This repository contains the smart contracts and test scripts used by the Quantstamp Assurance Protocol. Formerly, this project was called the "Staking Protocol". This is why you will encounter the term "staking" several times in this repository. Note, however, that "staking" is equivalent with "providing assurance".
Below is the list of urls associated with version V1 of the contract. To retrieve the minor versions, replace the major version with a full version in each path. For example, if you want to retrieve the address of QuantstampStaking for v1.1.0, change QuantstampStaking-v-1-meta.json to QuantstampStaking-v-1.1.0-meta.json in the corresponding url.
- Staking contract:
- Metadata (owner and contract address): https://s3.amazonaws.com/qsp-staking-protocol-contract/dev/QuantstampStaking-v-1-meta.json
- ABI: https://s3.amazonaws.com/qsp-staking-protocol-contract/dev/QuantstampStaking-v-1-abi.json
- Staking data contract:
- Security expert whitelist:
- Staking contract:
- Staking data contract:
- Security expert whitelist:
To access other contracts, substitute the corresponding contract name in the URLs above.
For querying, go to: https://ropsten.etherscan.io/address/{address}#readContract , where {address} is contractAddress copied from the corresponding metadata file.
- Node.JS v8 with npm
npm install- For convenience, install Truffle globally:
npm install -g truffle@0.0.0, replacing0.0.0by the Truffle version frompackage.json - Install Ganache (Formerly,
testrpc), either:- UI version of version
1.1.0or - Console version:
npm install -g ganache-cli@6.1.0and then (from another terminal tab):testrpc -p 7545
- UI version of version
truffle compilenpm test. To also generate a code coverage report, runnpm run test-covinstead.- To ensure correct commit hooks:
ln -s -f $(git rev-parse --show-toplevel)/pre-commit $(git rev-parse --show-toplevel)/.git/hooks/pre-commitchmod +x $(git rev-parse --show-toplevel)/.git/hooks/pre-commit
- Place the secret mnemonic phrase and the Infura API token into
credentials.js. - Ensure you have aws-cli installed and AWS credentials configured allowing publishing artifacts to S3.
- Edit
truffle.jsto specifytruebesides the contracts you are willing to redeploy:
deploy: {
Registry: false,
QuantstampStaking: true
},
- Deploy the contract(s) to the desired network:
truffle migrate --network dev(Ropsten network, development environment with QSP token)truffle migrate --network safe(Ropsten network, development environment with SAFE token)truffle migrate --network prod(Ethereum MainNet, to be implemented)
Note: if deployment does not start, append the --reset flag to the command.
Note: DO NOT FORGET to set the minimum deposit value after redeployment by
calling the setGlobalMinDepositQspWei(...) as the owner on every deployment
of the QuantstampStaking contract. The default value is 0 (any deposit
greater than 0 QSP-wei goes).
npm test automatically deploys the contract to Ganache and runs tests against it. To deploy the contract to Ganache manually (e.g., for purposes of manual testing), do truffle test --migrate development
Interacting with the smart contracts, one can use a Trezor hardware wallet for signing transaction. All he needs to do are alter truffle.js
and set the provider field of a desired network to an instance of TrezorWalletProvider.
This class accepts an address of a web3 provider, such as infura.
If you are using the Trezor for the first time on your machine, please visit trezor.io/start for installing your device's drivers.
For accepting a wallet PIN, make sure a recent version of JRE
is executable from the command-line. A successful execution of java -version shows the validity of this fact.
Without using a hardware wallet, one alternatively use HDWalletProvider for signing transactions. This wallet accepts
a mnemonic key and a web3 provider address for signing transactions.
All automated tests are implemented in JavaScript files under the test directory. All tests are independent from each other and target the testing of a particular functionality / use-case of the cotnract, with the exception of the ComplexFunctionalTest.js. As indicated by its file name, the test aims to simulate a complex scenario where there are 5 pools with different parameters and owners, as well as 5 different stakeholders, 3 of which are security experts. The tests in this file are dependent on each other and they are illustrated in the figure below.
The timeline flows horizontally from left to right. Each pool has a particular color and different parameters which are indicated at the bottom of the figure. Each staker has a different color and can stake in several pools. All text boxes represent an aspect that must be tested and the line connecting a text box to the timeline represents the point in time when the test should be performed. The code in ComplexFunctionalTest.js should mirror the steps in this figure.