keydonix / liquid-long Goto Github PK

Hello @epheph , @MicahZoltu

When I open application https://asnov.github.io/finapp/ I can see an error in the console:

=== openPosition ERR Error: underflow (operation="setValue", fault="underflow", value=2.65, outputValue=2, version=4.0.3)

It runs this.liquidLong.openPosition(2, 1, 100, 2.65).

This happens when the application starts so you don't need to do anything. I call openPosition() with fixed parameters unconditionally while starting for tests.
You could see the same error if you choose real values in the application and press "Confirm transaction". For example, 1.5, 1, 0.65 as multiplier, quantity and Exchange Cost correspondingly will call this.liquidLong.openPosition(1.5, 1, 0, 0.65) and give:

Error: underflow (operation="setValue", fault="underflow", value=0.65, outputValue=0, version=4.0.3)

The source is here: https://github.com/Keydonix/liquid-long/blob/master/client-library/library/source/liquid-long.ts#L93
feeLimitInEth is a fractional number but bigNumberify() needs integer.
And I think that leverageSizeInEth and costLimitInEth could be fractional as well.

ES2015 is now available in all browsers. The JavaScript library should, ideally, publish an ES2015 module version and reference it in in package.json in the module property (a peer to main property). The hard part here is that the testing infrastructure is run in NodeJS, which doesn't support module tag yet from what I can tell. This means we would need to rebuild the testing infrastructure to execute in a browser, or fallback to testing the code directly rather than testing the module as a whole (means increased chance of build breaking something).

Create a tutorial (with images) that walks the user through using the dapp with MEW + ABI.

While doing this, we should set the Geth Clique period to 0 and we should set the minGasPrice for both to 0 for local transactions at least.

Note: Parity will accept 0 gas price transactions from scripts but not from MetaMask, no idea why, but we should make sure MM transactions work.

Write a simple answer as to why the UI is so primitive, commenting on plans for future better UI and offering easy-to-audit code initially.

index.html references index.js using a script tag with an integrity hash. You can generate this hash from index.js via cd client && cat index.js | openssl dgst -sha384 -binary | openssl enc -base64 -A from the client subdirectory.

We want this integrity hash committed to GitHub, so CI should check to make sure any Pull Request has the correct integrity hash in index.html. It may also be valuable to create a simple script (bash or node) that generates the integrity hash and injects it, so developers don't need to remember the command to run and CI can just tell them, "run this script and update your PR".

Change the affiliate fee in the contracts to be 50% of the service fee.

Note: if we remove the affiliate fee variable, it'll require a library update which requires deployment/upgrade coordination. It may be simpler to just leave the affiliate fee variable in for now so we don't have an ABI change.

At the moment errors just go to the console via console.log(error). We should create an error handler that surfaces errors to the user in a way that makes it easy for them to report to us. This may involve a service endpoint that users can voluntarily submit the error to, along with presentation of the error in the UI (e.g., Toast dialog). We may also want to consider building a custom Error object so all of our errors come with a friendly message as well as a developer message.

Create a FAQ/Knowledgebase site. https://helpsite.io/ is probably a good/easy/free place to start.

If the "low" estimate is very low, the high estimate is only double that, leaving a situation where you have a low of 0.001 and a high of 0.002. Make the max some other value if 2*low ends up being too small. I recommend:

max(
  2*low,
  _wethBought * .05
)

Allow purchase price of eth to be 5% over feed price.

Create a smart contract that lets a user open a leveraged CDP.

1. Function for opening a CDP, is payable, takes in leverage target as parameter.
2. Function to get estimated fees/costs for a CDP of a given size.

On calling primary function with ETH:

1. Our fees are deducted from the supplied ETH.
2. Create CDP.
3. Get cost of DAI from OasisDEX and calculate leverage numbers from it.
4. Transfer remaining ETH plus enough to reach leverage target into CDP.
5. Draw DAI such that leverage target is achieved.
6. Buy ETH with DAI off OasisDEX.
7. Transfer CDP to msg.sender

Create a set of contracts that allow the user to close a leveraged CDP in a single transaction.

1. Function to update the current CDP owner in ownership registry inside contract.
2. Function to trigger closing the CDP.

Closing CDP function:

1. Get the previous owner from registry.
2. Buy DAI on OasisDEX using ETH stored in smart contract.
3. Use DAI to pay down CDP debt.
4. Calculate our fee.
5. Send ETH to previous CDP owner, minus the ETH spent on DAI and fee and governance fee.

The gas limit being used in metamask is extremely close to the gasUsed for the transaction. So close that the optimization in Maker's drip() causes an issue due to conditional execution. Implement something like:

Estimate gas + 30%
No less than 250K, no more than 5M
If estimate >5M, error/warn user

Create a tutorial (with images) that walks the user through the process of using the dapp with Parity's contract browser via ABI.

• Semicolon after an operator makes code more readable - so the other developer should not think whether the operator will continue on the next line or not.
• Also it is default TSLint rule.
• Semicolons avoids ambiguity;
• It reduces the probability of having unexpected errors;
• For people came from C# and PHP background the code looks way more readable with semicolons than without them;
• In JavaScript the semicolon allows the developer to signify the end of a statement. This is very useful when it comes to minimising code. Without using semicolons you rely on JavaScript to figure it out for you. Often it will do a good job but not in 100% of cases. This is why it is always best to use semicolons.
• People using semicolons don’t need to think if it’s ok they’re using it or not, people who don’t do.
• Better explicit than implicit right?

Create a Docker Images that contains Geth/Parity running Proof of Authority (Clique) or InstantSeal Ethereum network with a developer key that has all of the ETH and the Maker contracts are all deployed and configured on the network.

Mockup: https://app.moqups.com/micah.zoltu/ntncycUCE3/view

• Should be easy to audit, meaning no/minimal dependencies.
• Should be easy to audit, meaning no generated JS.
• Should be easy to deploy, single HTML file with embedded CSS, images and JS.
• Must be able to query on-chain contracts for data.
• Must be able to construct a transaction for submission.
• Must be able to see when a transaction has been mined (so we can link user to their new CDP).
• Must work with Web3 enabled browser (MetaMask/Parity/Geth).

Our build process should pin all dependencies to hashes if possible so our build process can't be attacked.

• Base docker images.
• Ubuntu dependencies via apt-get.
• Git repositories.
• NPM dependencies.

Make it so our dapp shows up in Mist's dapp browser.

Rather than using tooltips (which don't work on mobile) for details about the fields, include a little 🛈 or similar that when clicked causes some informational box to appear or be filled with details. Perhaps a slide-out box below the table row with the tooltip data?

Tooltips right now are very basic and not particularly great. They also don't work properly on mobile. The tooltips should wrap to multi-line when necessary, and properly position themselves so they are always fully visible.

Would be cool if this was part of our deployment infrastructure such that on deploy to any public network that Etherscan supports, the Etherscan API was used to upload the contract source code.

Figure out what our integration testing strategy looks like in terms of language, frameworks, tools, etc. Consider copying the pattern used in Augur's integration test suite at https://github.com/AugurProject/augur-core/blob/master/source/tests-integration/TestFixture.ts or consider using something like Gnache/Truffle (if appropriate).

• Test language
• Test framework
• Decide whether to mock Maker contracts or use real thing
• Decide whether to unit test as well, or just integration test
• Figure out how to test the UI JavaScript as well

Make it so our dapp shows up as a Parity app store app.

At the moment, we use onblur instead of onchange in order to avoid hammering the Ethereum node with requests every time the user enters a character. However, onblur has some undesirable side effects like it doesn't update when the user changes the value with the range buttons or when the user forgets to click out of the field.

Consider: use onclick but queue/pace requests in JavaScript to deal with hammering the node.