Adds Sigma Prime 4.0 audit.

term-finance · Nov 13, 2023 · 47d0675 · 47d0675
1 parent 8312927
commit 47d0675
Show file tree

Hide file tree

Showing 2,220 changed files with 895,131 additions and 0 deletions.
diff --git a/audits/sigma-prime/4.0/Smart Contract Changes #2 - Security Assessment Report - v2.0.pdf b/audits/sigma-prime/4.0/Smart Contract Changes #2 - Security Assessment Report - v2.0.pdf
diff --git a/audits/sigma-prime/4.0/code b/audits/sigma-prime/4.0/code
@@ -0,0 +1 @@
+../../..
diff --git a/audits/sigma-prime/4.0/tests/.gitignore b/audits/sigma-prime/4.0/tests/.gitignore
@@ -0,0 +1,134 @@
+build/
+
+# Created by https://www.gitignore.io/api/python
+
+### Python ###
+# Byte-compiled / optimized / DLL files
+__pycache__/
+*.py[cod]
+*$py.class
+
+# C extensions
+*.so
+
+# Distribution / packaging
+.Python
+build/
+develop-eggs/
+dist/
+downloads/
+eggs/
+.eggs/
+#lib/ # Do not ignore lib, has contracts in scope
+#lib64/
+parts/
+sdist/
+var/
+wheels/
+*.egg-info/
+.installed.cfg
+*.egg
+MANIFEST
+
+# PyInstaller
+#  Usually these files are written by a python script from a template
+#  before PyInstaller builds the exe, so as to inject date/other infos into it.
+*.manifest
+*.spec
+
+# Installer logs
+pip-log.txt
+pip-delete-this-directory.txt
+
+# Unit test / coverage reports
+htmlcov/
+.tox/
+.nox/
+.coverage
+.coverage.*
+.cache
+nosetests.xml
+coverage.xml
+*.cover
+.hypothesis/
+.pytest_cache/
+
+# Translations
+*.mo
+*.pot
+
+# Django stuff:
+*.log
+local_settings.py
+db.sqlite3
+
+# Flask stuff:
+instance/
+.webassets-cache
+
+# Scrapy stuff:
+.scrapy
+
+# Sphinx documentation
+docs/_build/
+
+# PyBuilder
+target/
+
+# Jupyter Notebook
+.ipynb_checkpoints
+
+# IPython
+profile_default/
+ipython_config.py
+
+# pyenv
+.python-version
+
+# celery beat schedule file
+celerybeat-schedule
+
+# SageMath parsed files
+*.sage.py
+
+# Environments
+.env
+.venv
+env/
+venv/
+ENV/
+env.bak/
+venv.bak/
+
+# Spyder project settings
+.spyderproject
+.spyproject
+
+# Rope project settings
+.ropeproject
+
+# mkdocs documentation
+/site
+
+# mypy
+.mypy_cache/
+.dmypy.json
+dmypy.json
+
+### Python Patch ###
+.venv/
+
+### Python.VirtualEnv Stack ###
+# Virtualenv
+# http://iamzed.com/2009/05/07/a-primer-on-virtualenv/
+[Bb]in
+[Ii]nclude
+[Ll]ib
+[Ll]ib64
+[Ll]ocal
+[Ss]cripts
+pyvenv.cfg
+pip-selfcheck.json
+
+
+# End of https://www.gitignore.io/api/python
diff --git a/audits/sigma-prime/4.0/tests/Dockerfile b/audits/sigma-prime/4.0/tests/Dockerfile
@@ -0,0 +1,38 @@
+FROM python:3.9.4-slim-buster
+
+# Get required packages
+RUN apt-get update && \
+apt-get -y upgrade && \
+apt-get install -y --no-install-recommends wget autoconf automake openssl libtool libffi-dev npm make g++ git clang lld && \
+apt-get clean
+
+# build the libsecp256k1 library
+# (in a docker cache friendly way)
+ADD https://api.github.com/repos/bitcoin-core/secp256k1/git/refs/heads/master version.json
+RUN git clone https://github.com/bitcoin-core/secp256k1.git && cd secp256k1 && ./autogen.sh && ./configure && make && make install
+
+# Install Ganache
+RUN npm install -g ganache-cli
+
+# Install solc
+RUN npm install -g solc
+
+# Install the Python requirements
+COPY tests/requirements.txt /
+
+RUN python3 -m pip install --no-cache-dir --upgrade pip && \
+python3 -m pip install --no-cache-dir -r requirements.txt --no-deps
+
+# Copy the contract source code and test suite
+COPY ./code /code
+COPY ./tests /tests
+
+# Set the working directory to the tests/ dir
+WORKDIR /tests
+
+# Create a script for running Ganache and then running the tests (need to sleep to ensure Ganache has initialised)
+RUN echo "brownie test -v" > run-tests.sh
+RUN chmod u+x run-tests.sh
+
+# "docker run" will execute the tests against the compiled contracts
+CMD ./run-tests.sh
diff --git a/audits/sigma-prime/4.0/tests/Makefile b/audits/sigma-prime/4.0/tests/Makefile
@@ -0,0 +1,28 @@
+.PHONY: test
+
+SOLC_FLAGS=--bin --abi
+OPT=--optimize --optimize-runs 10000
+BUILD_DIR=../build
+
+SOURCE_DIR=../../code/chainlink/solidity/contracts/
+OTHERS_DIR=../../code/chainlink/solidity/contracts/interfaces/
+TEST_SOURCE_DIR=../contracts/
+
+
+# Dangerous, but useful for testing known contracts
+ALLOWED_PATHS=/
+
+SOLIDITY_CONTRACTS=*.sol
+
+all: clean compile
+
+clean:
+	mkdir -p ${BUILD_DIR}
+	rm -rf ${BUILD_DIR}/*
+
+compile: $(SOLIDITY_CONTRACTS)
+
+$(SOLIDITY_CONTRACTS):
+	cd node_modules; solc -o ${BUILD_DIR} --overwrite ${OPT} --allow-paths . ${SOLC_FLAGS}  ${SOURCE_DIR}$@
+	cd node_modules; solc -o ${BUILD_DIR} --overwrite ${OPT} --allow-paths . ${SOLC_FLAGS}  ${OTHERS_DIR}$@
+	cd node_modules; solc -o ${BUILD_DIR} --overwrite ${OPT} --allow-paths ${ALLOWED_PATHS} sources=${SOURCE_DIR} ${SOLC_FLAGS} ${TEST_SOURCE_DIR}$@
diff --git a/audits/sigma-prime/4.0/tests/README.md b/audits/sigma-prime/4.0/tests/README.md
@@ -0,0 +1,57 @@
+# Brownie Tests
+
+## Installing Brownie
+
+Brownie can be installed via
+
+```sh
+pip install eth-brownie
+```
+
+Alternatively all required packages can be installed via
+
+```sh
+pip install -r requirements.txt
+```
+
+## Running the Tests
+
+Tests can be run from the directory `review/tests`
+
+```sh
+brownie test
+```
+
+Note you can add all the pytest parameters/flags e.g.
+
+* `tests/test_deploy.py`
+* `-s`
+* `-v`
+* `-k <test_name>`
+
+
+## Initial Setup
+
+This only needs to be done the first time (or possibly just copy `review/tests` next time).
+
+From `review/tests` run
+
+```sh
+brownie init
+```
+
+Make sure the contracts have been copied to `review/tests/contracts`
+
+
+## Writing tests
+
+The same as the old `pytest` style. Add a file named `tests_<blah>.py`
+to the folder `review/tests/tests`.
+
+Each individual test case in the file created above must be a function named
+`test_<test_case>()`.
+
+Checkout the [brownie docs](https://eth-brownie.readthedocs.io/en/stable/tests-pytest-intro.html)
+for details on the syntax.
+
+Note `print(dir(Object))` is handy way to see available methods for a python object.
diff --git a/audits/sigma-prime/4.0/tests/brownie-config.yaml b/audits/sigma-prime/4.0/tests/brownie-config.yaml
@@ -0,0 +1,68 @@
+# NOTE: may want to move this to audit root directory, if target project
+# is structured such that brownie can have that set directly as the `contracts` directory
+# (to avoid copying)
+project_structure:
+    build: build
+    contracts: contracts
+    interfaces: interfaces
+    reports: reports
+    scripts: scripts
+    tests: tests
+
+networks:
+    default: development
+    development:
+        gas_limit: max
+        gas_buffer: 1
+        gas_price: 0
+        reverting_tx_gas_limit: max
+        default_contract_owner: true
+        cmd_settings:
+            accounts: 20
+            default_balance: 1000000
+    live:
+        gas_limit: auto
+        gas_buffer: 1.1
+        gas_price: auto
+        reverting_tx_gas_limit: false
+        default_contract_owner: false
+
+compiler:
+    evm_version: null
+    solc:
+        version: null
+        optimizer:
+            enabled: true
+            runs: 100 # At 200, the contract size of TermAuctionBidLocker is too large.
+        remappings:
+            - "@openzeppelin=deps/@openzeppelin"
+            - "@chainlink=deps/@chainlink"
+            - "hardhat=deps/@hardhat"
+    vyper:
+        version: null
+
+console:
+    show_colors: true
+    color_style: monokai
+    auto_suggest: true
+    completions: true
+
+reports:
+    exclude_paths: null
+    exclude_contracts: null
+
+hypothesis:
+    deadline: null
+    max_examples: 50
+    report_multiple_bugs: False
+    stateful_step_count: 10
+    phases:
+        explicit: true
+        reuse: true
+        generate: true
+        target: true
+        shrink: true
+
+autofetch_sources: false
+dependencies: null
+dev_deployment_artifacts: false