Bundles allows token holders to use their Crypto prediction skills to choose which cryptocurrencies will perform best over the following 6 days. Out of 10 popular cryptocurrencies, $BUND token holders can choose to stake their tokens on a single asset or a ‘Bundle’ of assets to achieve the highest returns during the staking period. Depending upon the performance of your $BUND tokens staked in relation to the other $BUND tokens staked over the 6 day period, you will either increase or decrease your token holdings.
Note: This is the second audit we have completed for the Bundles team. For this audit we confirmed our prior findings on Bundles' token contracts and analyzed the team's liquidty pool and updated staking contracts. This audit arose after the dev team introduced potentially malicious code into the prior staking contracts after our first audit was complete (details on what happened here). Users should unstake from the old pools and move their tokens to the new pools. At the time of writing this, ~1.5k USD of value remains in the vulnerable contracts, and no malicious actions have been taken or funds lost.
There are 3 differences between the high and low risk pools:
The high risk pool allows users to win/lose up to 40% as opposed to 4% on the low-risk pool. The team controls the system that determines winners; calculate your personal risk tolerance accordingly. The team is public and appears trustworthy.
The high risk pool's developer fee is 1% of BUND winnings as opposed to 10% in the low risk pool.
The high risk pool allows the team to create new bundles after 2 days, as opposed to 3..
Audit Findings:
Summary: No issues from outside attackers were identified.
Ensure trust in the project team. If the team acts maliciously the code restricts them from misappropriating more than 4% of user's staked funds in the low-risk pool and 40% in the high-risk pool.
Date: December 5th, 2020.
The BUND token contract is secure and cannot be minted after deployment.
Bundles' development team previously added a drain() function after our audit was complete without informing us. We alterted the community and subsequently helped the team to update their contracts to make them safe. Verify the contracts to be invested in are the same as those verified by our team above.
The logic that manages the ecosystem is run on an off-chain NodeJS server hosted on AWS. The owner-restricted functions of the contracts are called by this server using a privatekey stored on the server in order to determine prices and update user balances. If this AWS account of its owner were compromised, user funds would be at risk.
Mitigation measure: We pointed out this potential issue to the team and their innovative solution (to be deployed shortly) limits the risk of a compromised key to only 4% of user's funds (Now 40% in the high-risk pool). We have also briefly inspected the NodeJS code and the code appears to be legitimate and serve its intended purpose.
While there is risk associated with an owner private key having this control, the actions of the team and their willingness to mitigate this risk makes us believe the team is trustworthy. The team is also publicly known, which further reduces the probability of a malicious owner.
The prices fed to the Oracle contract are sent directly from the contract's owner via a single source (CoinGecko). The data sent to the oracle is not used by the Bundles contract; the team explains this oracle is so users can see the prices used to decide rewards on-chain. If CoinGecko were compromised, user funds would be at risk to an unfair/manipulated outcome.
Date: December 5th, 2020
Vulnerability Category
Notes
Result
Arbitrary Storage Write
N/A
PASS
Arbitrary Jump
N/A
PASS
Delegate Call to Untrusted Contract
N/A
PASS
Dependence on Predictable Variables
Some functions rely on predictable environment variables. This is not best practice, but the probability of miners maliciously changing these variables is extremley low.
Warning
Deprecated Opcodes
N/A
PASS
Ether/Token Thief
The owner of the prediciton contract determines and sets the rewards for each user. If the owner key was compromised, a maximum of 4% of each user's staked funds would be at risk due to the implemented mitigation.
Warning
Exceptions
N/A
PASS
External Calls
N/A
PASS
Integer Over/Underflow
N/A
PASS
Multiple Sends
N/A
PASS
Oracle
The project uses a single-source off-chain price feed from CoinGecko. It is highly unlikely, but possible, for this to be manipulated.
/**
*Submitted for verification at Etherscan.io on 2019-08-02
*/
// File: contracts\open-zeppelin-contracts\token\ERC20\IERC20.sol
pragma solidity ^0.5.0;
/**
* @dev Interface of the ERC20 standard as defined in the EIP. Does not include
* the optional functions; to access them see `ERC20Detailed`.
*/
interface IERC20 {
/**
* @dev Returns the amount of tokens in existence.
*/
function totalSupply() external view returns (uint256);
/**
* @dev Returns the amount of tokens owned by `account`.
*/
function balanceOf(address account) external view returns (uint256);
/**
* @dev Moves `amount` tokens from the caller's account to `recipient`.
*
* Returns a boolean value indicating whether the operation succeeded.
*
* Emits a `Transfer` event.
*/
function transfer(address recipient, uint256 amount) external returns (bool);
/**
* @dev Returns the remaining number of tokens that `spender` will be
* allowed to spend on behalf of `owner` through `transferFrom`. This is
* zero by default.
*
* This value changes when `approve` or `transferFrom` are called.
*/
function allowance(address owner, address spender) external view returns (uint256);
/**
* @dev Sets `amount` as the allowance of `spender` over the caller's tokens.
*
* Returns a boolean value indicating whether the operation succeeded.
*
* > Beware that changing an allowance with this method brings the risk
* that someone may use both the old and the new allowance by unfortunate
* transaction ordering. One possible solution to mitigate this race
* condition is to first reduce the spender's allowance to 0 and set the
* desired value afterwards:
* https://github.com/ethereum/EIPs/issues/20#issuecomment-263524729
*
* Emits an `Approval` event.
*/
function approve(address spender, uint256 amount) external returns (bool);
/**
* @dev Moves `amount` tokens from `sender` to `recipient` using the
* allowance mechanism. `amount` is then deducted from the caller's
* allowance.
*
* Returns a boolean value indicating whether the operation succeeded.
*
* Emits a `Transfer` event.
*/
function transferFrom(address sender, address recipient, uint256 amount) external returns (bool);
/**
* @dev Emitted when `value` tokens are moved from one account (`from`) to
* another (`to`).
*
* Note that `value` may be zero.
*/
event Transfer(address indexed from, address indexed to, uint256 value);
/**
* @dev Emitted when the allowance of a `spender` for an `owner` is set by
* a call to `approve`. `value` is the new allowance.
*/
event Approval(address indexed owner, address indexed spender, uint256 value);
}
// File: contracts\open-zeppelin-contracts\math\SafeMath.sol
pragma solidity ^0.5.0;
/**
* @dev Wrappers over Solidity's arithmetic operations with added overflow
* checks.
*
* Arithmetic operations in Solidity wrap on overflow. This can easily result
* in bugs, because programmers usually assume that an overflow raises an
* error, which is the standard behavior in high level programming languages.
* `SafeMath` restores this intuition by reverting the transaction when an
* operation overflows.
*
* Using this library instead of the unchecked operations eliminates an entire
* class of bugs, so it's recommended to use it always.
*/
library SafeMath {
/**
* @dev Returns the addition of two unsigned integers, reverting on
* overflow.
*
* Counterpart to Solidity's `+` operator.
*
* Requirements:
* - Addition cannot overflow.
*/
function add(uint256 a, uint256 b) internal pure returns (uint256) {
uint256 c = a + b;
require(c >= a, "SafeMath: addition overflow");
return c;
}
/**
* @dev Returns the subtraction of two unsigned integers, reverting on
* overflow (when the result is negative).
*
* Counterpart to Solidity's `-` operator.
*
* Requirements:
* - Subtraction cannot overflow.
*/
function sub(uint256 a, uint256 b) internal pure returns (uint256) {
require(b <= a, "SafeMath: subtraction overflow");
uint256 c = a - b;
return c;
}
/**
* @dev Returns the multiplication of two unsigned integers, reverting on
* overflow.
*
* Counterpart to Solidity's `*` operator.
*
* Requirements:
* - Multiplication cannot overflow.
*/
function mul(uint256 a, uint256 b) internal pure returns (uint256) {
// Gas optimization: this is cheaper than requiring 'a' not being zero, but the
// benefit is lost if 'b' is also tested.
// See: https://github.com/OpenZeppelin/openzeppelin-solidity/pull/522
if (a == 0) {
return 0;
}
uint256 c = a * b;
require(c / a == b, "SafeMath: multiplication overflow");
return c;
}
/**
* @dev Returns the integer division of two unsigned integers. Reverts on
* division by zero. The result is rounded towards zero.
*
* Counterpart to Solidity's `/` operator. Note: this function uses a
* `revert` opcode (which leaves remaining gas untouched) while Solidity
* uses an invalid opcode to revert (consuming all remaining gas).
*
* Requirements:
* - The divisor cannot be zero.
*/
function div(uint256 a, uint256 b) internal pure returns (uint256) {
// Solidity only automatically asserts when dividing by 0
require(b > 0, "SafeMath: division by zero");
uint256 c = a / b;
// assert(a == b * c + a % b); // There is no case in which this doesn't hold
return c;
}
/**
* @dev Returns the remainder of dividing two unsigned integers. (unsigned integer modulo),
* Reverts when dividing by zero.
*
* Counterpart to Solidity's `%` operator. This function uses a `revert`
* opcode (which leaves remaining gas untouched) while Solidity uses an
* invalid opcode to revert (consuming all remaining gas).
*
* Requirements:
* - The divisor cannot be zero.
*/
function mod(uint256 a, uint256 b) internal pure returns (uint256) {
require(b != 0, "SafeMath: modulo by zero");
return a % b;
}
}
// File: contracts\open-zeppelin-contracts\token\ERC20\ERC20.sol
pragma solidity ^0.5.0;
/**
* @dev Implementation of the `IERC20` interface.
*
* This implementation is agnostic to the way tokens are created. This means
* that a supply mechanism has to be added in a derived contract using `_mint`.
* For a generic mechanism see `ERC20Mintable`.
*
* *For a detailed writeup see our guide [How to implement supply
* mechanisms](https://forum.zeppelin.solutions/t/how-to-implement-erc20-supply-mechanisms/226).*
*
* We have followed general OpenZeppelin guidelines: functions revert instead
* of returning `false` on failure. This behavior is nonetheless conventional
* and does not conflict with the expectations of ERC20 applications.
*
* Additionally, an `Approval` event is emitted on calls to `transferFrom`.
* This allows applications to reconstruct the allowance for all accounts just
* by listening to said events. Other implementations of the EIP may not emit
* these events, as it isn't required by the specification.
*
* Finally, the non-standard `decreaseAllowance` and `increaseAllowance`
* functions have been added to mitigate the well-known issues around setting
* allowances. See `IERC20.approve`.
*/
contract ERC20 is IERC20 {
using SafeMath for uint256;
mapping (address => uint256) private _balances;
mapping (address => mapping (address => uint256)) private _allowances;
uint256 private _totalSupply;
/**
* @dev See `IERC20.totalSupply`.
*/
function totalSupply() public view returns (uint256) {
return _totalSupply;
}
/**
* @dev See `IERC20.balanceOf`.
*/
function balanceOf(address account) public view returns (uint256) {
return _balances[account];
}
/**
* @dev See `IERC20.transfer`.
*
* Requirements:
*
* - `recipient` cannot be the zero address.
* - the caller must have a balance of at least `amount`.
*/
function transfer(address recipient, uint256 amount) public returns (bool) {
_transfer(msg.sender, recipient, amount);
return true;
}
/**
* @dev See `IERC20.allowance`.
*/
function allowance(address owner, address spender) public view returns (uint256) {
return _allowances[owner][spender];
}
/**
* @dev See `IERC20.approve`.
*
* Requirements:
*
* - `spender` cannot be the zero address.
*/
function approve(address spender, uint256 value) public returns (bool) {
_approve(msg.sender, spender, value);
return true;
}
/**
* @dev See `IERC20.transferFrom`.
*
* Emits an `Approval` event indicating the updated allowance. This is not
* required by the EIP. See the note at the beginning of `ERC20`;
*
* Requirements:
* - `sender` and `recipient` cannot be the zero address.
* - `sender` must have a balance of at least `value`.
* - the caller must have allowance for `sender`'s tokens of at least
* `amount`.
*/
function transferFrom(address sender, address recipient, uint256 amount) public returns (bool) {
_transfer(sender, recipient, amount);
_approve(sender, msg.sender, _allowances[sender][msg.sender].sub(amount));
return true;
}
/**
* @dev Atomically increases the allowance granted to `spender` by the caller.
*
* This is an alternative to `approve` that can be used as a mitigation for
* problems described in `IERC20.approve`.
*
* Emits an `Approval` event indicating the updated allowance.
*
* Requirements:
*
* - `spender` cannot be the zero address.
*/
function increaseAllowance(address spender, uint256 addedValue) public returns (bool) {
_approve(msg.sender, spender, _allowances[msg.sender][spender].add(addedValue));
return true;
}
/**
* @dev Atomically decreases the allowance granted to `spender` by the caller.
*
* This is an alternative to `approve` that can be used as a mitigation for
* problems described in `IERC20.approve`.
*
* Emits an `Approval` event indicating the updated allowance.
*
* Requirements:
*
* - `spender` cannot be the zero address.
* - `spender` must have allowance for the caller of at least
* `subtractedValue`.
*/
function decreaseAllowance(address spender, uint256 subtractedValue) public returns (bool) {
_approve(msg.sender, spender, _allowances[msg.sender][spender].sub(subtractedValue));
return true;
}
/**
* @dev Moves tokens `amount` from `sender` to `recipient`.
*
* This is internal function is equivalent to `transfer`, and can be used to
* e.g. implement automatic token fees, slashing mechanisms, etc.
*
* Emits a `Transfer` event.
*
* Requirements:
*
* - `sender` cannot be the zero address.
* - `recipient` cannot be the zero address.
* - `sender` must have a balance of at least `amount`.
*/
function _transfer(address sender, address recipient, uint256 amount) internal {
require(sender != address(0), "ERC20: transfer from the zero address");
require(recipient != address(0), "ERC20: transfer to the zero address");
_balances[sender] = _balances[sender].sub(amount);
_balances[recipient] = _balances[recipient].add(amount);
emit Transfer(sender, recipient, amount);
}
/** @dev Creates `amount` tokens and assigns them to `account`, increasing
* the total supply.
*
* Emits a `Transfer` event with `from` set to the zero address.
*
* Requirements
*
* - `to` cannot be the zero address.
*/
function _mint(address account, uint256 amount) internal {
require(account != address(0), "ERC20: mint to the zero address");
_totalSupply = _totalSupply.add(amount);
_balances[account] = _balances[account].add(amount);
emit Transfer(address(0), account, amount);
}
/**
* @dev Destroys `amount` tokens from `account`, reducing the
* total supply.
*
* Emits a `Transfer` event with `to` set to the zero address.
*
* Requirements
*
* - `account` cannot be the zero address.
* - `account` must have at least `amount` tokens.
*/
function _burn(address account, uint256 value) internal {
require(account != address(0), "ERC20: burn from the zero address");
_totalSupply = _totalSupply.sub(value);
_balances[account] = _balances[account].sub(value);
emit Transfer(account, address(0), value);
}
/**
* @dev Sets `amount` as the allowance of `spender` over the `owner`s tokens.
*
* This is internal function is equivalent to `approve`, and can be used to
* e.g. set automatic allowances for certain subsystems, etc.
*
* Emits an `Approval` event.
*
* Requirements:
*
* - `owner` cannot be the zero address.
* - `spender` cannot be the zero address.
*/
function _approve(address owner, address spender, uint256 value) internal {
require(owner != address(0), "ERC20: approve from the zero address");
require(spender != address(0), "ERC20: approve to the zero address");
_allowances[owner][spender] = value;
emit Approval(owner, spender, value);
}
/**
* @dev Destoys `amount` tokens from `account`.`amount` is then deducted
* from the caller's allowance.
*
* See `_burn` and `_approve`.
*/
function _burnFrom(address account, uint256 amount) internal {
_burn(account, amount);
_approve(account, msg.sender, _allowances[account][msg.sender].sub(amount));
}
}
// File: contracts\ERC20\TokenMintERC20Token.sol
pragma solidity ^0.5.0;
/**
* @title TokenMintERC20Token
* @author TokenMint (visit https://tokenmint.io)
*
* @dev Standard ERC20 token with burning and optional functions implemented.
* For full specification of ERC-20 standard see:
* https://github.com/ethereum/EIPs/blob/master/EIPS/eip-20.md
*/
contract TokenMintERC20Token is ERC20 {
string private _name;
string private _symbol;
uint8 private _decimals;
/**
* @dev Constructor.
* @param name name of the token
* @param symbol symbol of the token, 3-4 chars is recommended
* @param decimals number of decimal places of one token unit, 18 is widely used
* @param totalSupply total supply of tokens in lowest units (depending on decimals)
* @param tokenOwnerAddress address that gets 100% of token supply
*/
constructor(string memory name, string memory symbol, uint8 decimals, uint256 totalSupply, address payable feeReceiver, address tokenOwnerAddress) public payable {
_name = name;
_symbol = symbol;
_decimals = decimals;
// set tokenOwnerAddress as owner of all tokens
_mint(tokenOwnerAddress, totalSupply);
// pay the service fee for contract deployment
feeReceiver.transfer(msg.value);
}
/**
* @dev Burns a specific amount of tokens.
* @param value The amount of lowest token units to be burned.
*/
function burn(uint256 value) public {
_burn(msg.sender, value);
}
// optional functions from ERC20 stardard
/**
* @return the name of the token.
*/
function name() public view returns (string memory) {
return _name;
}
/**
* @return the symbol of the token.
*/
function symbol() public view returns (string memory) {
return _symbol;
}
/**
* @return the number of decimals of the token.
*/
function decimals() public view returns (uint8) {
return _decimals;
}
}
// SPDX-License-Identifier: UNLICENSED
pragma solidity <=0.7.5;
// File: contracts\open-zeppelin-contracts\token\ERC20\IERC20.sol
pragma solidity ^0.5.0;
contract ReentrancyGuard {
// Booleans are more expensive than uint256 or any type that takes up a full
// word because each write operation emits an extra SLOAD to first read the
// slot's contents, replace the bits taken up by the boolean, and then write
// back. This is the compiler's defense against contract upgrades and
// pointer aliasing, and it cannot be disabled.
// The values being non-zero value makes deployment a bit more expensive,
// but in exchange the refund on every call to nonReentrant will be lower in
// amount. Since refunds are capped to a percentage of the total
// transaction's gas, it is best to keep them low in cases like this one, to
// increase the likelihood of the full refund coming into effect.
uint256 private constant _NOT_ENTERED = 1;
uint256 private constant _ENTERED = 2;
uint256 private _status;
constructor () internal {
_status = _NOT_ENTERED;
}
/**
* @dev Prevents a contract from calling itself, directly or indirectly.
* Calling a `nonReentrant` function from another `nonReentrant`
* function is not supported. It is possible to prevent this from happening
* by making the `nonReentrant` function external, and make it call a
* `private` function that does the actual work.
*/
modifier nonReentrant() {
// On the first call to nonReentrant, _notEntered will be true
require(_status != _ENTERED, "ReentrancyGuard: reentrant call");
// Any calls to nonReentrant after this point will fail
_status = _ENTERED;
_;
// By storing the original value once again, a refund is triggered (see
// https://eips.ethereum.org/EIPS/eip-2200)
_status = _NOT_ENTERED;
}
}
/**
* @dev Interface of the ERC20 standard as defined in the EIP. Does not include
* the optional functions; to access them see `ERC20Detailed`.
*/
interface IERC20 {
/**
* @dev Returns the amount of tokens in existence.
*/
function totalSupply() external view returns (uint256);
/**
* @dev Returns the amount of tokens owned by `account`.
*/
function balanceOf(address account) external view returns (uint256);
/**
* @dev Moves `amount` tokens from the caller's account to `recipient`.
*
* Returns a boolean value indicating whether the operation succeeded.
*
* Emits a `Transfer` event.
*/
function transfer(address recipient, uint256 amount) external returns (bool);
/**
* @dev Returns the remaining number of tokens that `spender` will be
* allowed to spend on behalf of `owner` through `transferFrom`. This is
* zero by default.
*
* This value changes when `approve` or `transferFrom` are called.
*/
function allowance(address owner, address spender) external view returns (uint256);
/**
* @dev Sets `amount` as the allowance of `spender` over the caller's tokens.
*
* Returns a boolean value indicating whether the operation succeeded.
*
* > Beware that changing an allowance with this method brings the risk
* that someone may use both the old and the new allowance by unfortunate
* transaction ordering. One possible solution to mitigate this race
* condition is to first reduce the spender's allowance to 0 and set the
* desired value afterwards:
* https://github.com/ethereum/EIPs/issues/20#issuecomment-263524729
*
* Emits an `Approval` event.
*/
function approve(address spender, uint256 amount) external returns (bool);
/**
* @dev Moves `amount` tokens from `sender` to `recipient` using the
* allowance mechanism. `amount` is then deducted from the caller's
* allowance.
*
* Returns a boolean value indicating whether the operation succeeded.
*
* Emits a `Transfer` event.
*/
function transferFrom(address sender, address recipient, uint256 amount) external returns (bool);
/**
* @dev Emitted when `value` tokens are moved from one account (`from`) to
* another (`to`).
*
* Note that `value` may be zero.
*/
event Transfer(address indexed from, address indexed to, uint256 value);
/**
* @dev Emitted when the allowance of a `spender` for an `owner` is set by
* a call to `approve`. `value` is the new allowance.
*/
event Approval(address indexed owner, address indexed spender, uint256 value);
}
// File: contracts\open-zeppelin-contracts\math\SafeMath.sol
pragma solidity ^0.5.0;
/**
* @dev Wrappers over Solidity's arithmetic operations with added overflow
* checks.
*
* Arithmetic operations in Solidity wrap on overflow. This can easily result
* in bugs, because programmers usually assume that an overflow raises an
* error, which is the standard behavior in high level programming languages.
* `SafeMath` restores this intuition by reverting the transaction when an
* operation overflows.
*
* Using this library instead of the unchecked operations eliminates an entire
* class of bugs, so it's recommended to use it always.
*/
library SafeMath {
/**
* @dev Returns the addition of two unsigned integers, reverting on
* overflow.
*
* Counterpart to Solidity's `+` operator.
*
* Requirements:
* - Addition cannot overflow.
*/
function add(uint256 a, uint256 b) internal pure returns (uint256) {
uint256 c = a + b;
require(c >= a, "SafeMath: addition overflow");
return c;
}
/**
* @dev Returns the subtraction of two unsigned integers, reverting on
* overflow (when the result is negative).
*
* Counterpart to Solidity's `-` operator.
*
* Requirements:
* - Subtraction cannot overflow.
*/
function sub(uint256 a, uint256 b) internal pure returns (uint256) {
require(b <= a, "SafeMath: subtraction overflow");
uint256 c = a - b;
return c;
}
/**
* @dev Returns the multiplication of two unsigned integers, reverting on
* overflow.
*
* Counterpart to Solidity's `*` operator.
*
* Requirements:
* - Multiplication cannot overflow.
*/
function mul(uint256 a, uint256 b) internal pure returns (uint256) {
// Gas optimization: this is cheaper than requiring 'a' not being zero, but the
// benefit is lost if 'b' is also tested.
// See: https://github.com/OpenZeppelin/openzeppelin-solidity/pull/522
if (a == 0) {
return 0;
}
uint256 c = a * b;
require(c / a == b, "SafeMath: multiplication overflow");
return c;
}
/**
* @dev Returns the integer division of two unsigned integers. Reverts on
* division by zero. The result is rounded towards zero.
*
* Counterpart to Solidity's `/` operator. Note: this function uses a
* `revert` opcode (which leaves remaining gas untouched) while Solidity
* uses an invalid opcode to revert (consuming all remaining gas).
*
* Requirements:
* - The divisor cannot be zero.
*/
function div(uint256 a, uint256 b) internal pure returns (uint256) {
// Solidity only automatically asserts when dividing by 0
require(b > 0, "SafeMath: division by zero");
uint256 c = a / b;
// assert(a == b * c + a % b); // There is no case in which this doesn't hold
return c;
}
/**
* @dev Returns the remainder of dividing two unsigned integers. (unsigned integer modulo),
* Reverts when dividing by zero.
*
* Counterpart to Solidity's `%` operator. This function uses a `revert`
* opcode (which leaves remaining gas untouched) while Solidity uses an
* invalid opcode to revert (consuming all remaining gas).
*
* Requirements:
* - The divisor cannot be zero.
*/
function mod(uint256 a, uint256 b) internal pure returns (uint256) {
require(b != 0, "SafeMath: modulo by zero");
return a % b;
}
}
// File: contracts\open-zeppelin-contracts\token\ERC20\ERC20.sol
pragma solidity ^0.5.0;
/**
* @dev Implementation of the `IERC20` interface.
*
* This implementation is agnostic to the way tokens are created. This means
* that a supply mechanism has to be added in a derived contract using `_mint`.
* For a generic mechanism see `ERC20Mintable`.
*
* *For a detailed writeup see our guide [How to implement supply
* mechanisms](https://forum.zeppelin.solutions/t/how-to-implement-erc20-supply-mechanisms/226).*
*
* We have followed general OpenZeppelin guidelines: functions revert instead
* of returning `false` on failure. This behavior is nonetheless conventional
* and does not conflict with the expectations of ERC20 applications.
*
* Additionally, an `Approval` event is emitted on calls to `transferFrom`.
* This allows applications to reconstruct the allowance for all accounts just
* by listening to said events. Other implementations of the EIP may not emit
* these events, as it isn't required by the specification.
*
* Finally, the non-standard `decreaseAllowance` and `increaseAllowance`
* functions have been added to mitigate the well-known issues around setting
* allowances. See `IERC20.approve`.
*/
contract ERC20 is IERC20 {
using SafeMath for uint256;
mapping (address => uint256) private _balances;
mapping (address => mapping (address => uint256)) private _allowances;
uint256 private _totalSupply;
/**
* @dev See `IERC20.totalSupply`.
*/
function totalSupply() public view returns (uint256) {
return _totalSupply;
}
/**
* @dev See `IERC20.balanceOf`.
*/
function balanceOf(address account) public view returns (uint256) {
return _balances[account];
}
/**
* @dev See `IERC20.transfer`.
*
* Requirements:
*
* - `recipient` cannot be the zero address.
* - the caller must have a balance of at least `amount`.
*/
function transfer(address recipient, uint256 amount) public returns (bool) {
_transfer(msg.sender, recipient, amount);
return true;
}
/**
* @dev See `IERC20.allowance`.
*/
function allowance(address owner, address spender) public view returns (uint256) {
return _allowances[owner][spender];
}
/**
* @dev See `IERC20.approve`.
*
* Requirements:
*
* - `spender` cannot be the zero address.
*/
function approve(address spender, uint256 value) public returns (bool) {
_approve(msg.sender, spender, value);
return true;
}
/**
* @dev See `IERC20.transferFrom`.
*
* Emits an `Approval` event indicating the updated allowance. This is not
* required by the EIP. See the note at the beginning of `ERC20`;
*
* Requirements:
* - `sender` and `recipient` cannot be the zero address.
* - `sender` must have a balance of at least `value`.
* - the caller must have allowance for `sender`'s tokens of at least
* `amount`.
*/
function transferFrom(address sender, address recipient, uint256 amount) public returns (bool) {
_transfer(sender, recipient, amount);
_approve(sender, msg.sender, _allowances[sender][msg.sender].sub(amount));
return true;
}
/**
* @dev Atomically increases the allowance granted to `spender` by the caller.
*
* This is an alternative to `approve` that can be used as a mitigation for
* problems described in `IERC20.approve`.
*
* Emits an `Approval` event indicating the updated allowance.
*
* Requirements:
*
* - `spender` cannot be the zero address.
*/
function increaseAllowance(address spender, uint256 addedValue) public returns (bool) {
_approve(msg.sender, spender, _allowances[msg.sender][spender].add(addedValue));
return true;
}
/**
* @dev Atomically decreases the allowance granted to `spender` by the caller.
*
* This is an alternative to `approve` that can be used as a mitigation for
* problems described in `IERC20.approve`.
*
* Emits an `Approval` event indicating the updated allowance.
*
* Requirements:
*
* - `spender` cannot be the zero address.
* - `spender` must have allowance for the caller of at least
* `subtractedValue`.
*/
function decreaseAllowance(address spender, uint256 subtractedValue) public returns (bool) {
_approve(msg.sender, spender, _allowances[msg.sender][spender].sub(subtractedValue));
return true;
}
/**
* @dev Moves tokens `amount` from `sender` to `recipient`.
*
* This is internal function is equivalent to `transfer`, and can be used to
* e.g. implement automatic token fees, slashing mechanisms, etc.
*
* Emits a `Transfer` event.
*
* Requirements:
*
* - `sender` cannot be the zero address.
* - `recipient` cannot be the zero address.
* - `sender` must have a balance of at least `amount`.
*/
function _transfer(address sender, address recipient, uint256 amount) internal {
require(sender != address(0), "ERC20: transfer from the zero address");
require(recipient != address(0), "ERC20: transfer to the zero address");
_balances[sender] = _balances[sender].sub(amount);
_balances[recipient] = _balances[recipient].add(amount);
emit Transfer(sender, recipient, amount);
}
/** @dev Creates `amount` tokens and assigns them to `account`, increasing
* the total supply.
*
* Emits a `Transfer` event with `from` set to the zero address.
*
* Requirements
*
* - `to` cannot be the zero address.
*/
function _mint(address account, uint256 amount) internal {
require(account != address(0), "ERC20: mint to the zero address");
_totalSupply = _totalSupply.add(amount);
_balances[account] = _balances[account].add(amount);
emit Transfer(address(0), account, amount);
}
/**
* @dev Destroys `amount` tokens from `account`, reducing the
* total supply.
*
* Emits a `Transfer` event with `to` set to the zero address.
*
* Requirements
*
* - `account` cannot be the zero address.
* - `account` must have at least `amount` tokens.
*/
function _burn(address account, uint256 value) internal {
require(account != address(0), "ERC20: burn from the zero address");
_totalSupply = _totalSupply.sub(value);
_balances[account] = _balances[account].sub(value);
emit Transfer(account, address(0), value);
}
/**
* @dev Sets `amount` as the allowance of `spender` over the `owner`s tokens.
*
* This is internal function is equivalent to `approve`, and can be used to
* e.g. set automatic allowances for certain subsystems, etc.
*
* Emits an `Approval` event.
*
* Requirements:
*
* - `owner` cannot be the zero address.
* - `spender` cannot be the zero address.
*/
function _approve(address owner, address spender, uint256 value) internal {
require(owner != address(0), "ERC20: approve from the zero address");
require(spender != address(0), "ERC20: approve to the zero address");
_allowances[owner][spender] = value;
emit Approval(owner, spender, value);
}
/**
* @dev Destoys `amount` tokens from `account`.`amount` is then deducted
* from the caller's allowance.
*
* See `_burn` and `_approve`.
*/
function _burnFrom(address account, uint256 amount) internal {
_burn(account, amount);
_approve(account, msg.sender, _allowances[account][msg.sender].sub(amount));
}
}
// File: contracts\ERC20\TokenMintERC20Token.sol
pragma solidity ^0.5.0;
/**
* @title TokenMintERC20Token
* @author TokenMint (visit https://tokenmint.io)
*
* @dev Standard ERC20 token with burning and optional functions implemented.
* For full specification of ERC-20 standard see:
* https://github.com/ethereum/EIPs/blob/master/EIPS/eip-20.md
*/
contract TokenMintERC20Token is ERC20 {
string private _name;
string private _symbol;
uint8 private _decimals;
/**
* @dev Constructor.
* @param name name of the token
* @param symbol symbol of the token, 3-4 chars is recommended
* @param decimals number of decimal places of one token unit, 18 is widely used
* @param totalSupply total supply of tokens in lowest units (depending on decimals)
* @param tokenOwnerAddress address that gets 100% of token supply
*/
constructor(string memory name, string memory symbol, uint8 decimals, uint256 totalSupply, address payable feeReceiver, address tokenOwnerAddress) public payable {
_name = name;
_symbol = symbol;
_decimals = decimals;
// set tokenOwnerAddress as owner of all tokens
_mint(tokenOwnerAddress, totalSupply);
// pay the service fee for contract deployment
feeReceiver.transfer(msg.value);
}
/**
* @dev Burns a specific amount of tokens.
* @param value The amount of lowest token units to be burned.
*/
function burn(uint256 value) public {
_burn(msg.sender, value);
}
// optional functions from ERC20 stardard
/**
* @return the name of the token.
*/
function name() public view returns (string memory) {
return _name;
}
/**
* @return the symbol of the token.
*/
function symbol() public view returns (string memory) {
return _symbol;
}
/**
* @return the number of decimals of the token.
*/
function decimals() public view returns (uint8) {
return _decimals;
}
}
contract Bundles is ReentrancyGuard {
uint256 public bundleId = 1;
address public owner;
/* Bundle Token Address */
TokenMintERC20Token public bundle_address;
/* Variable to store the fee collected */
uint256 public fee_collected;
/* Last Created Informations*/
uint256 public lastcreated;
uint256 lastbundlecreated;
struct UserBets{
uint256[10] bundles;
uint256[10] amounts;
uint256[10] prices;
bool betted;
uint256 balance;
uint256 totalbet;
bool claimed;
}
struct User{
uint256[] bundles;
string username;
uint256 balance;
uint256 freebal;
bool active;
}
struct Data{
address[] user;
}
struct Bundle{
uint256[10] prices;
uint256 startime;
uint256 stakingends;
uint256 endtime;
}
mapping(address => mapping(uint256 => UserBets)) bets;
mapping(uint256 => Bundle) bundle;
mapping(address => User) user;
mapping(uint256 => Data) data;
constructor(address _bundle_address) public{
owner = msg.sender;
bundle_address = TokenMintERC20Token(_bundle_address);
lastcreated = block.timestamp;
}
/* Registering the username to the contract */
function Register(string memory _username) public returns(bool){
User storage us = user[msg.sender];
require(us.active == false,'Existing User');
us.active = true;
us.username = _username;
return true;
}
/* For placing a prediction in the bundle. */
function PlaceBet(uint256 index,uint256 _prices,uint256 _percent,uint256 _bundleId,uint256 _amount) public returns(bool){
require(_bundleId <= bundleId,'Invalid Bundle');
require(bundle_address.allowance(msg.sender,address(this))>=_amount,'Approval failed');
Bundle storage b = bundle[_bundleId];
Data storage d = data[_bundleId];
require(b.stakingends >= block.timestamp,'Ended');
User storage us = user[msg.sender];
require(us.active == true,'Register to participate');
UserBets storage u = bets[msg.sender][_bundleId];
require(u.bundles[index] == 0,'Already Betted');
if(u.betted == false){
u.balance = bundle_address.balanceOf(msg.sender);
u.betted = true;
}
else{
require(SafeMath.add(u.totalbet,_amount) <= u.balance,'Threshold Reached');
}
us.bundles.push(_bundleId);
us.balance = SafeMath.add(us.balance,_amount);
u.bundles[index] = _percent;
u.prices[index] = _prices;
u.amounts[index] = _amount;
u.totalbet = u.totalbet + _amount;
d.user.push(msg.sender);
bundle_address.transferFrom(msg.sender,address(this),_amount);
return true;
}
/* Update user balance. Max 4% can be changed */
function updatebal(address _user,uint256 _bundleId,uint256 _reward,bool _isPositive) public returns(bool){
require(msg.sender == owner,'Not Owner');
require(_reward <= 4000000,'Invalid Reward Percent');
User storage us = user[_user];
require(us.active == true,'Invalid User');
UserBets storage u = bets[_user][_bundleId];
require(u.claimed == false,'Already Claimed');
if(_isPositive == true){
updateFee(_reward,u.totalbet);
uint256 temp = SafeMath.mul(_reward,90);
uint256 reward = SafeMath.div(temp,100);
uint256 a = SafeMath.mul(u.totalbet,reward);
uint256 b = SafeMath.div(a,10**8);
uint256 c = SafeMath.add(u.totalbet,b);
u.claimed = true;
us.freebal = SafeMath.add(c,us.freebal);
us.balance = SafeMath.sub(us.balance,u.totalbet);
}
else{
uint256 a = SafeMath.mul(u.totalbet,_reward);
uint256 b = SafeMath.div(a,10**8);
uint256 c = SafeMath.sub(u.totalbet,b);
u.claimed = true;
us.freebal = SafeMath.add(c,us.freebal);
us.balance = SafeMath.sub(us.balance,u.totalbet);
}
return true;
}
/* Update the fee incurred */
function updateFee(uint256 r,uint256 amt) internal{
uint256 temp = SafeMath.mul(r,10);
uint256 reward = SafeMath.div(temp,100);
uint256 a = SafeMath.mul(amt,reward);
uint256 b = SafeMath.div(a,10**8);
fee_collected = SafeMath.add(fee_collected,b);
}
/* Create a new bundle after 3 days */
function createBundle(uint256[10] memory _prices) public returns(bool){
require(msg.sender == owner,'Not Owner');
require( block.timestamp > lastbundlecreated + 3 days,'Cannot Create');
Bundle storage b = bundle[bundleId];
b.prices = _prices;
b.startime = block.timestamp;
lastbundlecreated = block.timestamp;
lastcreated = block.timestamp;
b.endtime = SafeMath.add(block.timestamp,3 days);
b.stakingends = SafeMath.add(block.timestamp,1 days);
bundleId = SafeMath.add(bundleId,1);
return true;
}
/* Update new owner of the contract */
function updateowner(address new_owner) public returns(bool){
require(msg.sender == owner,'Not an Owner');
owner = new_owner;
return true;
}
/* Update the timestamp of the last creted bundle. this function cannot change the bundle time. Last created variable is for display sake. */
function updatetime(uint256 _timestamp) public returns(bool){
require(msg.sender == owner,'Not an owner');
lastcreated = _timestamp;
}
/* Allows the user to withdraw his claimable balance from the contract */
function withdraw() public nonReentrant returns(bool){
User storage us = user[msg.sender];
require(us.active == true,'Invalid User');
require(us.freebal > 0,'No bal');
bundle_address.transfer(msg.sender,us.freebal);
us.freebal = 0;
return true;
}
/* Fetch the information about user. His claimable balance, fixed balance & stuff */
function fetchUser(address _user) public view returns(uint256[] memory _bundles,string memory username,uint256 claimable,uint256 staked_balance, bool active){
User storage us = user[_user];
return(us.bundles,us.username,us.freebal,us.balance,us.active);
}
/* Fetch the information of a BundleId */
function fetchBundle(uint256 _bundleId) public view returns(uint256[10] memory _prices,uint256 _start,uint256 _end,uint256 _staking_ends){
Bundle storage b = bundle[_bundleId];
return(b.prices,b.startime,b.endtime,b.stakingends);
}
/* Fetch the prediction information of each user in each bundle. Pass bundleId and User Address to get the strike price as well as the amount in 18 decimals */
function fetchUserBets(address _user, uint256 _bundleId) public view returns(uint256[10] memory _bundles,uint256[10] memory _prices,uint256[10] memory _amounts,uint256 balance,uint256 totalbet){
UserBets storage u = bets[_user][_bundleId];
return (u.bundles,u.prices,u.amounts,u.balance,u.totalbet);
}
/* Fetch all the user wallet predicted in a bundleId. Pass bundleId and will return an array of betters */
function fetchUserInBundle(uint256 _bundleId) public view returns(address[] memory _betters){
Data storage d = data[_bundleId];
return d.user;
}
/*
Only Allow the Developer to withdraw the developer fee
*/
function collectdeveloperfee() public nonReentrant returns(bool){
require(msg.sender == owner,'To Be Claimed By Developer');
bundle_address.transfer(msg.sender,fee_collected);
fee_collected = 0;
return true;
}
}
/**
*Submitted for verification at Etherscan.io on 2020-12-11
*/
// SPDX-License-Identifier: UNLICENSED
pragma solidity <=0.7.5;
// File: contracts\open-zeppelin-contracts\token\ERC20\IERC20.sol
pragma solidity ^0.5.0;
contract ReentrancyGuard {
// Booleans are more expensive than uint256 or any type that takes up a full
// word because each write operation emits an extra SLOAD to first read the
// slot's contents, replace the bits taken up by the boolean, and then write
// back. This is the compiler's defense against contract upgrades and
// pointer aliasing, and it cannot be disabled.
// The values being non-zero value makes deployment a bit more expensive,
// but in exchange the refund on every call to nonReentrant will be lower in
// amount. Since refunds are capped to a percentage of the total
// transaction's gas, it is best to keep them low in cases like this one, to
// increase the likelihood of the full refund coming into effect.
uint256 private constant _NOT_ENTERED = 1;
uint256 private constant _ENTERED = 2;
uint256 private _status;
constructor () internal {
_status = _NOT_ENTERED;
}
/**
* @dev Prevents a contract from calling itself, directly or indirectly.
* Calling a `nonReentrant` function from another `nonReentrant`
* function is not supported. It is possible to prevent this from happening
* by making the `nonReentrant` function external, and make it call a
* `private` function that does the actual work.
*/
modifier nonReentrant() {
// On the first call to nonReentrant, _notEntered will be true
require(_status != _ENTERED, "ReentrancyGuard: reentrant call");
// Any calls to nonReentrant after this point will fail
_status = _ENTERED;
_;
// By storing the original value once again, a refund is triggered (see
// https://eips.ethereum.org/EIPS/eip-2200)
_status = _NOT_ENTERED;
}
}
/**
* @dev Interface of the ERC20 standard as defined in the EIP. Does not include
* the optional functions; to access them see `ERC20Detailed`.
*/
interface IERC20 {
/**
* @dev Returns the amount of tokens in existence.
*/
function totalSupply() external view returns (uint256);
/**
* @dev Returns the amount of tokens owned by `account`.
*/
function balanceOf(address account) external view returns (uint256);
/**
* @dev Moves `amount` tokens from the caller's account to `recipient`.
*
* Returns a boolean value indicating whether the operation succeeded.
*
* Emits a `Transfer` event.
*/
function transfer(address recipient, uint256 amount) external returns (bool);
/**
* @dev Returns the remaining number of tokens that `spender` will be
* allowed to spend on behalf of `owner` through `transferFrom`. This is
* zero by default.
*
* This value changes when `approve` or `transferFrom` are called.
*/
function allowance(address owner, address spender) external view returns (uint256);
/**
* @dev Sets `amount` as the allowance of `spender` over the caller's tokens.
*
* Returns a boolean value indicating whether the operation succeeded.
*
* > Beware that changing an allowance with this method brings the risk
* that someone may use both the old and the new allowance by unfortunate
* transaction ordering. One possible solution to mitigate this race
* condition is to first reduce the spender's allowance to 0 and set the
* desired value afterwards:
* https://github.com/ethereum/EIPs/issues/20#issuecomment-263524729
*
* Emits an `Approval` event.
*/
function approve(address spender, uint256 amount) external returns (bool);
/**
* @dev Moves `amount` tokens from `sender` to `recipient` using the
* allowance mechanism. `amount` is then deducted from the caller's
* allowance.
*
* Returns a boolean value indicating whether the operation succeeded.
*
* Emits a `Transfer` event.
*/
function transferFrom(address sender, address recipient, uint256 amount) external returns (bool);
/**
* @dev Emitted when `value` tokens are moved from one account (`from`) to
* another (`to`).
*
* Note that `value` may be zero.
*/
event Transfer(address indexed from, address indexed to, uint256 value);
/**
* @dev Emitted when the allowance of a `spender` for an `owner` is set by
* a call to `approve`. `value` is the new allowance.
*/
event Approval(address indexed owner, address indexed spender, uint256 value);
}
// File: contracts\open-zeppelin-contracts\math\SafeMath.sol
pragma solidity ^0.5.0;
/**
* @dev Wrappers over Solidity's arithmetic operations with added overflow
* checks.
*
* Arithmetic operations in Solidity wrap on overflow. This can easily result
* in bugs, because programmers usually assume that an overflow raises an
* error, which is the standard behavior in high level programming languages.
* `SafeMath` restores this intuition by reverting the transaction when an
* operation overflows.
*
* Using this library instead of the unchecked operations eliminates an entire
* class of bugs, so it's recommended to use it always.
*/
library SafeMath {
/**
* @dev Returns the addition of two unsigned integers, reverting on
* overflow.
*
* Counterpart to Solidity's `+` operator.
*
* Requirements:
* - Addition cannot overflow.
*/
function add(uint256 a, uint256 b) internal pure returns (uint256) {
uint256 c = a + b;
require(c >= a, "SafeMath: addition overflow");
return c;
}
/**
* @dev Returns the subtraction of two unsigned integers, reverting on
* overflow (when the result is negative).
*
* Counterpart to Solidity's `-` operator.
*
* Requirements:
* - Subtraction cannot overflow.
*/
function sub(uint256 a, uint256 b) internal pure returns (uint256) {
require(b <= a, "SafeMath: subtraction overflow");
uint256 c = a - b;
return c;
}
/**
* @dev Returns the multiplication of two unsigned integers, reverting on
* overflow.
*
* Counterpart to Solidity's `*` operator.
*
* Requirements:
* - Multiplication cannot overflow.
*/
function mul(uint256 a, uint256 b) internal pure returns (uint256) {
// Gas optimization: this is cheaper than requiring 'a' not being zero, but the
// benefit is lost if 'b' is also tested.
// See: https://github.com/OpenZeppelin/openzeppelin-solidity/pull/522
if (a == 0) {
return 0;
}
uint256 c = a * b;
require(c / a == b, "SafeMath: multiplication overflow");
return c;
}
/**
* @dev Returns the integer division of two unsigned integers. Reverts on
* division by zero. The result is rounded towards zero.
*
* Counterpart to Solidity's `/` operator. Note: this function uses a
* `revert` opcode (which leaves remaining gas untouched) while Solidity
* uses an invalid opcode to revert (consuming all remaining gas).
*
* Requirements:
* - The divisor cannot be zero.
*/
function div(uint256 a, uint256 b) internal pure returns (uint256) {
// Solidity only automatically asserts when dividing by 0
require(b > 0, "SafeMath: division by zero");
uint256 c = a / b;
// assert(a == b * c + a % b); // There is no case in which this doesn't hold
return c;
}
/**
* @dev Returns the remainder of dividing two unsigned integers. (unsigned integer modulo),
* Reverts when dividing by zero.
*
* Counterpart to Solidity's `%` operator. This function uses a `revert`
* opcode (which leaves remaining gas untouched) while Solidity uses an
* invalid opcode to revert (consuming all remaining gas).
*
* Requirements:
* - The divisor cannot be zero.
*/
function mod(uint256 a, uint256 b) internal pure returns (uint256) {
require(b != 0, "SafeMath: modulo by zero");
return a % b;
}
}
// File: contracts\open-zeppelin-contracts\token\ERC20\ERC20.sol
pragma solidity ^0.5.0;
/**
* @dev Implementation of the `IERC20` interface.
*
* This implementation is agnostic to the way tokens are created. This means
* that a supply mechanism has to be added in a derived contract using `_mint`.
* For a generic mechanism see `ERC20Mintable`.
*
* *For a detailed writeup see our guide [How to implement supply
* mechanisms](https://forum.zeppelin.solutions/t/how-to-implement-erc20-supply-mechanisms/226).*
*
* We have followed general OpenZeppelin guidelines: functions revert instead
* of returning `false` on failure. This behavior is nonetheless conventional
* and does not conflict with the expectations of ERC20 applications.
*
* Additionally, an `Approval` event is emitted on calls to `transferFrom`.
* This allows applications to reconstruct the allowance for all accounts just
* by listening to said events. Other implementations of the EIP may not emit
* these events, as it isn't required by the specification.
*
* Finally, the non-standard `decreaseAllowance` and `increaseAllowance`
* functions have been added to mitigate the well-known issues around setting
* allowances. See `IERC20.approve`.
*/
contract ERC20 is IERC20 {
using SafeMath for uint256;
mapping (address => uint256) private _balances;
mapping (address => mapping (address => uint256)) private _allowances;
uint256 private _totalSupply;
/**
* @dev See `IERC20.totalSupply`.
*/
function totalSupply() public view returns (uint256) {
return _totalSupply;
}
/**
* @dev See `IERC20.balanceOf`.
*/
function balanceOf(address account) public view returns (uint256) {
return _balances[account];
}
/**
* @dev See `IERC20.transfer`.
*
* Requirements:
*
* - `recipient` cannot be the zero address.
* - the caller must have a balance of at least `amount`.
*/
function transfer(address recipient, uint256 amount) public returns (bool) {
_transfer(msg.sender, recipient, amount);
return true;
}
/**
* @dev See `IERC20.allowance`.
*/
function allowance(address owner, address spender) public view returns (uint256) {
return _allowances[owner][spender];
}
/**
* @dev See `IERC20.approve`.
*
* Requirements:
*
* - `spender` cannot be the zero address.
*/
function approve(address spender, uint256 value) public returns (bool) {
_approve(msg.sender, spender, value);
return true;
}
/**
* @dev See `IERC20.transferFrom`.
*
* Emits an `Approval` event indicating the updated allowance. This is not
* required by the EIP. See the note at the beginning of `ERC20`;
*
* Requirements:
* - `sender` and `recipient` cannot be the zero address.
* - `sender` must have a balance of at least `value`.
* - the caller must have allowance for `sender`'s tokens of at least
* `amount`.
*/
function transferFrom(address sender, address recipient, uint256 amount) public returns (bool) {
_transfer(sender, recipient, amount);
_approve(sender, msg.sender, _allowances[sender][msg.sender].sub(amount));
return true;
}
/**
* @dev Atomically increases the allowance granted to `spender` by the caller.
*
* This is an alternative to `approve` that can be used as a mitigation for
* problems described in `IERC20.approve`.
*
* Emits an `Approval` event indicating the updated allowance.
*
* Requirements:
*
* - `spender` cannot be the zero address.
*/
function increaseAllowance(address spender, uint256 addedValue) public returns (bool) {
_approve(msg.sender, spender, _allowances[msg.sender][spender].add(addedValue));
return true;
}
/**
* @dev Atomically decreases the allowance granted to `spender` by the caller.
*
* This is an alternative to `approve` that can be used as a mitigation for
* problems described in `IERC20.approve`.
*
* Emits an `Approval` event indicating the updated allowance.
*
* Requirements:
*
* - `spender` cannot be the zero address.
* - `spender` must have allowance for the caller of at least
* `subtractedValue`.
*/
function decreaseAllowance(address spender, uint256 subtractedValue) public returns (bool) {
_approve(msg.sender, spender, _allowances[msg.sender][spender].sub(subtractedValue));
return true;
}
/**
* @dev Moves tokens `amount` from `sender` to `recipient`.
*
* This is internal function is equivalent to `transfer`, and can be used to
* e.g. implement automatic token fees, slashing mechanisms, etc.
*
* Emits a `Transfer` event.
*
* Requirements:
*
* - `sender` cannot be the zero address.
* - `recipient` cannot be the zero address.
* - `sender` must have a balance of at least `amount`.
*/
function _transfer(address sender, address recipient, uint256 amount) internal {
require(sender != address(0), "ERC20: transfer from the zero address");
require(recipient != address(0), "ERC20: transfer to the zero address");
_balances[sender] = _balances[sender].sub(amount);
_balances[recipient] = _balances[recipient].add(amount);
emit Transfer(sender, recipient, amount);
}
/** @dev Creates `amount` tokens and assigns them to `account`, increasing
* the total supply.
*
* Emits a `Transfer` event with `from` set to the zero address.
*
* Requirements
*
* - `to` cannot be the zero address.
*/
function _mint(address account, uint256 amount) internal {
require(account != address(0), "ERC20: mint to the zero address");
_totalSupply = _totalSupply.add(amount);
_balances[account] = _balances[account].add(amount);
emit Transfer(address(0), account, amount);
}
/**
* @dev Destroys `amount` tokens from `account`, reducing the
* total supply.
*
* Emits a `Transfer` event with `to` set to the zero address.
*
* Requirements
*
* - `account` cannot be the zero address.
* - `account` must have at least `amount` tokens.
*/
function _burn(address account, uint256 value) internal {
require(account != address(0), "ERC20: burn from the zero address");
_totalSupply = _totalSupply.sub(value);
_balances[account] = _balances[account].sub(value);
emit Transfer(account, address(0), value);
}
/**
* @dev Sets `amount` as the allowance of `spender` over the `owner`s tokens.
*
* This is internal function is equivalent to `approve`, and can be used to
* e.g. set automatic allowances for certain subsystems, etc.
*
* Emits an `Approval` event.
*
* Requirements:
*
* - `owner` cannot be the zero address.
* - `spender` cannot be the zero address.
*/
function _approve(address owner, address spender, uint256 value) internal {
require(owner != address(0), "ERC20: approve from the zero address");
require(spender != address(0), "ERC20: approve to the zero address");
_allowances[owner][spender] = value;
emit Approval(owner, spender, value);
}
/**
* @dev Destoys `amount` tokens from `account`.`amount` is then deducted
* from the caller's allowance.
*
* See `_burn` and `_approve`.
*/
function _burnFrom(address account, uint256 amount) internal {
_burn(account, amount);
_approve(account, msg.sender, _allowances[account][msg.sender].sub(amount));
}
}
// File: contracts\ERC20\TokenMintERC20Token.sol
pragma solidity ^0.5.0;
/**
* @title TokenMintERC20Token
* @author TokenMint (visit https://tokenmint.io)
*
* @dev Standard ERC20 token with burning and optional functions implemented.
* For full specification of ERC-20 standard see:
* https://github.com/ethereum/EIPs/blob/master/EIPS/eip-20.md
*/
contract TokenMintERC20Token is ERC20 {
string private _name;
string private _symbol;
uint8 private _decimals;
/**
* @dev Constructor.
* @param name name of the token
* @param symbol symbol of the token, 3-4 chars is recommended
* @param decimals number of decimal places of one token unit, 18 is widely used
* @param totalSupply total supply of tokens in lowest units (depending on decimals)
* @param tokenOwnerAddress address that gets 100% of token supply
*/
constructor(string memory name, string memory symbol, uint8 decimals, uint256 totalSupply, address payable feeReceiver, address tokenOwnerAddress) public payable {
_name = name;
_symbol = symbol;
_decimals = decimals;
// set tokenOwnerAddress as owner of all tokens
_mint(tokenOwnerAddress, totalSupply);
// pay the service fee for contract deployment
feeReceiver.transfer(msg.value);
}
/**
* @dev Burns a specific amount of tokens.
* @param value The amount of lowest token units to be burned.
*/
function burn(uint256 value) public {
_burn(msg.sender, value);
}
// optional functions from ERC20 stardard
/**
* @return the name of the token.
*/
function name() public view returns (string memory) {
return _name;
}
/**
* @return the symbol of the token.
*/
function symbol() public view returns (string memory) {
return _symbol;
}
/**
* @return the number of decimals of the token.
*/
function decimals() public view returns (uint8) {
return _decimals;
}
}
contract Bundles is ReentrancyGuard {
uint256 public bundleId = 1;
address public owner;
/* Bundle Token Address */
TokenMintERC20Token public bundle_address;
/* Variable to store the fee collected */
uint256 public fee_collected;
/* Last Created Informations*/
uint256 public lastcreated;
uint256 lastbundlecreated;
struct UserBets{
uint256[10] bundles;
uint256[10] amounts;
uint256[10] prices;
bool betted;
uint256 balance;
uint256 totalbet;
bool claimed;
}
struct User{
uint256[] bundles;
string username;
uint256 balance;
uint256 freebal;
bool active;
}
struct Data{
address[] user;
}
struct Bundle{
uint256[10] prices;
uint256 startime;
uint256 stakingends;
uint256 endtime;
}
mapping(address => mapping(uint256 => UserBets)) bets;
mapping(uint256 => Bundle) bundle;
mapping(address => User) user;
mapping(uint256 => Data) data;
constructor(address _bundle_address) public{
owner = msg.sender;
bundle_address = TokenMintERC20Token(_bundle_address);
lastcreated = block.timestamp;
}
/* Registering the username to the contract */
function Register(string memory _username) public returns(bool){
User storage us = user[msg.sender];
require(us.active == false,'Existing User');
us.active = true;
us.username = _username;
return true;
}
/* For placing a prediction in the bundle. */
function PlaceBet(uint256 index,uint256 _prices,uint256 _percent,uint256 _bundleId,uint256 _amount) public returns(bool){
require(_bundleId <= bundleId,'Invalid Bundle');
require(bundle_address.allowance(msg.sender,address(this))>=_amount,'Approval failed');
Bundle storage b = bundle[_bundleId];
Data storage d = data[_bundleId];
require(b.stakingends >= block.timestamp,'Ended');
User storage us = user[msg.sender];
require(us.active == true,'Register to participate');
UserBets storage u = bets[msg.sender][_bundleId];
require(u.bundles[index] == 0,'Already Betted');
if(u.betted == false){
u.balance = bundle_address.balanceOf(msg.sender);
u.betted = true;
}
else{
require(SafeMath.add(u.totalbet,_amount) <= u.balance,'Threshold Reached');
}
us.bundles.push(_bundleId);
us.balance = SafeMath.add(us.balance,_amount);
u.bundles[index] = _percent;
u.prices[index] = _prices;
u.amounts[index] = _amount;
u.totalbet = u.totalbet + _amount;
d.user.push(msg.sender);
bundle_address.transferFrom(msg.sender,address(this),_amount);
return true;
}
/* Update user balance. Max 40% can be changed */
function updatebal(address _user,uint256 _bundleId,uint256 _reward,bool _isPositive) public returns(bool){
require(msg.sender == owner,'Not Owner');
require(_reward <= 40000000,'Invalid Reward Percent');
User storage us = user[_user];
require(us.active == true,'Invalid User');
UserBets storage u = bets[_user][_bundleId];
require(u.claimed == false,'Already Claimed');
if(_isPositive == true){
updateFee(_reward,u.totalbet);
uint256 temp = SafeMath.mul(_reward,90);
uint256 reward = SafeMath.div(temp,100);
uint256 a = SafeMath.mul(u.totalbet,reward);
uint256 b = SafeMath.div(a,10**8);
uint256 c = SafeMath.add(u.totalbet,b);
u.claimed = true;
us.freebal = SafeMath.add(c,us.freebal);
us.balance = SafeMath.sub(us.balance,u.totalbet);
}
else{
uint256 a = SafeMath.mul(u.totalbet,_reward);
uint256 b = SafeMath.div(a,10**8);
uint256 c = SafeMath.sub(u.totalbet,b);
u.claimed = true;
us.freebal = SafeMath.add(c,us.freebal);
us.balance = SafeMath.sub(us.balance,u.totalbet);
}
return true;
}
/* Update the fee incurred */
function updateFee(uint256 r,uint256 amt) internal{
uint256 temp = SafeMath.mul(r,1);
uint256 reward = SafeMath.div(temp,100);
uint256 a = SafeMath.mul(amt,reward);
uint256 b = SafeMath.div(a,10**8);
fee_collected = SafeMath.add(fee_collected,b);
}
/* Create a new bundle after 3 days */
function createBundle(uint256[10] memory _prices) public returns(bool){
require(msg.sender == owner,'Not Owner');
require( block.timestamp > lastbundlecreated + 2 days,'Cannot Create');
Bundle storage b = bundle[bundleId];
b.prices = _prices;
b.startime = block.timestamp;
lastbundlecreated = block.timestamp;
lastcreated = block.timestamp;
b.endtime = SafeMath.add(block.timestamp,2 days);
b.stakingends = SafeMath.add(block.timestamp,1 days);
bundleId = SafeMath.add(bundleId,1);
return true;
}
/* Update new owner of the contract */
function updateowner(address new_owner) public returns(bool){
require(msg.sender == owner,'Not an Owner');
owner = new_owner;
return true;
}
/* Update the timestamp of the last creted bundle. this function cannot change the bundle time. Last created variable is for display sake. */
function updatetime(uint256 _timestamp) public returns(bool){
require(msg.sender == owner,'Not an owner');
lastcreated = _timestamp;
}
/* Allows the user to withdraw his claimable balance from the contract */
function withdraw() public nonReentrant returns(bool){
User storage us = user[msg.sender];
require(us.active == true,'Invalid User');
require(us.freebal > 0,'No bal');
bundle_address.transfer(msg.sender,us.freebal);
us.freebal = 0;
return true;
}
/* Fetch the information about user. His claimable balance, fixed balance & stuff */
function fetchUser(address _user) public view returns(uint256[] memory _bundles,string memory username,uint256 claimable,uint256 staked_balance, bool active){
User storage us = user[_user];
return(us.bundles,us.username,us.freebal,us.balance,us.active);
}
/* Fetch the information of a BundleId */
function fetchBundle(uint256 _bundleId) public view returns(uint256[10] memory _prices,uint256 _start,uint256 _end,uint256 _staking_ends){
Bundle storage b = bundle[_bundleId];
return(b.prices,b.startime,b.endtime,b.stakingends);
}
/* Fetch the prediction information of each user in each bundle. Pass bundleId and User Address to get the strike price as well as the amount in 18 decimals */
function fetchUserBets(address _user, uint256 _bundleId) public view returns(uint256[10] memory _bundles,uint256[10] memory _prices,uint256[10] memory _amounts,uint256 balance,uint256 totalbet){
UserBets storage u = bets[_user][_bundleId];
return (u.bundles,u.prices,u.amounts,u.balance,u.totalbet);
}
/* Fetch all the user wallet predicted in a bundleId. Pass bundleId and will return an array of betters */
function fetchUserInBundle(uint256 _bundleId) public view returns(address[] memory _betters){
Data storage d = data[_bundleId];
return d.user;
}
/*
Only Allow the Developer to withdraw the developer fee
*/
function collectdeveloperfee() public nonReentrant returns(bool){
require(msg.sender == owner,'To Be Claimed By Developer');
bundle_address.transfer(msg.sender,fee_collected);
fee_collected = 0;
return true;
}
}
/**
*Submitted for verification at Etherscan.io on 2020-11-12
*/
// SPDX-License-Identifier: UNLICENSED
pragma solidity <=0.7.4;
contract Oracle{
uint256 public BTC;
uint256 public ETH;
uint256 public DOT;
uint256 public LINK;
uint256 public XRP;
uint256 public YFI;
uint256 public CORE;
uint256 public BNB;
uint256 public UNI;
uint256 public USDT;
address public owner;
constructor(){
owner = msg.sender;
}
function updateOwner(address new_owner) public {
require(msg.sender == owner);
owner = new_owner;
}
function updateBtc(uint256 price) public {
require(msg.sender==owner,'Cannot do this');
BTC = price;
}
function updateEth(uint256 price) public {
require(msg.sender==owner,'Cannot do this');
ETH = price;
}
function updateXrp(uint256 price) public {
require(msg.sender==owner,'Cannot do this');
XRP = price;
}
function updateDot(uint256 price) public {
require(msg.sender==owner,'Cannot do this');
DOT = price;
}
function updateLink(uint256 price) public {
require(msg.sender==owner,'Cannot do this');
LINK = price;
}
function updateYfi(uint256 price) public {
require(msg.sender==owner,'Cannot do this');
YFI = price;
}
function updateCore(uint256 price) public {
require(msg.sender==owner,'Cannot do this');
CORE = price;
}
function updateBnb(uint256 price) public {
require(msg.sender==owner,'Cannot do this');
BNB = price;
}
function updateUni(uint256 price) public {
require(msg.sender==owner,'Cannot do this');
UNI = price;
}
function updateUsdt(uint256 price) public {
require(msg.sender==owner,'Cannot do this');
USDT = price;
}
}