# GoodDollar Bounty ## Description GoodDollar has recently launched its basic income protocol (you can learn more via our White Paper and Lite Paper published here). This bug bounty challenge serves to stress-test the GoodDollar smart contracts. Successful submissions are at the discretion of the GoodDollar CTO, and will require evidence and documentation of any hack ## Information GoodDollar is a people-powered framework to generate, finance, and distribute global basic income via the GoodDollar token (“G$ coin”). Its goal is to provide a baseline standard of living and reduce wealth inequality through the creation of a universal basic income (UBI). GoodDollar - gooddollar.org, White Paper - https://whitepaper.gooddollar.org/ LitePaper - https://litepaper.gooddollar.org/ ## Scope The Gooddollar Bug Bounty is limited to vulnerabilities affecting the gooddollar smart contracts: [DAO Contracts](https://github.com/GoodDollar/GoodContracts) [Staking model contracts](https://github.com/GoodDollar/GoodContracts/stakingModel) ## Awards The severity of bugs will be assessed under the [CVSS Risk Rating](https://www.first.org/cvss/calculator/3.0). Critical (9.0–10.0): Up to $10,000 High (7.0–8.9): Up to $5,400 Medium (4.0–6.9): Up to $2,800 Low (0.1–3.9): Up to $1,000 ## Disclosure Requirements Any vulnerability or bug discovered must be reported only to the following email: Hadar@gooddollar.org The bug must not be disclosed publicly or to any other person, entity or email address other than Hadar@gooddollar.org Please include as much detail about the vulnerability as possible including: - Conditions on which reproducing the bug is contingent. - Steps needed to reproduce the bug or, preferably, a proof of concept. - Implications of the vulnerability being abused. - Any bug reporter who reports a previously unreported bug that results in a change to the code or a configuration change and who keeps the vulnerability confidential until it has been resolved by our engineers will be recognized publicly for their contribution, if agreed. ## Eligibility To be eligible for a reward in the Gooddollar Bounty, you must: - Discover a previously unreported, non-public vulnerability that would result in a loss of or a lock of any token on Gooddollar (but not on any third party platform interacting with Gooddollar) and that is within the Scope mentioned above. - Provide sufficient information to enable our engineers to reproduce and fix the vulnerability. - Make a good faith effort to avoid privacy violations, destruction of data, interruption or degradation of Gooddollar. - Not submit a vulnerability caused by an underlying issue that is the same as an issue on which a reward has been paid under the bounty program. ## Other Terms All reward decisions, including eligibility for and amounts of the rewards and the manner in which such rewards will be paid, are made at our sole discretion. # Staking Model Contracts Docs - [Terms](#Terms) - [Architecture diagram](#Architecture-Diagram) - [Money flow description](#Money-flow-in-the-GoodDollar-ecosystem) - [Contracts & API](#Contracts-&-API) # Terms ## UBI Supporters People who are staking their crypto to Goodstaking, willing to accept G$ instead of the originally used crypto ## GoodStaking Smart Contract a smart contract who: (a) receives cryptocurrencies from the Stakers and sends it to the third party protocol; (b) issue the GoodStaking record to the Stakers and accept the transactions from the stakers and sends them the principle deposited; (c) receive the Interest out directly from the thrid party protocols and automatically transfer it to the Reserve. **For now - the interest can only be donated to the reserve, and no G$ is minted in returen** ## Third party protocol an existing algorithmic autonomous interest bearing protocol developed by third parties where Stakers can deposit cryptocurrencies and earn interest. ## Bancor™ Formula An automatic pricing formula which balances supply and demand for the Smart Token while holding a constant ratio between a Smart Token’s total value (market cap) and its connector token balances (see more [here](https://support.bancor.network/hc/en-us/articles/360000503372-How-does-automatic-pricing-and-market-making-work-)). ## Claimers users of the GoodDollar wallet who claim daily GoodDollar Token(G$). ## GoodDAO decentralized and autonomous entity, eventually owned 100% by the community of GoodDollar users. - Controls the Goodreserve ## GoodDollar Token (G$) a digital currency, built initially on ETH blockchain technology and comply with ERC20 standard, with a reserve token attached to it - Initially CDAI. ## Reserve a smart contract with valuable foreign (not G$) cryptocurrencies in it. Users of the Gooddollar can buy or sell Gooddollar by depositing or withdrawing cryptocurrencies directly into or from the reserve (based on Bancor Formula, see above) ## UBI scheme A smart contract that collects the total minted Gooddollar, and distributed between all claimers that day. # Architecture Diagram ![](https://lh4.googleusercontent.com/4idyu8euLm3J7Yojk4GJA0gmp6JQHn4PkhTJvjGkkZFZ2ksDwNq7R0S87jUGDbCPcCzSKjaybmiOOKYawhUisGxsFsPyvckpCorY775mAfMSUTg4Rz9Zu3p-LZ8mo6jp9MrDuIQA) # Money flow in the GoodDollar ecosystem 1. Supporter stake his crypto currency to GoodStaking - For now - can only be DAI 2. Goodstaking deposits the crypto currency to a third party DEFI protocol - At the moment Compound 3. The third paty issue a staking Token (CDAI) 4. Goodstaking issues a non transferable record to the staking wallet. (supporter can withdraw at anytime) 5. FundManager(GoodDao) triggers a daily request to GoodStaking to collect earned interest 6. Goodstaking sends interest to good reserve 7. FundManager triggers the Reserve to mint and send the new minted G$ to the FundManager (Interest + UBI) 8. The interest is Sent back to the GoodStaking **- not active at the moment** 9. FundManager send G$ to the UBI scheme smart contract via Fuse token bridge 10. The G$ in the UBI scheme is divided between all "active" whitelisted users. Each user need to claim his share in the 24 hours window. # Contracts-&-API GoodDollar protocol is deployed both on Ethereum mainnet and on Fuse as a sidechain. Some contracts like the Reserve are only on mainnet and some contracts like the UBIScheme are only on the sidechain. The DAO and Token are deployed on both networks. - [Core Contracts](#Core-Contracts) - [Bridge Contracts](#Token-Bridge-Contracts) - [DAO Contracts](#DAO-Contracts) ## Core Contracts | Contract | Mainnet | Fuse | Source code | |-------------------------|-----------------------------------------------------------------------------------------------------------------------|---------------------------------------------------------------------------------------------------------------------------|------------------------------------------------------------------------------------| | [GoodDollar ERC20](#GoodDollar-ERC20) | [0x67C5870b4A41D4Ebef24d2456547A03F1f3e094B](https://etherscan.io/address/0x67C5870b4A41D4Ebef24d2456547A03F1f3e094B) | [0x495d133B938596C9984d462F007B676bDc57eCEC](https://explorer.fuse.io/address/0x495d133b938596c9984d462f007b676bdc57ecec) | [GoodDollar.sol](/contracts/token/GoodDollar.sol) | | [Identity](#Identity) | [0x76e76e10Ac308A1D54a00f9df27EdCE4801F288b](https://etherscan.io/address/0x76e76e10Ac308A1D54a00f9df27EdCE4801F288b) | [0xFa8d865A962ca8456dF331D78806152d3aC5B84F](https://explorer.fuse.io/address/0xFa8d865A962ca8456dF331D78806152d3aC5B84F) | [Identity.sol](/contracts/identity/Identity.sol) | | [GoodStaking](#GoodStaking) | [0xEa12bB3917cf6aE2FDE97cE4756177703426d41F](https://etherscan.io/address/0xEa12bB3917cf6aE2FDE97cE4756177703426d41F) | | [SimpleDAIStaking.sol](/contracts/stakingModel/SimpleDAIStaking.sol) | | [GoodReserve](#GoodReserve) | [0x5C16960F2Eeba27b7de4F1F6e84E616C1977e070](https://etherscan.io/address/0x5C16960F2Eeba27b7de4F1F6e84E616C1977e070) | | [GoodReserveCDAI.sol](/contracts/stakingModel/GoodReserveCDAI.sol) | | [GoodFundManager](#GoodFundManager) | [0xbDFD60f3aE73329D33ebe17d78383DEfd72643Ad](https://etherscan.io/address/0xbDFD60f3aE73329D33ebe17d78383DEfd72643Ad) | | [GoodFundManager.sol](/contracts/stakingModel/GoodFundManager.sol) | | [GoodMarketMaker](#GoodMarketMaker) | [0xEDbE438Cd865992fDB72dd252E6055A71b02BE72](https://etherscan.io/address/0xEDbE438Cd865992fDB72dd252E6055A71b02BE72) | | [GoodMarketMaker.sol](/contracts/stakingModel/GoodMarketMaker.sol) | | [ContributionCalculation](#ContributionCalculation) | [0x8eEC64bb6807c0178f96277cCE6a334B4e565E5C](https://etherscan.io/address/0x8eEC64bb6807c0178f96277cCE6a334B4e565E5C) | | [ContributionCalculation.sol](/contracts/stakingModel/ContributionCalculation.sol) | | [UBIScheme](#UBIScheme) | | [0xAACbaaB8571cbECEB46ba85B5981efDB8928545e](https://explorer.fuse.io/address/0xAACbaaB8571cbECEB46ba85B5981efDB8928545e) | [UBIScheme.sol](/contracts/stakingModel/UBIScheme.sol) | | [FirstClaimPool](#FirstClaimPool) | | [0x18BcdF79A724648bF34eb06701be81bD072A2384](https://explorer.fuse.io/address/0x18BcdF79A724648bF34eb06701be81bD072A2384) | [FirstClaimPool.sol](/contracts/stakingModel/FirstClaimPool.sol) | | [AdminWallet](#AdminWallet) | | [0x9F75dAcB77419b87f568d417eBc84346e134144E](https://explorer.fuse.io/address/0x9F75dAcB77419b87f568d417eBc84346e134144E) | [FirstClaimPool.sol](/contracts/wallet/AdminWallet.sol) | | [OneTimePayments](#OneTimePayments) | | [0xd9Aa86e0Ddb932bD78ab8c71C1B98F83cF610Bd4](https://explorer.fuse.io/address/0xd9Aa86e0Ddb932bD78ab8c71C1B98F83cF610Bd4) | [OneTimePayments.sol](/contracts/dao/schemes/OneTimePayments.sol) | ### GoodDollar ERC20 The GoodDollar token follows the erc20 standard and also supports erc677. ### Identity The identity contract controls which addresses are whitelisted to "Claim" UBI. #### Face Verification Currently the GoodDollar Foundation is whitelisting users based on user prooving he signed up with a live and unique face. Since the user facial details are anonymized in order to allow the user to create a new account in case he is unable to recover his wallet, facial details are deleted after `authenticationPeriod` and users are required to perform face verification again every `authenticationPeriod` days. #### Social Profile Each address is linked to the user public profile as created in the wallet. The DID is the node id in the public p2p GunDB database. Mappings from wallet address to DID are held in `addrTODID` ```solidity= /* * @dev Returns true if given address has been added to whitelist * @param account the address to check * @return a bool indicating weather the address is present in whitelist */ function isWhitelisted(address account) public view returns (bool) /* * @dev Function that gives the date the given user was added * @param account The address to check * @return The date the address was added */ function lastAuthenticated(address account) public view returns (uint256) /* the number of days an authentication is valid for*/ uint256 public authenticationPeriod mapping(address => string) public addrToDID; ``` ### GoodStaking UBI Supporters can stake crypto which is then invested in DEFI protocols. The FundManager has permissions to collect gained interest from this contract. ```solidity= /** * @dev Allows a staker to deposit DAI tokens. Notice that `approve` is * needed to be executed before the execution of this method. * Can be executed only when the contract is not paused. * @param _amount The amount of DAI to stake */ function stakeDAI(uint256 _amount) public whenNotPaused /** * @dev Withdraws the sender staked DAI. */ function withdrawStake() public ``` ### GoodReserve The reserve mints G$ based on interest transfered from the FundManager, only the FundManager can trigger minting. The reserve also acts as the GoodDollar liquidity pool and AMM (Automatic Market Maker) and exposes methods to buy and sell G$s. ```solidity= /** * @dev Converts `buyWith` tokens to GD tokens and updates the bonding curve params. * `buy` occurs only if the GD return is above the given minimum. It is possible * to buy only with cDAI and when the contract is set to active. * MUST `approve` prior this action to allow this contract to accomplish the * conversion. * @param _buyWith The tokens that should be converted to GD tokens * @param _tokenAmount The amount of `buyWith` tokens that should be converted to GD tokens * @param _minReturn The minimum allowed return in GD tokens * @return (gdReturn) How much GD tokens were transferred */ function buy(ERC20 _buyWith,uint256 _tokenAmount,uint256 _minReturn) public requireActive onlyCDai(_buyWith) returns (uint256) /** * @dev Converts GD tokens to `sellTo` tokens and update the bonding curve params. * `sell` occurs only if the token return is above the given minimum. Notice that * there is a contribution amount from the given GD that remains in the reserve. * It is only possible to sell to cDAI and only when the contract is set to * active. MUST make call to G$ `approve` prior to this action to allow this * contract to accomplish the conversion. * @param _sellTo The tokens that will be received after the conversion * @param _gdAmount The amount of GD tokens that should be converted to `_sellTo` tokens * @param _minReturn The minimum allowed `sellTo` tokens return * @return (tokenReturn) How much `sellTo` tokens were transferred */ function sell( ERC20 _sellTo, uint256 _gdAmount, uint256 _minReturn ) public requireActive onlyCDai(_sellTo) returns (uint256) /** * @dev Current price of GD in `token`. currently only cDAI is supported. * @param _token The desired reserve token to have * @return price of GD */ function currentPrice(ERC20 _token) public view returns (uint256) ``` ### GoodFundManager Has permissions to collect interest from the GoodStaking contract and permissions to tell GoodReserve to mint. Anyone can trigger the collection and minting process ```solidity= /** * @dev Collects UBI interest in cDai from a given staking contract and transfers * that interest to the reserve contract. Then transfers the gd * received from the reserve contract back to the staking contract and to the * bridge, which locks the funds and then same amount of G$ tokens are minted to the * ubiRecipient address on the sidechain * * @param _staking Contract that implements `collectUBIInterest` and transfer cDai to * a given address. The given address should be the same whitelisted `reserve` * address in the current contract, in case that the given staking contract transfers * the funds to another contract, zero GD tokens will be minted by the reserve contract. * Emits `FundsTransferred` event in case which interest has been passed to the `reserve` */ function transferInterest(StakingContract _staking) public requireActive reserveHasInitialized requireDAOContract(address(_staking)) ``` ### UBIScheme Holds all the G\$s that were transfered via bridge from the FundManager. The pool of G$s is divided daily by the amount of current active users. Each active user can then "claim" his quota. If a user fails to claim his quota it becomes part of the next day UBI pool. ```solidity= /** * @dev Checks the amount which the sender address is eligible to claim for, * regardless if they have been whitelisted or not. * @return The amount of GD tokens the address can claim. */ function checkEntitlement() public view requireActive returns (uint256) /** * @dev Function for claiming UBI. Requires contract to be active and claimer to be whitelisted. * Calls distributionFormula, calculats the amount the caller can claim, and transfers the amount * to the caller. Emits the address of caller and amount claimed. * @return A bool indicating if UBI was claimed */ function claim() public requireActive onlyWhitelisted returns (bool) /** * @dev In order to update users from active to inactive, we give out incentive to people * to update the status of inactive users, this action is called "Fishing". Anyone can * send a tx to the contract to mark inactive users. The "fisherman" receives a reward * equal to the daily UBI (ie instead of the “fished” user). User that “last claimed” > 14 * can be "fished" and made inactive (reduces active users count by one). Requires * contract to be active. * @param _account to fish * @return A bool indicating if UBI was fished */ function fish(address _account) public requireActive returns (bool) /** * @dev executes `fish` with multiple addresses. emits the number of users from the given * array who actually been tried being fished. * @param _accounts to fish * @return A bool indicating if all the UBIs were fished */ function fishMulti(address[] memory _accounts) ``` ### OneTimePayments Payments on the GoodDollar wallet are done via payment links. G$s are held in escrow and the recipient can retrieve the funds if he has the key. While the money is in escrow the sender can choose to cancel the payment and retrieve the funds. Based on [Celo's](https://github.com/celo) payments contract ```solidity= /* * @dev ERC677 on token transfer function. When transferAndCall is called on this contract, * this function is called, depositing the payment amount under the hash of the given bytes. * Reverts if hash is already in use. Can only be called by token contract. * @param sender the address of the sender * @param value the amount to deposit * @param data The given paymentId which should be a fresh public key */ to deposit a payment to a one time payment address call: GoodDollar.transferAndCall(value,data) this will trigger OneTimePayments onTokenTransfer /* @dev Withdrawal function. * allows the sender that proves ownership of paymentId to withdraw * @param paymentId the address of the public key that the * rightful receiver of the payment knows the private key to * @param signature the signature of a the message containing the msg.sender address signed * with the private key. */ function withdraw(address paymentId, bytes memory signature) public onlyRegistered /* @dev Cancel function * allows only creator of payment to cancel * @param paymentId The paymentId of the payment to cancelæ */ function cancel(address paymentId) public ``` ### GoodMarketMaker Helper contract for the GoodReserve. ### ContributionCalculation Helper contract for calculating the exit contribution (ie when selling G$ back to the reserve) ### FirstClaimPool Helper contract for UBIScheme. Manually funded by the Foundation to give 1G$ for "inactive" users when they claim. Since a new user (inactive) becomes active and eligible to claim UBI only in the next UBI epoch. So for new users not go empty handed on their first claim we give out a 1G$. ### AdminWallet Helper contract for our backend servers to whitelist users and to fill their Fuse network gas. ## Token Bridge Contracts Bridge contracts were developed by [Fuse](https://fuse.io) | Contract | Mainnet | Fuse | Source Code | |-------------------------------|-----------------------------------------------------------------------------------------------------------------------|---------------------------------------------------------------------------------------------------------------------------|-------------------------------------------------------------------------------------------------------------------------------------------------------------------| | ForeignBridge (mainnet -> fuse) | [0x17B09b22823F00BB9b8ee2d4632E332cadC29458](https://etherscan.io/address/0x17B09b22823F00BB9b8ee2d4632E332cadC29458) | | [ForeignBridgeErcToErc.sol](github/fuseio/fuse-bridge/multiple-erc20-to-erc20/contracts/contracts/upgradeable_contracts/erc20_to_erc20/ForeignBridgeErcToErc.sol) | | HomeBridge (fuse -> mainnet) | | [0xe24957CB0f0001A03314C72E6EBC331436e2f7F6](https://explorer.fuse.io/address/0xe24957CB0f0001A03314C72E6EBC331436e2f7F6) | [ HomeBridgeErcToErc.sol ](github/fuseio/fuse-bridge/multiple-erc20-to-erc20/contracts/contracts/upgradeable_contracts/erc20_to_erc20/HomeBridgeErcToErc.sol) | ## DAO Contracts DAO contracts were developed by [DAOStack](https://daostack.io) | Contract | Mainnet | Fuse | Source Code | |-----------------|-----------------------------------------------------------------------------------------------------------------------|---------------------------------------------------------------------------------------------------------------------------|--------------------------------------------------------------------------------------| | Controller | [0x95C0d9dCEA1E243ED696F34CAc5e6559C3c128a3](https://etherscan.io/address/0x95C0d9dCEA1E243ED696F34CAc5e6559C3c128a3) | [0xBcE053b99e22158f8B62f4DBFbEdE1f936b2D4e4](https://explorer.fuse.io/address/0xBcE053b99e22158f8B62f4DBFbEdE1f936b2D4e4) | [Controller.sol](github/daostack/arc/contracts/controller/Controller.sol) | | Avatar | [0x1ecFD1afb601C406fF0e13c3485f2d75699b6817](https://etherscan.io/address/0x1ecFD1afb601C406fF0e13c3485f2d75699b6817) | [0xf96dADc6D71113F6500e97590760C924dA1eF70e](https://explorer.fuse.io/address/0xf96dADc6D71113F6500e97590760C924dA1eF70e) | [Avatar.sol](github/daostack/arc/contracts/controller/Avatar.sol) | | Reputation | [0xCb4a6aF3b15D64E8f50B3cea54c4f481d9E434C1](https://etherscan.io/address/0xCb4a6aF3b15D64E8f50B3cea54c4f481d9E434C1) | [0x0be7C592374EE0bD0CcBFC76Be758a138BcaEc6E](https://explorer.fuse.io/address/0x0be7C592374EE0bD0CcBFC76Be758a138BcaEc6E) | [Reputation.sol](github/daostack/infra/contracts/Reputation.sol) | | SchemeRegistrar | [0x098148534aC15A44CFF52387bA81Ed929589eCAf](https://etherscan.io/address/0x098148534aC15A44CFF52387bA81Ed929589eCAf) | [0x12F706FaafCBf8093282Dba0c40eD0D4Eb5CAF54](https://explorer.fuse.io/address/0x12F706FaafCBf8093282Dba0c40eD0D4Eb5CAF54) | [SchemeRegistrar.sol](github/daostack/arc/contracts/universalSchemes/SchemeRegistrar.sol) | | AbsoluteVote | [0xf6b5F7a885CBc57d739aDBEe76E52A70Bc04D795](https://etherscan.io/address/0xCb4a6aF3b15D64E8f50B3cea54c4f481d9E434C1) | [0xf6b5F7a885CBc57d739aDBEe76E52A70Bc04D795](https://explorer.fuse.io/address/0x0be7C592374EE0bD0CcBFC76Be758a138BcaEc6E) | [AbsoluteVote.sol](github/daostack/infra/contracts/votingMachines/AbsoluteVote.sol) | | UpgradeScheme | [0xF9B357d83BDAD6881feb09d909095872B93203d0](https://etherscan.io/address/0xF9B357d83BDAD6881feb09d909095872B93203d0) | [0x653c67Be5b3739708e84B61641253822405d78D8](https://explorer.fuse.io/address/0x653c67Be5b3739708e84B61641253822405d78D8) | [UpgradeScheme.sol](github/daostack/arc/contracts/universalSchemes/UpgradeScheme.sol) |