Oracles POA Network smart contracts
Ethereum smart contracts to manage validators in Oracles POA Network
Oracles POA Network contracts features checklist
These are contracts for storing and managing the data for validators.
№
Description
Status
1
Validator's personal data addition is available for valid initial key from ceremony
2
Validator's personal data addition is forbidden for invalid initial key from ceremony
3
Validator's personal data addition is forbidden for the same valid initial key from ceremony twice
4
Validator's personal data addition is forbidden from ceremony, if counter of initial keys, invalidated from ceremony, reached the limit
5
Validator's personal data addition is available for valid voting key from governance
6
Validator's personal data addition is forbidden for invalid voting key from governance
7
Validator's personal data addition is forbidden for the same valid voting key from governance twice
8
Validator's personal data addition is forbidden from governance, if counter of validators, added from governance, reached the limit
9
Mining key is added to validators' array after generation of new production keys
10
Personal data: output zip code is equal to input zip code and it is a bignumber
11
Personal data: output licenseExpiredAt is equal to input licenseExpiredAt and it is a bignumber
12
Personal data: output licenseID is equal to input licenseID
13
Personal data: output fullname is equal to input fullname
14
Personal data: output streetname is equal to input streetname
15
Personal data: output state is equal to input state
16
Personal data: output sisablingDate is empty
These are contracts for storing and managing the data for Oracles POA Network Keys Generation dApp .
№
Description
Status
1
Initial key addition is available for contract owner
2
Initial key addition fails to add same key twice
3
Initial key is valid after execution of addInitialKey
function
4
Initial key generation is forbidden for non-owner of contract
5
It is allowed to add only limited number of initial keys (25)
6
Production keys generation fails for invalid initial key
7
Production keys generation fails for used initial key
8
Licenses counter is incremented by generation of production keys
9
Initial keys invalidation counter is incremented by generation of production keys
10
Mining, voting and payout keys are generated after execution createKeys
function, and they are valid
11
Initial key is invalidated immediately after mining/payout/voting keys are created
These are contracts for storing and managing the data for Oracles POA Network Governance dApp .
To be done...
Known Ethereum contracts attack vectors checklist
№
Attack vector
Description
Status
1
Race Conditions
The order of transactions themselves (within a block) is easily subject to manipulation
1.a
Reentrancy
Functions can be called repeatedly, before the first invocation of the function was finished
1.b
Cross-function Race Conditions
A similar attack using two different functions that share the same state
1.c
Pitfalls in Race Condition Solutions
Avoiding of calling functions which call external functions
2
Timestamp Dependence
Timestamp of the block can be manipulated by the miner
3
Integer Overflow and Underflow
Usage of unlimited increments can cause such issue
4
DoS with (Unexpected) Throw
Unexpected throw is reached with some contract method for any user, because of malicious user called it before with bad parameters
5
DoS with Block Gas Limit
Block gas limit can be reached, for example, with looping through an array with unknown size and sending send()
in a single transaction. Sending should be divided to multiple transactions
Compiling of Oracles contract
Install dapp cli
git clone https://github.com/oraclesorg/oracles-contract
// clone repository
cd oracles-contract/
// move to folder with project
git submodule update --init --recursive
// get submodules data
dapp build
// compiling of contracts to ./out
Expected result:
./out/Oracles.bin
- bytecode of Oracles contract
./out/Oracles.abi
- binary interface of Oracles contract
Start testrpc process with specific accounts and balances. Use make testrpc
command.
Run tests with command truffle test
.