Skip to content

Latest commit

 

History

History
173 lines (108 loc) · 3.75 KB

README.md

File metadata and controls

173 lines (108 loc) · 3.75 KB

Windranger Treasury

Inbound and outbound treasury

Development Process

Development follows these processes outlined in development process

Setup

Install

To retrieve the project dependencies and before any further tasks will run correctly

npm ci

Husky Git Commit Hooks

To enable Husky commit hooks to trigger the lint-staged behaviour of formatting and linting the staged files prior before committing, prepare your repo with prepare.

npm run prepare

Build and Test

npm run build
npm test

If you make changes that don't get picked up then add a clean into the process

npm run clean
npm run build
npm test

Hardhat

If you want to avoid using the convience scripts, then you can execute against Hardhat directly.

All tests

Target to run all the mocha tests found in the /test directory, transpiled as necessary.

npx hardhat test

Single test

Run a single test (or a regex of tests), then pass in as an argument.

 npx hardhat test .\test\sample.test.ts

Scripts

The TypeScript transpiler will automatically as needed, execute through HardHat for the instantiated environment

npx hardhat run .\scripts\bond-deploy.ts

Logging

Logging is performed with Bunyan

Bunyan CLI

To have the JSON logging output into a more human-readable form, pipe the stdout to the Bunyan CLI tool.

npx hardhat accounts | npx bunyan

Deploy & Test contracts locally

The contracts can be deployed locally and their behaviour verified using our local deploy scripts

Deploy & Test contracts on a RPC endpoint

The contracts can be deployed locally and their behaviour verified using our remote deploy scripts

Solidity Static Analysis

We use the Trail of Bits Solidity static analyzer Slither.

Local

Install

With Python 3 in your environment, install using the Python package manager pip3:

pip3 install slither-analyzer

Run

When at the project root, to run and exclude BitDao.sol, anything containing the path contracts\treasury or node_modules:

slither . --filter-paths "BitDAO.sol|contracts/treasury|node_modules"

Alternatively to run using a slither.json config file:

slither . --config-file slither.json

Docker

The Trail of Bits toolbox image contains a number of applications (including Slither).

Install

With Docker in your environment, install the image from DockerHub:

docker pull trailofbits/eth-security-toolbox

Run

To start a new container with your local source mounted/accessible within the container: (replacing <ABSOLUTE_PATH_TO_WORKING_DIRECTORY> with the absolute path to the project working directory)

docker run -it --mount type=bind,source=<ABSOLUTE_PATH_TO_WORKING_DIRECTORY>,destination=/home/ethsec/test-me trailofbits/eth-security-toolbox

The container will automatically start and log you in, with the project code located in test-me. Navigate into the test-me directory and run the static analysis:

cd test-me
slither . --filter-paths "BitDAO.sol|contracts/treasury|node_modules"

Alternatively to run using a slither.json config file:

cd test-me
slither . --config-file slither.json

Tools

Contract sizing

The size of all contract can be display in a table using a custom task that runs under yarn

yarn run hardhat size-contracts

Solidity Documentation Generation

Markdown files can be generated from the Solidity files

npx hardhat docgen

The output mirrors the Solidity file structure and will be found at ./solidity-docs.