
assert(today() > 0);
// 将 eth 转移给调用者
exec(msg.sender, this.balance);
}
authDapp_auth permissions provide control methods to ensure that collectthe function can only be executed contract owner.

Security Analysis
EOS uses crowdfunding contract rights dapp_auth provides control functions.

// src/eos.sol
// 继承 DSAuth
contract EOSSale is DSAuth {
}

// lib/ds-auth/src/auth.sol
contract DSAuth is DSAuthEvents {
DSAuthority public authority;
address public owner;

function DSAuth() {
    owner = msg.sender;
}

}
DSAuthThe default permissions provide control is based on the owner's. The default initialization behavior contract creator to owner. While providing setOwnerfunction, you can transfer control.

function setOwner(address owner_)
auth
{
owner = owner_;
LogSetOwner(owner);
}
setOwnerAlso you need to use authto verify permissions.

modifier auth {
assert(isAuthorized(msg.sender, msg.sig));
_;
}

function isAuthorized(address src, bytes4 sig)
internal returns (bool)
{
// 如果调用者是合约自己,通过。
if (src == address(this)) {
return true;
// 如果调用者是 owner ,通过。
} else if (src == owner) {
return true;
// 如果 authority 未设置,失败。
} else if (authority == DSAuthority(0)) {
return false;
} else {
// 检查调用者是否有权限。
return authority.canCall(src, this, sig);
}
}
authority is not set by default behavior, so only the owner verification.

You can see, this contract can be extended right validation logic by setting DSAuthority custom.

contract DSAuthority {
function canCall(
address src, address dst, bytes4 sig
) constant returns (bool);
}

contract DSAuth is DSAuthEvents {
function setAuthority(DSAuthority authority_)
auth
{
authority = authority_;
LogSetAuthority(authority);
}
}
We only need to inherit DSAuthority in their contracts, to achieve canCall method.
Examples of the incoming setAuthority then you can set specific permissions logic.

Business Value Analysis
EOS main features:

Free Trial
Contracts can be upgraded
A block speed to an average 1.5s
Strong serial / parallel performance, you can reach one million-scale transaction processing
Account system, system privileges
Pluggable virtual machine contract
EOS is more convenient to create large high-frequency distributed applications.