add ethlint/solium and fix contract lint problems

.soliumignore

@@ -0,0 +1,2 @@
+node_modules
+contracts/Migrations.sol

.soliumrc.json

@@ -0,0 +1,10 @@
+{
+  "extends": "solium:recommended",
+  "plugins": ["security"],
+  "rules": {
+    "quotes": ["error", "double"],
+    "indentation": ["error", 4],
+    "linebreak-style": ["error", "unix"],
+    "security/no-block-members": "off"
+  }
+}

contracts/HashedTimelock.sol

@@ -5,7 +5,7 @@ pragma solidity ^0.5.0;
  *
  * This contract provides a way to create and keep HTLCs for ETH.
  *
- * See HashedTimelockERC20.sol for a contract that provides the same functions 
+ * See HashedTimelockERC20.sol for a contract that provides the same functions
  * for ERC20 tokens.
  *
  * Protocol:
@@ -14,8 +14,8 @@ pragma solidity ^0.5.0;
  *      a new HTLC and gets back a 32 byte contract id
  *  2) withdraw(contractId, preimage) - once the receiver knows the preimage of
  *      the hashlock hash they can claim the ETH with this function
- *  3) refund() - after timelock has expired and if the receiver did not 
- *      withdraw funds the sender / creator of the HTLC can get their ETH 
+ *  3) refund() - after timelock has expired and if the receiver did not
+ *      withdraw funds the sender / creator of the HTLC can get their ETH
  *      back with this function.
  */
 contract HashedTimelock {
@@ -81,14 +81,14 @@ contract HashedTimelock {
     mapping (bytes32 => LockContract) contracts;
 
     /**
-     * @dev Sender sets up a new hash time lock contract depositing the ETH and 
+     * @dev Sender sets up a new hash time lock contract depositing the ETH and
      * providing the reciever lock terms.
      *
      * @param _receiver Receiver of the ETH.
      * @param _hashlock A sha-2 sha256 hash hashlock.
-     * @param _timelock UNIX epoch seconds time that the lock expires at. 
+     * @param _timelock UNIX epoch seconds time that the lock expires at.
      *                  Refunds can be made after this time.
-     * @return contractId Id of the new HTLC. This is needed for subsequent 
+     * @return contractId Id of the new HTLC. This is needed for subsequent
      *                    calls.
      */
     function newContract(address payable _receiver, bytes32 _hashlock, uint _timelock)
@@ -109,10 +109,10 @@ contract HashedTimelock {
         );
 
         // Reject if a contract already exists with the same parameters. The
-        // sender must change one of these parameters to create a new distinct 
+        // sender must change one of these parameters to create a new distinct
         // contract.
         if (haveContract(contractId))
-            revert();
+            revert("Contract already exists");
 
         contracts[contractId] = LockContract(
             msg.sender,
@@ -200,8 +200,16 @@ contract HashedTimelock {
         if (haveContract(_contractId) == false)
             return (address(0), address(0), 0, 0, 0, false, false, 0);
         LockContract storage c = contracts[_contractId];
-        return (c.sender, c.receiver, c.amount, c.hashlock, c.timelock,
-                c.withdrawn, c.refunded, c.preimage);
+        return (
+            c.sender,
+            c.receiver,
+            c.amount,
+            c.hashlock,
+            c.timelock,
+            c.withdrawn,
+            c.refunded,
+            c.preimage
+        );
     }
 
     /**

contracts/HashedTimelockERC20.sol

@@ -7,24 +7,21 @@ import "openzeppelin-solidity/contracts/token/ERC20/ERC20.sol";
 *
 * This contract provides a way to create and keep HTLCs for ERC20 tokens.
 *
-* See HashedTimelock.sol for a contract that provides the same functions 
+* See HashedTimelock.sol for a contract that provides the same functions
 * for the native ETH token.
 *
 * Protocol:
 *
-*  1) newContract(receiver, hashlock, timelock, tokenContract, amount) - a 
-*      sender calls this to create a new HTLC on a given token (tokenContract) 
+*  1) newContract(receiver, hashlock, timelock, tokenContract, amount) - a
+*      sender calls this to create a new HTLC on a given token (tokenContract)
 *       for a given amount. A 32 byte contract id is returned
 *  2) withdraw(contractId, preimage) - once the receiver knows the preimage of
 *      the hashlock hash they can claim the tokens with this function
-*  3) refund() - after timelock has expired and if the receiver did not 
-*      withdraw the tokens the sender / creator of the HTLC can get their tokens 
+*  3) refund() - after timelock has expired and if the receiver did not
+*      withdraw the tokens the sender / creator of the HTLC can get their tokens
 *      back with this function.
  */
 contract HashedTimelockERC20 {
-    constructor() public {
-    }
-
     event HTLCERC20New(
         bytes32 indexed contractId,
         address indexed sender,
@@ -43,7 +40,9 @@ contract HashedTimelockERC20 {
         address tokenContract;
         uint256 amount;
         bytes32 hashlock;
-        uint256 timelock; // locked UNTIL this time. Unit depends on consensus algorithm. PoA, PoA and IBFT all use seconds. But Quorum Raft uses nano-seconds
+        // locked UNTIL this time. Unit depends on consensus algorithm.
+        // PoA, PoA and IBFT all use seconds. But Quorum Raft uses nano-seconds
+        uint256 timelock;
         bool withdrawn;
         bool refunded;
         bytes32 preimage;
@@ -96,16 +95,16 @@ contract HashedTimelockERC20 {
      * @dev Sender / Payer sets up a new hash time lock contract depositing the
      * funds and providing the reciever and terms.
      *
-     * NOTE: _receiver must first call approve() on the token contract. 
+     * NOTE: _receiver must first call approve() on the token contract.
      *       See allowance check in tokensTransferable modifier.
 
      * @param _receiver Receiver of the tokens.
      * @param _hashlock A sha-2 sha256 hash hashlock.
-     * @param _timelock UNIX epoch seconds time that the lock expires at. 
+     * @param _timelock UNIX epoch seconds time that the lock expires at.
      *                  Refunds can be made after this time.
      * @param _tokenContract ERC20 Token contract address.
      * @param _amount Amount of the token to lock up.
-     * @return contractId Id of the new HTLC. This is needed for subsequent 
+     * @return contractId Id of the new HTLC. This is needed for subsequent
      *                    calls.
      */
     function newContract(
@@ -135,11 +134,11 @@ contract HashedTimelockERC20 {
         // sender must change one of these parameters (ideally providing a
         // different _hashlock).
         if (haveContract(contractId))
-            revert();
+            revert("Contract already exists");
 
         // This contract becomes the temporary owner of the tokens
         if (!ERC20(_tokenContract).transferFrom(msg.sender, address(this), _amount))
-            revert();
+            revert("transferFrom sender to this failed");
 
         contracts[contractId] = LockContract(
             msg.sender,

contracts/HashedTimelockERC721.sol

@@ -7,18 +7,18 @@ import "openzeppelin-solidity/contracts/token/ERC721/ERC721.sol";
 *
 * This contract provides a way to create and keep HTLCs for ERC721 tokens.
 *
-* See HashedTimelock.sol for a contract that provides the same functions 
+* See HashedTimelock.sol for a contract that provides the same functions
 * for the native ETH token.
 *
 * Protocol:
 *
-*  1) newContract(receiver, hashlock, timelock, tokenContract, tokenId) - a 
-*      sender calls this to create a new HTLC on a given token (tokenContract) 
+*  1) newContract(receiver, hashlock, timelock, tokenContract, tokenId) - a
+*      sender calls this to create a new HTLC on a given token (tokenContract)
 *       for a given token ID. A 32 byte contract id is returned
 *  2) withdraw(contractId, preimage) - once the receiver knows the preimage of
 *      the hashlock hash they can claim the tokens with this function
-*  3) refund() - after timelock has expired and if the receiver did not 
-*      withdraw the tokens the sender / creater of the HTLC can get their tokens 
+*  3) refund() - after timelock has expired and if the receiver did not
+*      withdraw the tokens the sender / creater of the HTLC can get their tokens
 *      back with this function.
  */
 contract HashedTimelockERC721 {
@@ -41,7 +41,9 @@ contract HashedTimelockERC721 {
         address tokenContract;
         uint256 tokenId;
         bytes32 hashlock;
-        uint256 timelock; // locked UNTIL this time. Unit depends on consensus algorithm. PoA, PoA and IBFT all use seconds. But Quorum Raft uses nano-seconds
+        // locked UNTIL this time. Unit depends on consensus algorithm.
+        // PoA, PoA and IBFT all use seconds. But Quorum Raft uses nano-seconds
+        uint256 timelock;
         bool withdrawn;
         bool refunded;
         bytes32 preimage;
@@ -52,7 +54,7 @@ contract HashedTimelockERC721 {
         // so that it is able to honor the claim request later
         require(
             ERC721(_token).getApproved(_tokenId) == address(this),
-            "The HTLC contract must have been designated an approved spender for the tokenId"
+            "The HTLC must have been designated an approved spender for the tokenId"
         );
         _;
     }
@@ -95,16 +97,16 @@ contract HashedTimelockERC721 {
      * @dev Sender / Payer sets up a new hash time lock contract depositing the
      * funds and providing the reciever and terms.
      *
-     * NOTE: _receiver must first call approve() on the token contract. 
+     * NOTE: _receiver must first call approve() on the token contract.
      *       See isApprovedOrOwner check in tokensTransferable modifier.
 
      * @param _receiver Receiver of the tokens.
      * @param _hashlock A sha-2 sha256 hash hashlock.
-     * @param _timelock UNIX epoch seconds time that the lock expires at. 
+     * @param _timelock UNIX epoch seconds time that the lock expires at.
      *                  Refunds can be made after this time.
      * @param _tokenContract ERC20 Token contract address.
      * @param _tokenId Id of the token to lock up.
-     * @return contractId Id of the new HTLC. This is needed for subsequent 
+     * @return contractId Id of the new HTLC. This is needed for subsequent
      *                    calls.
      */
     function newContract(
@@ -134,7 +136,7 @@ contract HashedTimelockERC721 {
         // sender must change one of these parameters (ideally providing a
         // different _hashlock).
         if (haveContract(contractId))
-            revert();
+            revert("Contract already exists");
 
         // This contract becomes the temporary owner of the token
         ERC721(_tokenContract).transferFrom(msg.sender, address(this), _tokenId);