verify grant contribution transactions on the blockchain #5950
Conversation
evgeniuz
requested review from
danlipert,
octavioamu and
thelostone-mc
as code owners
|
CI job failed, because error log exceeded maximum length, but all those errors are related to JS, which I didn't touch. Not sure how to fix this. |
|
should i pay this out @gitcoinco/engineers ? could be good to get in before round 5 |
| return False, 'approval is not given to splitter' | ||
|
|
||
| if not same_address(split_call[1]['tokenAddress'], approve_tx['to']): | ||
| return False, 'splitter uses incorrect token' |
There was a problem hiding this comment.
what transactions did you use to test this against?
There was a problem hiding this comment.
Here's a successful one I've used for testing:
tx_id: https://etherscan.io/tx/0x45c9d0b6d29386d5996d58d6687bb27be13fb7488493cb6feb16db22920f1aba
split_tx_id: https://etherscan.io/tx/0x6fae97cc0e2810b3929ce53e95a0e1c4959362cce9818d8631934bcca83f96b7
Here's the one where all calls were made, but amount approved and actually sent is incorrect (this is trickiest case, because here everything looks correct, except actual amount of tokens).
tx_id: https://etherscan.io/tx/0xe83d42ed1d6305ac099adb61929af921fd8ea3ca61a6585c1c6a840d452bfe02
split_tx_id: https://etherscan.io/tx/0x0f4837fc443dea4ae50e511c2f79960675e99287d97891aa6ded06a539bf5fec
I've created contributions with these tx's using Django shell, then ran verify_contributions against them.
P. S. I've used some other ones, but these are the ones that are still in my testing database.
|
thanks. im gonna pay this out now.
…On Wed, Apr 1, 2020 at 4:45 PM Evgeniy Filatov ***@***.***> wrote:
***@***.**** commented on this pull request.
------------------------------
In app/grants/models.py
<#5950 (comment)>:
> + return False, 'cannot decode contract calls'
+
+ if not same_address(approve_tx['from'], splitter_tx['from']):
+ return False, 'approve and split transactions sent from different addresses'
+
+ if not same_address(approve_tx['to'], self.subscription.token_address):
+ return False, 'incorrect token approved'
+
+ if not same_address(splitter_tx['to'], settings.SPLITTER_CONTRACT_ADDRESS):
+ return False, 'incorrect splitter used'
+
+ if not same_address(approve_call[1]['_spender'], splitter_tx['to']):
+ return False, 'approval is not given to splitter'
+
+ if not same_address(split_call[1]['tokenAddress'], approve_tx['to']):
+ return False, 'splitter uses incorrect token'
Here's a successful one I've used for testing:
tx_id:
https://etherscan.io/tx/0x45c9d0b6d29386d5996d58d6687bb27be13fb7488493cb6feb16db22920f1aba
split_tx_id:
https://etherscan.io/tx/0x6fae97cc0e2810b3929ce53e95a0e1c4959362cce9818d8631934bcca83f96b7
Here's the one where all calls were made, but amount approved and actually
sent is incorrect (this is trickiest case, because here everything looks
correct, except actual amount of tokens).
tx_id:
https://etherscan.io/tx/0xe83d42ed1d6305ac099adb61929af921fd8ea3ca61a6585c1c6a840d452bfe02
split_tx_id:
https://etherscan.io/tx/0x0f4837fc443dea4ae50e511c2f79960675e99287d97891aa6ded06a539bf5fec
I've created contributions with these tx's using Django shell, then ran
verify_contributions against them.
P. S. I've used some other ones, but these are the ones that are still in
my testing database.
—
You are receiving this because you commented.
Reply to this email directly, view it on GitHub
<#5950 (comment)>, or
unsubscribe
<https://github.com/notifications/unsubscribe-auth/AAD5PCMREEEJO7OWTNEBQSDRKO7XHANCNFSM4KQMZZSQ>
.
_________________________________________
gitcoin is live and has generated over $4.0mm for Open Source Software - see
our results <https://gitcoin.co/results>
|
Description
Added verification of grant contributions against blockchain.
Refers/Fixes
Fixes: #5762