Kread Code Review of Contract Code

[aj-agoric]

What is the Problem Being Solved?

To support go-live of a Reference Partner's Kread dapp as outlined in the Partner Go Live Checklist
Task: Code review the contract code which will be deployed to chain.
Purpose: Audit to raise confidence that contract implements desired behavior, is upgradable, properly uses durability & virtualization, doesn’t have bugs like infinite loops.
Instructions: OpCo engineers to arrange review with partner via Slack.

Description of the Design

Security Considerations

Scaling Considerations

Test Plan

Upgrade Considerations

[dckc]

minting

based on 5651c94

sequenceDiagram
  actor player
   note right of player: smartWallet

  participant zoe
  participant kread

    player->>kread: makeMintCharacterInvitation()
    kread-->>player: inv1
    player->>zoe: offer(inv1, { want: { name: 'Fred' } })
    zoe-->>kread: handle(seat1, { want: { name: 'Fred' } })
    kread-->>kread: random character attributes
    kread-->>vstorage: updateMetrics('character', ...)
    kread-->>zoe: zcfMint(character)
    zoe-->>player: { payouts: character }

Loading

minting and offer-safety

offer safety of character minting looks a lot like #2349 - that is: it would probably need amount patterns (#2230)

[dckc]

just opened

• fix: get issuers, brands via zoe getTerms rather than contract Kryha/KREAd#11 to address
  • getTokenInfo() subsumed by E(zoe).getTerms(instance) Kryha/KREAd#7

[dckc]

fix: get paymentBrand from Money issuer
Rather than a separate term for the paymentBrand, use the brands
provided by Zoe derived from issuers provided to startInstance().
This ensures that the contract is doing business in the same
brand for which Zoe is providing offer safety.
agoric-labs/KREAd@c38ea00

[dckc]

Several of us spent most of the last few days working closely with the Kryha on the contract. I'm satisfied that it poses at most acceptable risks to the chain.

for reference: https://github.com/Kryha/KREAd , currently 875f5de