Quickly spin up a DAO smart contract where you choose the initial group of members.
Quickly initiate a DAO by sending an array of address in the constructor of this contract on deploy. DAO proposals can be created by anyone, but only voted on by members. Members can create proposals to add or kick members. Members cannot withdraw their deposited funds once they are deposited. All deposited funds will be used for the good of the DAO.
Public Goods... This type of DAO can be used by sports teams to pay for field time, equipment, travel, etc. Another use case is for public contruction or maintenance projects. A neighborhood/ town/ governoment can deposit a bunch of funds which can be democratically voted on and invoices can be submitted by the contractors.
A re-entrancy proxy contract has been created to verify the security of the PowDAO contract withdraw function. This contract can be found in packages/hardhat/contracts
. To mimic a re-entrancy attack, uncomment the file in the deploy script packages\hardhat\deploy\00_deploy_your_contract.js
and uncomment the 2 function calls in the contract itself ('powdao.getPayoutUnsafe(address(this));'). On deploy, this 'attacking' smart contract will create a proposal and if the proposal is approved by DAO members the proposer can withdraw the funds. To create a re-entrancy attack when you are withdrawing your funds, use the 'getPayoutUnsafe' function versus 'getPayout' which does not have the re-entrancy vulnerability.
Re-entrancy is caused by repeatedly calling the a fallback function in the proxy contracts receive function. This will create a loop which will be executed until it runs out of gas making repeated function calls. Try for yourself!
Prerequisites: Node plus Yarn and Git
clone/fork ๐ scaffold-eth:
git clone https://github.com/amitchaudhari9121/dao-proposal-basic
cd dao-proposal-basic
install and start your ๐ทโ Hardhat chain:
cd dao-proposal-basic
yarn install
yarn chain
in a second terminal window, start your ๐ฑ frontend:
cd dao-proposal-basic
yarn start
in a third terminal window, ๐ฐ deploy your contract:
cd dao-proposal-basic
yarn deploy
๐ Edit your smart contract PowDAO.sol
in packages/hardhat/contracts
๐ Edit your frontend App.jsx
in packages/react-app/src
๐ผ Edit your deployment scripts in packages/hardhat/deploy
๐ฑ Open http://localhost:3000 to see the app