With devconnect just around the corner, we would like to present another bug bounty opportunity.
Inspired by the original Gnosis Multisig Wallet, we have written a very simple DAO contract in Fe. It can be understood as a weighted multisig wallet where the execution of transactions is determined by a group of members and their voting power measured in governance tokens. To fully understand the concept we recommend to check out the README and the source code.
Unfortunately, Etherscan doesn't yet support source code verification for contracts written in Fe but we can verify the contracts ourselves with the latest release of Fe 0.26.0.
Here are the steps to do that:
Install the latest version of Fe (0.26.0) by following the installation instructions
Clone the SimpleDAO repository
SimpleDAOBountyDeploymenttag to ensure to test the exact same version of the contracts that are deployed on mainnet
fe verify 0xf0adbb9ed4135d1509ad039505bada942d18755f https://eth.public-rpc.com
The output should look like this:
It's a match!✨ Onchain contract: Address: 0xf0adbb9ed4135d1509ad039505bada942d18755f Bytecode: 0x60008..76b90 Local contract: Contract name: SimpleDAO Source file: /path/on/your/machine/to/simple_dao/fe_contracts/simpledao/src/main.fe Bytecode: 0x60008..76b90`
Feel free to repeat step 5 with the address of the governance contract.
We invite everyone to try to hack the DAO and steal any money that is under the control of the DAO. We are also thinking about adding certain conditions (e.g. DAO balance drained to 0 ETH) to our existing bug bounty platform so that a successful hack of the DAO would be additionally be rewarded with the jackpot of the bountiful platform. For now, you can take our word for it that if you manage to hack the DAO, you'll be manually rewarded with another 3 ETH paid by us.