Skip to content

Instantly share code, notes, and snippets.

View DanielVF's full-sized avatar

Daniel Von Fange DanielVF

View GitHub Profile
@DanielVF
DanielVF / amm_strat_report.ipynb
Created September 11, 2023 13:50
Balancer Reth Eth
Loading
Sorry, something went wrong. Reload?
Sorry, we cannot display this file.
Sorry, this file is invalid so it cannot be displayed.
@DanielVF
DanielVF / amo_balancing.ipynb
Last active September 7, 2023 12:34
AMO Balancing Fork Tests
Loading
Sorry, something went wrong. Reload?
Sorry, we cannot display this file.
Sorry, this file is invalid so it cannot be displayed.
@DanielVF
DanielVF / Current Curve Earnings .ipynb
Created August 9, 2023 18:38
Get ETH Earned from Curve Rewards
Loading
Sorry, something went wrong. Reload?
Sorry, we cannot display this file.
Sorry, this file is invalid so it cannot be displayed.
@DanielVF
DanielVF / compare_live.fish
Created June 27, 2023 14:03
Compare deployed contracts to version in local repo
#!/opt/homebrew/bin/fish
# Usage:
# ./compare_live.fish CONTRACT_ADDRESS
# Config
set SRC_DIR /PATH/TO/REPO/CONTRACTS
set OZ_DIR $SRC_DIR/node_modules
# Download
@DanielVF
DanielVF / external_security_partners.md
Created May 24, 2023 15:58
External Security Partners

External partners & security tooling

Here's my opinionated philopshy on external audits and security providers. This is very specific to our current position - it's not the approach for every project.

1. Internal expertise

We should never rely on external partners for our security. External partners provide additional checks, but if they find a critical, we aren't doing our job as we should be. If we miss something real and anyone downstream catches it, we should prioritize adjusting our processes to ensure that that category of issue is caught internally, every time in the future.

Some parts of the code matter more than others. We have a contract architecture that means that big pieces of our system of contracts can't lose user funds from a bug, and thus have lower security requirements. Other parts have well known interfaces which mean as long as that one or two guarantees hold, the rest can do minimal damage.

@DanielVF
DanielVF / VaultCore.sol
Last active May 15, 2023 13:26
VaultCore Upgrade
// SPDX-License-Identifier: MIT
pragma solidity ^0.8.0;
/**
* @title OUSD Vault Contract
* @notice The Vault contract stores assets. On a deposit, OUSD will be minted
and sent to the depositor. On a withdrawal, OUSD will be burned and
assets will be sent to the withdrawer. The Vault accepts deposits of
interest from yield bearing strategies which will modify the supply
of OUSD.
@DanielVF
DanielVF / README.md
Created March 20, 2023 13:53
Visualize Code Changes

This vis code is not generalized - you will need to change it to extra the code you want.

Get changes:

git log --pretty=format:%H --reverse NAMEOFBRANCH -- contracts/vault/VaultCore.sol | xargs -n 1 -I {} git show {}:contracts/contracts/vault/VaultCore.sol | grep -A 150 'function NAME_OF_FUNCTION' >versions.txt
python animate.py
@DanielVF
DanielVF / erc20.sol
Last active February 7, 2023 21:25
Event Only Cursed ERC20
pragma solidity >=0.8.17;
// Cursed ERC20 that does everything in events.
// by @danielvf, based solmate by @transmissions11
abstract contract ERC20 {
event Transfer(address indexed from, address indexed to, uint256 amount);
event Approval(address indexed owner, address indexed spender, uint256 amount);
string public name;
@DanielVF
DanielVF / curve_withdraw_math.ipynb
Created December 12, 2022 15:16
Single sided curve withdraw notebook
Loading
Sorry, something went wrong. Reload?
Sorry, we cannot display this file.
Sorry, this file is invalid so it cannot be displayed.
@DanielVF
DanielVF / GptBugReport.md
Last active December 19, 2022 01:30
Transcript, bad AI generated smart contract vulnerabilities.