sell orders implementing xtz:FA2 and FA2:FA2 swaps
__ /_/ __ ______
____ / /__ __ / /__ /_ __/
/ / / / / / / _/ / /
/___/ /____/ / / /_/\_\ /_/
hDAO: KT1AFA2mwNUMNd4SsujE1YYp29vd8BZejyKW token id 0 metadata ipfs://QmSVsfwH8es7Ur2eqto9hVpcd2dfWASmEaNxTPpcymuJzg
OBJKT-hDAO Curation: KT1TybhR7XraG75JFYKSrh7KnxukMBT5dor6
Hic et Nunc Minter (OBJKT Swap v1): KT1Hkg5qeNhfwpKW4fXvq7HGZB9z2EnmCCA9
OBJKTs: KT1RJ6PbjHpwc3M5rw5s2Nbmefwbuwbdxton (DEPRECATED. WE ASK FOR APPLICATIONS TO STOP DIRECTING TRAFIC TO SUCH CONTRACT)
Hic et nunc Unregistry: KT1WN8NrfvH18g7uiBY62ThcNpq3ggqfubhE
Hic et nunc Markeplace (OBJKT Swap v2): KT1HbQepzV1nVGg8QVznG7z4RcHseD5kwqBn
hDAO Marketplace (OBJKT Swap v2.1): KT1QPvv7sWVaT9PcPiC4fN9BgfX8NB2d5WzL
TZIP-12 FA2 Multi-Asset Interface
TZIP-21 Rich Metadadata
disclaimer: no forks or alternative services are endorsed or have any association to the present project.
for a v3 having a royalty registry contract for objkts and/or a new FA2 where such info can be obtained through on-chain views from the marketplace contract
The update_operators() endpoint - checks if the owner == sender for a given objkt_id or if the sender is an admin. However I'm not able to see a check which actually checks the bigMap to see if the sender is actually owns the objkt. Is it possible to call the contract endpoint (Fa2.update_operators()) directly using custom UI or Taquito and add oneself as the operator to any arbitrary objkt ? If I'm missing something in terms of understanding the flow, please do let me know
I was reviewing objkt-swap_v2_1.py and noticed that by specifying the swap royalties and creator via input parameters could result in either stiffing the creator fees or redirecting the fees to the address of the swappers choosing.
def swap(self, params):
self.data.swaps[self.data.counter] = ... royalties=params.royalties, creator=params.creator)
``` def collect(self, params): ... self.royalties = self.data.swaps[params.swap_id].royalties * self.fee / (self.data.swaps[params.swap_id].royalties + self.data.fee)
sp.send(self.data.swaps[params.swap_id].creator, sp.utils.nat_to_mutez(self.royalties)) ```
This should instead reference the royalty fees and creator address set on the minter (Hic et Nunc Minter (OBJKT Swap v1): KT1Hkg5qeNhfwpKW4fXvq7HGZB9z2EnmCCA9)
"They have already served, indeed have already been overcome." -- Brecht
Due an exploit in our marketplace smart contract we've been currently working torwards a contract migration. A detailed report can be found at: https://docs.google.com/document/d/1eZgAotkL3s0M9Dc3RahDWcXarFH0dR9_CMzQsvU6mYk Attackers would take possession of assets under the marketplace custody due such exploit.
We've updated the manager of the main smart contract and inactivated all listings as an immediate response (https://better-call.dev/mainnet/opg/opaD3kRPZ8SAB9F24msb68LnvgFpaDL9cx4Y7nguaofKCBaoomh), which would diminish such exploit as far as we know. Such response was taken in the best habil time we could have handled, being the only way found to stop the vulnerability across the whole protocol. We're sorry about such event, and we are open for discussing solutions for those who were affected.
We hope to keep optimizing the protocol, presenting a new set of smart contracts possibly by early July. We also have other challenges that just the improvement of a protocol might not be able to solve. It's each one's responsibility though to remain true to it's own values. Minting is still available even though it's subject to changes.
To better protect your assets and to assist on the migration we ask one to visit the 'v1 swaps' tab under your profile.
auditing tools can be found at: https://www.hictory.xyz/ https://nftbiker.xyz/
objkt : any fa2 token swap
0.5 xtz swap cost
smart contracts and distributed systems designsGitHub Repository
smart-contract michelson tezos-blockchain atomic-swap tezos