Merge pull request #79 from argentlabs/release/1.5.0

Release 1.5.0

.circleci/config.yml

@@ -0,0 +1,55 @@
+version: 2
+
+job_common: &job_common
+  docker:
+    - image: circleci/node:8.12-stretch
+  working_directory: ~/argent-contracts
+step_save_cache: &step_save_cache
+  save_cache:
+    paths:
+      - ~/.cache/package-lock
+    key: node-modules-{{ checksum "package-lock.json" }}
+step_restore_cache: &step_restore_cache
+  restore_cache:
+    keys:
+      - node-modules-{{ checksum "package-lock.json" }}
+step_setup_global_packages: &step_setup_global_packages
+  run:
+    name: "Set up global packages"
+    command: |
+      npm install
+
+jobs:
+  unit-test:
+    <<: *job_common
+    steps:
+      - checkout
+      - <<: *step_restore_cache
+      - <<: *step_setup_global_packages
+      - run:
+          name: "Lint contracts"
+          command: npm run lint:contracts
+      - run:
+          name: "Compiling external library contracts"
+          command: npm run compile:lib
+      - run:
+          name: "Compiling contracts"
+          command: npm run compile
+      - run:
+          name: "Running unit tests"
+          command: npm run ganache >/dev/null 2>&1 & npm run test
+      - run:
+          name: "Testing deployment scripts"
+          command: npm run ganache >/dev/null 2>&1 & npm run test:deployment
+      - <<: *step_save_cache
+      # Save test results to artifacts
+      - store_test_results:
+          path: test-results.xml
+      - store_artifacts:
+          path: test-results.xml
+
+workflows:
+  version: 2
+  commit:
+    jobs:
+      - unit-test

.gitignore

@@ -30,6 +30,7 @@ utils/config/*.json
 
 ## Etherlime
 **/.etherlime-store
+flat
 
 
 

.nvmrc

@@ -0,0 +1 @@
+8.12.0

.soliumignore

@@ -0,0 +1,48 @@
+node_modules
+migrations
+openzeppelin-solidity
+lib
+contracts/test/CryptoKitties.sol
+contracts/test/KyberNetworkTest.sol
+contracts/test/TestContract.sol
+contracts/test/TestERC20.sol
+contracts/test/TestERC721.sol
+contracts/test/argent/legacy/LegacyBaseWallet.sol
+contracts/test/argent/legacy/TokenTransfer.sol
+contracts/test/argent/utils/ERC20Approver.sol
+contracts/test/argent/utils/NewTestModule.sol
+contracts/test/argent/utils/NonCompliantGuardian.sol
+contracts/test/argent/utils/OldTestModule.sol
+contracts/test/argent/utils/TestDapp.sol
+contracts/test/argent/utils/TestModule.sol
+contracts/test/argent/utils/TestOnlyOwnerModule.sol
+contracts/test/compound/CErc20.sol
+contracts/test/compound/CEther.sol
+contracts/test/compound/CToken.sol
+contracts/test/compound/CarefulMath.sol
+contracts/test/compound/Comptroller.sol
+contracts/test/compound/ComptrollerInterface.sol
+contracts/test/compound/ComptrollerStorage.sol
+contracts/test/compound/EIP20Interface.sol
+contracts/test/compound/EIP20NonStandardInterface.sol
+contracts/test/compound/ErrorReporter.sol
+contracts/test/compound/Exponential.sol
+contracts/test/compound/InterestRateModel.sol
+contracts/test/compound/Maximillion.sol
+contracts/test/compound/PriceOracle.sol
+contracts/test/compound/PriceOracleProxy.sol
+contracts/test/compound/ReentrancyGuard.sol
+contracts/test/compound/SimplePriceOracle.sol
+contracts/test/compound/Unitroller.sol
+contracts/test/compound/WhitePaperInterestRateModel.sol
+contracts/test/maker/DS/DSAuth.sol
+contracts/test/maker/DS/DSMath.sol
+contracts/test/maker/DS/DSNote.sol
+contracts/test/maker/DS/DSStop.sol
+contracts/test/maker/DS/DSThing.sol
+contracts/test/maker/DS/DSToken.sol
+contracts/test/maker/DS/DSValue.sol
+contracts/test/maker/MockScdMcdMigration.sol
+contracts/test/maker/SaiTub.sol
+contracts/test/maker/SaiVox.sol
+contracts/test/maker/WETH9.sol

.soliumrc.json

@@ -0,0 +1,14 @@
+{
+    "extends": "solium:all",
+    "plugins": ["security"],
+    "rules": {
+      "arg-overflow": ["warning", 5],
+      "variable-declarations": "error",
+      "security/no-inline-assembly": 0,
+      "error-reason": "error",
+      "max-len": "error",
+      "no-trailing-whitespace": "error",
+      "blank-lines": 0
+    }
+  }
+

README.md

@@ -12,6 +12,10 @@ npm install
 ```
 
 ## Compile
+Compile the external contracts:
+```
+npm run compile:lib
+```
 
 Compile the contracts:
 ```

contracts/MultiSigWallet.sol

@@ -1,22 +1,37 @@
+// Copyright (C) 2018  Argent Labs Ltd. <https://argent.xyz>
+
+// This program is free software: you can redistribute it and/or modify
+// it under the terms of the GNU General Public License as published by
+// the Free Software Foundation, either version 3 of the License, or
+// (at your option) any later version.
+
+// This program is distributed in the hope that it will be useful,
+// but WITHOUT ANY WARRANTY; without even the implied warranty of
+// MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE.  See the
+// GNU General Public License for more details.
+
+// You should have received a copy of the GNU General Public License
+// along with this program.  If not, see <http://www.gnu.org/licenses/>.
+
 pragma solidity ^0.5.4;
 
 /**
  * @title MultiSig
  * @dev Simple MultiSig using off-chain signing.
- * @author Julien Niset - <julien@argent.im>
+ * @author Julien Niset - <julien@argent.xyz>
  */
 contract MultiSigWallet {
 
     uint constant public MAX_OWNER_COUNT = 10;
 
     // Incrementing counter to prevent replay attacks
-    uint256 public nonce;   
-    // The threshold           
-    uint256 public threshold; 
+    uint256 public nonce;
+    // The threshold
+    uint256 public threshold;
     // The number of owners
     uint256 public ownersCount;
     // Mapping to check if an address is an owner
-    mapping (address => bool) public isOwner; 
+    mapping (address => bool) public isOwner;
 
     // Events
     event OwnerAdded(address indexed owner);
@@ -26,7 +41,8 @@ contract MultiSigWallet {
     event Received(uint256 indexed value, address indexed from);
 
     /**
-     * @dev Throws is the calling account is not the multisig.
+     * @dev Throws if the calling account is not the multisig.
+     * @dev Mainly used for enforcing the use of internal functions through the "execute" function
      */
     modifier onlyWallet() {
         require(msg.sender == address(this), "MSW: Calling account is not wallet");
@@ -36,23 +52,23 @@ contract MultiSigWallet {
     /**
      * @dev Constructor.
      * @param _threshold The threshold of the multisig.
-     * @param _owners The owners of the multisig.
+     * @param _owners The initial set of owners of the multisig.
      */
     constructor(uint256 _threshold, address[] memory _owners) public {
         require(_owners.length > 0 && _owners.length <= MAX_OWNER_COUNT, "MSW: Not enough or too many owners");
         require(_threshold > 0 && _threshold <= _owners.length, "MSW: Invalid threshold");
         ownersCount = _owners.length;
         threshold = _threshold;
-        for(uint256 i = 0; i < _owners.length; i++) {
+        for (uint256 i = 0; i < _owners.length; i++) {
             isOwner[_owners[i]] = true;
             emit OwnerAdded(_owners[i]);
         }
         emit ThresholdChanged(_threshold);
     }
 
     /**
-     * @dev Only entry point of the multisig. The method will execute any transaction provided that it 
-     * receieved enough signatures from the wallet owners.  
+     * @dev Only entry point of the multisig. The method will execute any transaction provided that it
+     * receieved enough signatures from the wallet owners.
      * @param _to The destination address for the transaction to execute.
      * @param _value The value parameter for the transaction to execute.
      * @param _data The data parameter for the transaction to execute.
@@ -68,27 +84,28 @@ contract MultiSigWallet {
         nonce += 1;
         uint256 valid = 0;
         address lastSigner = address(0);
-        for(uint256 i = 0; i < count; i++) {
+        for (uint256 i = 0; i < count; i++) {
             (v,r,s) = splitSignature(_signatures, i);
             address recovered = ecrecover(keccak256(abi.encodePacked("\x19Ethereum Signed Message:\n32",txHash)), v, r, s);
             require(recovered > lastSigner, "MSW: Badly ordered signatures"); // make sure signers are different
             lastSigner = recovered;
-            if(isOwner[recovered]) {
+            if (isOwner[recovered]) {
                 valid += 1;
-                if(valid >= threshold) {
+                if (valid >= threshold) {
+                    // solium-disable-next-line security/no-call-value
                     (bool success,) = _to.call.value(_value)(_data);
                     require(success, "MSW: External call failed");
                     emit Executed(_to, _value, _data);
                     return;
                 }
             }
         }
-        // If we reach that point then the transaction is not executed
+        // If not enough signatures for threshold, then the transaction is not executed
         revert("MSW: Not enough valid signatures");
     }
 
     /**
-     * @dev Adds an owner to the multisig. This method can only be called by the multisig itself 
+     * @dev Adds an owner to the multisig. This method can only be called by the multisig itself
      * (i.e. it must go through the execute method and be confirmed by the owners).
      * @param _owner The address of the new owner.
      */
@@ -101,9 +118,9 @@ contract MultiSigWallet {
     }
 
     /**
-     * @dev Removes an owner from the multisig. This method can only be called by the multisig itself 
+     * @dev Removes an owner from the multisig. This method can only be called by the multisig itself
      * (i.e. it must go through the execute method and be confirmed by the owners).
-     * @param _owner The address of the removed owner.
+     * @param _owner The address of the owner to be removed.
      */
     function removeOwner(address _owner) public onlyWallet {
         require(ownersCount > threshold, "MSW: Too few owners left");
@@ -114,7 +131,7 @@ contract MultiSigWallet {
     }
 
     /**
-     * @dev Changes the threshold of the multisig. This method can only be called by the multisig itself 
+     * @dev Changes the threshold of the multisig. This method can only be called by the multisig itself
      * (i.e. it must go through the execute method and be confirmed by the owners).
      * @param _newThreshold The new threshold.
      */
@@ -125,28 +142,29 @@ contract MultiSigWallet {
     }
 
     /**
-     * @dev Makes it possible for the multisig to receive ETH.
-     */
-    function () external payable {
-        emit Received(msg.value, msg.sender);        
-    }
-
-        /**
      * @dev Parses the signatures and extract (r, s, v) for a signature at a given index.
-     * A signature is {bytes32 r}{bytes32 s}{uint8 v} in compact form and signatures are concatenated.
+     * A signature is {bytes32 r}{bytes32 s}{uint8 v} in compact form where the signatures are concatenated.
      * @param _signatures concatenated signatures
      * @param _index which signature to read (0, 1, 2, ...)
      */
     function splitSignature(bytes memory _signatures, uint256 _index) internal pure returns (uint8 v, bytes32 r, bytes32 s) {
         // we jump 32 (0x20) as the first slot of bytes contains the length
         // we jump 65 (0x41) per signature
         // for v we load 32 bytes ending with v (the first 31 come from s) tehn apply a mask
+        // solium-disable-next-line security/no-inline-assembly
         assembly {
             r := mload(add(_signatures, add(0x20,mul(0x41,_index))))
             s := mload(add(_signatures, add(0x40,mul(0x41,_index))))
             v := and(mload(add(_signatures, add(0x41,mul(0x41,_index)))), 0xff)
         }
-        require(v == 27 || v == 28, "MSW: Invalid v"); 
+        require(v == 27 || v == 28, "MSW: Invalid v");
+    }
+
+    /**
+     * @dev Fallback function to allow the multisig to receive ETH, which will fail if not implemented
+     */
+    function () external payable {
+        emit Received(msg.value, msg.sender);
     }
 
 }

contracts/base/Managed.sol

@@ -1,3 +1,18 @@
+// Copyright (C) 2018  Argent Labs Ltd. <https://argent.xyz>
+
+// This program is free software: you can redistribute it and/or modify
+// it under the terms of the GNU General Public License as published by
+// the Free Software Foundation, either version 3 of the License, or
+// (at your option) any later version.
+
+// This program is distributed in the hope that it will be useful,
+// but WITHOUT ANY WARRANTY; without even the implied warranty of
+// MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE.  See the
+// GNU General Public License for more details.
+
+// You should have received a copy of the GNU General Public License
+// along with this program.  If not, see <http://www.gnu.org/licenses/>.
+
 pragma solidity ^0.5.4;
 import "./Owned.sol";
 
@@ -23,15 +38,15 @@ contract Managed is Owned {
     event ManagerRevoked(address indexed _manager);
 
     /**
-    * @dev Adds a manager. 
+    * @dev Adds a manager.
     * @param _manager The address of the manager.
     */
     function addManager(address _manager) external onlyOwner {
         require(_manager != address(0), "M: Address must not be null");
-        if(managers[_manager] == false) {
+        if (managers[_manager] == false) {
             managers[_manager] = true;
             emit ManagerAdded(_manager);
-        }        
+        }
     }
 
     /**

contracts/base/Owned.sol

@@ -1,3 +1,18 @@
+// Copyright (C) 2018  Argent Labs Ltd. <https://argent.xyz>
+
+// This program is free software: you can redistribute it and/or modify
+// it under the terms of the GNU General Public License as published by
+// the Free Software Foundation, either version 3 of the License, or
+// (at your option) any later version.
+
+// This program is distributed in the hope that it will be useful,
+// but WITHOUT ANY WARRANTY; without even the implied warranty of
+// MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE.  See the
+// GNU General Public License for more details.
+
+// You should have received a copy of the GNU General Public License
+// along with this program.  If not, see <http://www.gnu.org/licenses/>.
+
 pragma solidity ^0.5.4;
 
 /**