objkt-swap

sell orders implementing xtz:FA2 and FA2:FA2 swaps

__ /_/ __ ______ ____ / /__ __ / /__ /_ __/ / / / / / / / _/ / / /___/ /____/ / / /_/\_\ /_/ _/ / /__/

https://smartpy.io/ide?cid=QmRYjwUTq9Sezc6LDuHDTGxFHXbsJkuyXjZ7sA2GKe1DSP&k=ef5568debf706a187102

hDAO: KT1AFA2mwNUMNd4SsujE1YYp29vd8BZejyKW token id 0 metadata ipfs://QmSVsfwH8es7Ur2eqto9hVpcd2dfWASmEaNxTPpcymuJzg OBJKT-hDAO Curation: KT1TybhR7XraG75JFYKSrh7KnxukMBT5dor6 Hic et Nunc Minter (OBJKT Swap v1): KT1Hkg5qeNhfwpKW4fXvq7HGZB9z2EnmCCA9 OBJKTs: KT1RJ6PbjHpwc3M5rw5s2Nbmefwbuwbdxton (DEPRECATED. WE ASK FOR APPLICATIONS TO STOP DIRECTING TRAFIC TO SUCH CONTRACT) SUBJKTs: KT1My1wDZHDGweCrJnQJi3wcFaS67iksirvj Hic et nunc Unregistry: KT1WN8NrfvH18g7uiBY62ThcNpq3ggqfubhE Hic et nunc Markeplace (OBJKT Swap v2): KT1HbQepzV1nVGg8QVznG7z4RcHseD5kwqBn hDAO Marketplace (OBJKT Swap v2.1): KT1QPvv7sWVaT9PcPiC4fN9BgfX8NB2d5WzL

references

TZIP-12 FA2 Multi-Asset Interface
TZIP-21 Rich Metadadata

MIT license

disclaimer: no forks or alternative services are endorsed or have any association to the present project.

Issues

v3

opened on 2022-01-30 07:01:12 by crzypatchwork

for a v3 having a royalty registry contract for objkts and/or a new FA2 where such info can be obtained through on-chain views from the marketplace contract

Fa2.py update_operators permissions issue

opened on 2021-11-10 10:35:32 by pravin-d

https://github.com/hicetnunc2000/objkt-swap/blob/1d2ad692b945be35ec87a6e3e29270de18f5f4a8/smart-py/fa2.py#L501

The update_operators() endpoint - checks if the owner == sender for a given objkt_id or if the sender is an admin. However I'm not able to see a check which actually checks the bigMap to see if the sender is actually owns the objkt. Is it possible to call the contract endpoint (Fa2.update_operators()) directly using custom UI or Taquito and add oneself as the operator to any arbitrary objkt ? If I'm missing something in terms of understanding the flow, please do let me know

royalty issue with swaps

opened on 2021-08-06 14:20:44 by benjamin-wilson

I was reviewing objkt-swap_v2_1.py and noticed that by specifying the swap royalties and creator via input parameters could result in either stiffing the creator fees or redirecting the fees to the address of the swappers choosing.

def swap(self, params): ... self.data.swaps[self.data.counter] = ... royalties=params.royalties, creator=params.creator)

``` def collect(self, params): ... self.royalties = self.data.swaps[params.swap_id].royalties * self.fee / (self.data.swaps[params.swap_id].royalties + self.data.fee)

send royalties to NFT creator

sp.send(self.data.swaps[params.swap_id].creator, sp.utils.nat_to_mutez(self.royalties)) ```

This should instead reference the royalty fees and creator address set on the minter (Hic et Nunc Minter (OBJKT Swap v1): KT1Hkg5qeNhfwpKW4fXvq7HGZB9z2EnmCCA9)

v1 post mortem and v2 migration

opened on 2021-06-28 16:08:55 by crzypatchwork

"They have already served, indeed have already been overcome." -- Brecht

Due an exploit in our marketplace smart contract we've been currently working torwards a contract migration. A detailed report can be found at: https://docs.google.com/document/d/1eZgAotkL3s0M9Dc3RahDWcXarFH0dR9_CMzQsvU6mYk Attackers would take possession of assets under the marketplace custody due such exploit.

We've updated the manager of the main smart contract and inactivated all listings as an immediate response (https://better-call.dev/mainnet/opg/opaD3kRPZ8SAB9F24msb68LnvgFpaDL9cx4Y7nguaofKCBaoomh), which would diminish such exploit as far as we know. Such response was taken in the best habil time we could have handled, being the only way found to stop the vulnerability across the whole protocol. We're sorry about such event, and we are open for discussing solutions for those who were affected.

We hope to keep optimizing the protocol, presenting a new set of smart contracts possibly by early July. We also have other challenges that just the improvement of a protocol might not be able to solve. It's each one's responsibility though to remain true to it's own values. Minting is still available even though it's subject to changes.

To better protect your assets and to assist on the migration we ask one to visit the 'v1 swaps' tab under your profile. https://hicetnunc.xyz/tz/<address>/v1

auditing tools can be found at: https://www.hictory.xyz/ https://nftbiker.xyz/

Releases

fa2:fa2 swaps 2021-07-20 06:18:35

objkt : any fa2 token swap

2021-07-14 18:38:34

2021-06-04 21:05:33

2021-02-21 00:44:13

prototype

xtz:objkt swap 2021-01-29 21:50:42

0.5 xtz swap cost

time frames design 2020-11-28 01:23:44