Create a crowdfunding page for projects renewing/buying the core

[poppyseedDev]

Create solidity smart contracts that will make it possible for people to crowdfunding their core renewal, yes it will be permissioned for start. But that's why people who create crowdfunding pages have to have a lot of details which will be partially stored on the backend partiality in the smart contracts.

• [x] #84
• [ ] #85
• [ ] #86
• [ ] #87

Note Once you take on this PR paste a comment with your hand -> ✋ so that people know that someone is working on this issue.

[ltfschoen]

I did a quick review this Crowdfunding.sol contract https://github.com/LasticXYZ/ext-contracts/blob/main/src/Crowdfunding.sol and have some comments.

1) Shouldn't it have a fallback function that also calls the contribute function? e.g.

fallback() external payable {
  contribute(msg.value);
}
receive() external payable {}

2) What doesn't it require the owner that created the Crowdfunding contract to specify a different account (e.g. a beneficiary) to payout the total contributions (totalContributed) to, or at least give them the option to provide a different account for the payout? Since at the moment, if the owner's account got hacked, then the hackers could be able to also steal all the contributed funds from the Crowdfunding smart contract that they created too. With the suggested change, hackers would have to compromise both the owner account and the payout account to steal the funds stored in the contract.

3) Why does the contribute function allow contributions to be provided that exceed the goal? If someone contributed 120 but they only needed 80 to reach the goal, and 50 had already been raised by other contributors, why would it still accept the 120 and have raised 40 more than it needed to? Why wouldn't it only accept a proportion (i.e. 80 - 50 = 30) of the contribution that was still required? For example, if someone accidentally contributed too much, before they could fix the error by withdrawing the amount they contributed, the owner could quickly payout the total contributed amount that was more than the goal and more than the actual cost of the core to themselves and choose not to return the excess amount that the contributor accidentally contributed. e.g.

function contribute(uint256 _amount) public payable {
        ...
        require(_amount > 0, "Contribution must be greater than 0");
        remainder = goal - totalContributed;
        contribution = _amount;
        if (contribution > remainder) {
          contribution = remainder;
        }
        contributions[msg.sender] = contributions[msg.sender] + (contribution);
        totalContributed = totalContributed + (contribution);

4) Why doesn't it allow contributors to withdraw a specific amount rather than the whole amount that they contributed? For example, if they contributed more than the goal accidentally or more than they meant to, then to make the adjustment, they'd have to make two transactions instead of one (e.g. they'd have to withdraw their whole contribution, and then make a new contribution with the lesser amount, rather than just being able to withdraw a proportion of their current contribution). e.g.

function contribute(uint256 _amount) public payable {
  ...
  require(_amount > 0, "Contribution must be greater than 0");
  require(msg.sender.balance >= _amount, "Insufficient balance for contribution");
  contributions[msg.sender] = contributions[msg.sender] + (_amount);
  totalContributed = totalContributed + (_amount);
  emit ContributionReceived(msg.sender, _amount);
...

5) Why aren't the payout and purchaseCore functions protected with the modifier onlyOwner? e.g. function payout() public onlyOwner { and function purchase_core() internal {

6) Why isn't it possible to create a crowdfund with a goal of 0? If it were possible to buy a core for 0, and a user wanted to buy that core but not with their own funds of 0, but instead only through a crowdfund (maybe they intend to airdrop their own tokens to those that contribute to the crowdfund by paying transaction fees even if the contribution is 0), but they didn't want to buy it without first doing a crowdfund to raise 0 for it (e.g. they may work somewhere like they run a foundation where they have strict processes that state they can't purchase anything without first trying to raise funds for it and needing to provide evidence of that, even if it means paying transaction fees to raise 0 where contributors are also willing to pay transaction fees to contribute 0), then why isn't it possible to create a crowdfund with a goal of 0, where you allow contributions of 0, withdrawals of 0, and where they can payout 0 to purchase the core for 0?

[noahjoeris]

Hey @ltfschoen Thanks a lot for the input, appreciate it. You raised many valid points. I will update the contract with your suggestions 👍🏻

[poppyseedDev]

@ltfschoen thanks so much for your feedback! We will check it more thoroughly after the Kusama launch settles down :)