0xOneTony
commented
5 months ago Which contract? @thelostone-mc
Closed thelostone-mc closed 4 months ago
0xOneTony
commented
5 months ago Which contract? @thelostone-mc
thelostone-mc
commented
5 months ago @0xOneTony This would on the strategies itself name: Direct Grants and DonationVotingMerkle For example -> you cannot decrease the pool funding. We had a bug in v1 where the UI assumed USDC as 18 decimals and the user ending up creating a round which they couldn't fund entierly and the bug was realised only after they had paritially funded the round
0xOneTony
commented
4 months ago Sharing our findings regarding this here too. @thelostone-mc
Function to recover funds is [present](https://github.com/allo-protocol/allo-v2/blob/c15b52ca356d69f36c35e73ff2d3cef66add8b93/contracts/core/Allo.sol#L270), no action needed
Function to recover funds is [present](https://github.com/allo-protocol/allo-v2/blob/c15b52ca356d69f36c35e73ff2d3cef66add8b93/contracts/core/Registry.sol#L392), no action needed
Function to recover funds is [present](https://github.com/allo-protocol/allo-v2/blob/c15b52ca356d69f36c35e73ff2d3cef66add8b93/contracts/core/Anchor.sol#L73), no action needed
Function to recover funds is [present](https://github.com/allo-protocol/allo-v2/blob/c15b52ca356d69f36c35e73ff2d3cef66add8b93/contracts/strategies/direct-grants-lite/DirectGrantsLite.sol#L292), no action needed
Function to recover funds is [present](https://github.com/allo-protocol/allo-v2/blob/c15b52ca356d69f36c35e73ff2d3cef66add8b93/contracts/strategies/donation-voting-merkle-base/DonationVotingMerkleDistributionBaseStrategy.sol#L420), no action needed. (Altought
allocationEndTime + 30 daysis required).
Function to recover funds is [present](https://github.com/allo-protocol/allo-v2/blob/c15b52ca356d69f36c35e73ff2d3cef66add8b93/contracts/strategies/donation-voting-merkle-base/DonationVotingMerkleDistributionBaseStrategy.sol#L420) in the abstract, no action needed. (Altought
allocationEndTime + 30 daysis required).
Possible edge-case:
claim() funds are going to a different address.A function to recover funds is [present](https://github.com/allo-protocol/allo-v2/blob/c15b52ca356d69f36c35e73ff2d3cef66add8b93/contracts/strategies/donation-voting-merkle-base/DonationVotingMerkleDistributionBaseStrategy.sol#L420) in the abstract but only the non-allocated funds can be retrieved. Then a function with a timelock to retrieve allocated funds is needed or a function to modify a recipient after allocation.
Function to recover funds is [present](https://github.com/allo-protocol/allo-v2/blob/c15b52ca356d69f36c35e73ff2d3cef66add8b93/contracts/strategies/easy-rpgf/EasyRPGFStrategy.sol#L21), no action needed
Function to recover funds is [present](https://github.com/allo-protocol/allo-v2/blob/c15b52ca356d69f36c35e73ff2d3cef66add8b93/contracts/strategies/qv-base/QVBaseStrategy.sol#L336), no action needed. (Altought
allocationEndTime + 30 daysis required).
Function to recover funds is [present](https://github.com/allo-protocol/allo-v2/blob/c15b52ca356d69f36c35e73ff2d3cef66add8b93/contracts/strategies/qv-base/QVBaseStrategy.sol#L336) in the abstract, no action needed. (Altought
allocationEndTime + 30 daysis required).
Function to recover funds is [present](https://github.com/allo-protocol/allo-v2/blob/c15b52ca356d69f36c35e73ff2d3cef66add8b93/contracts/strategies/qv-base/QVBaseStrategy.sol#L336), no action needed. (Altought
allocationEndTime + 30 daysis required).
Function to recover funds is [present](https://github.com/allo-protocol/allo-v2/blob/c15b52ca356d69f36c35e73ff2d3cef66add8b93/contracts/strategies/rfp-simple/RFPSimpleStrategy.sol#L309) in the contract, no action needed
Evaluate and ensure we have no situations where funds are stuck on the contract