No deposit fee

[cryptofish7]

In this PR I add feature to sJOE that exempts EOAs holding a Smol Joe from paying the deposit fee.

[0x0Louis]

Small nits.
Please add a non zero check at L168 and L169 so it stops spamming the multi sig with transfer(0). (it will also decrease gas cost)

[0x0Louis]

This will revert on initialize, use any ERC20 contract as they also define balanceOf function or use a proper mock NFT contract

[0x0Louis]

This will revert on smolJoes being address 0, (this will be the case during upgrade)

[cryptofish7]

I check that it's not address(0) when I initialize it though?

[jummy123]

I believe is talking about the case between when the contract is upgraded and the initializeSmalJoes function is called (which may be a very small amount of time). You could do this in a backwards compatible way by changing this to
if (address(smolJoes) != address(0) && smolJoes.balanceOf(_msgSender()) == 0 || _msgSender() != tx.origin) this works due to the short circuiting behaviour of && and ||

[0x0Louis]

Add a setter for smolJoe's address as we can't use initialize during an upgrade as the contract has already been initialized.

[0x0Louis]

For safety reasons, don't forget to initialize the implementation even if it's useless for transparent proxies.

[cryptofish7]

Small nits. Please add a non zero check at L168 and L169 so it stops spamming the multi sig with transfer(0). (it will also decrease gas cost)

What do you mean by this?

[0x0Louis]

I mean to add a:

if (amount > 0) token.safeTransferFrom(msg.sender, to, amount);

at L168 and 169 for the 2 different transfers

[0x0Louis]

initialize should still set smolJoes' address.
One easy way could be to make initializeSmolJoes public and use it here as well

[0x0Louis]

Add a comment explaining that this function was added to be able to set smolJoe during an upgrade, as the contract was already initialized

[0x0Louis]

This should still call initialize, the initializeSmolJoes is only for an upgrade, and we need to call it by the multisig

[jummy123]

You shouldn't change this block (init) as it won't get called on upgrade anyway (plus it could have unintended consequences for the unit tests if they use these deployment scripts for fixture generation). If you want to use hardhat-deploy to set the address you can add an onUpgrade block

    init: {...unchanged...},
    onUpgrade: {
        methodName: "initializeSmolJoes",
        args: [smolJoes],
    }

To do this however you will need to make the initializeSmolJoes function idempotent (not reverting if smolJoes variable is non 0) as it will be called every time the function gets upgraded.

[0x0Louis]

That's very cool, I didn't know. Thanks for sharing that!
The new Initializable (https://github.com/OpenZeppelin/openzeppelin-contracts/blob/master/contracts/proxy/utils/Initializable.sol) from OZ makes a lot of sense for an upgrade as you could use the re-initializer.

[cryptofish7]

When I run this locally and try to upgrade the implementation after making a modification to StableJoeStaking, it reverts without any reason:

 Compilation finished successfully
Creating Typechain artifacts in directory types for target ethers-v5
Successfully generated Typechain artifacts!
reusing "DefaultProxyAdmin" at 0x9fE46736679d2D9a65F0992F2272dE9f3c7fa6e0
deploying "StableJoeStaking_Implementation" (tx: 0x44ad6abb7bc903b949f19176000973c787c83e1b16f92ebbca42e6a9cec86934)...: deployed at 0x0165878A594ca255338adfa4d48449f69242Eb8F with 3619599 gas
An unexpected error occurred:

Error: ERROR processing /Users/cryptofish/workspace/joe-core/deploy/StableJoeStaking.js:
ProviderError: Error: Transaction reverted without a reason string

The deploy code looks like this:

    const sJoe = await deploy("StableJoeStaking", {
      from: deployer,
      proxy: {
        owner: deployer, // change from proxyOwner so there are no ownership issues on upgrading
        proxyContract: "OpenZeppelinTransparentProxy",
        execute: {
          init: {
            methodName: "initialize",
            args: [
              rewardToken,
              joeAddress,
              feeCollector,
              depositFeePercent,
              smolJoes,
            ],
          },
          onUpgrade: {
            methodName: "initializeSmolJoes",
            args: [smolJoes],
          },
        },
      },
      log: true,
    });

I'm a little unclear on how onUpgrade is supposed to work. I've tried asking round but no luck so if you have any suggestions that would be mega welcome!

[jummy123]

So it looks like this is failing because of the onlyOwner modifier on initializeSmolJoes. This is because hardhat-deploy will use upgradeToAndCall function on the ProxyAdmin contract which performs the upgrade and then calls initializeSmolJoes. As the ProxyAdmin address isn't the owner of the StableJoeStaking contract this fails. I confirmed this by calling transferOwnership with the ProxyAdmin address on StableJoeStaking and then performing the upgrade, in this case the initializeSmolJoes function didn't revert as msg.sender was the owner (The proxy admin address). This makes sense as the upgradeToAndCall function should be atomic (the upgrade and function call should succeed or the tx should rollback).

AFAICT there is two options here:

1. Change the ownership of StableJoeStaking to the ProxyAdmin contract.
2. Not use atomic upgrade and call the initializeSmolJoes function after the contract has been upgraded, this option is probably fine as the smolJoes address isn't needed for the contract to function.

One possible solution could involve this onlyAdmin modifier but haven't looked into it enough to say for sure.

[cryptofish7]

Thanks for spotting that. Regarding the two options - option 1 is a pain since several other functions are onlyOwner so you'll need to transfer ownership of StableJoeStaking back to the multisig.

Can't put initializeSmolJoes under the initializer modifier either. If only we could use reinitializer in the latest OZ Initializable, but it's v8 so not compatible.

Anyways, gone with option 2 here and turned initializeSmolJoes to setSmolJoes.

[0x0Louis]

Option 1 would be a big mistake: Transparent Proxies don't allow the owner of the proxy to call any function of the implementation. So if the ownership is transferred, you couldn't call any onlyOwner function, nor transfer the ownership again.

[jummy123]

Is there a reason you only allow setting this value once? From a purely pragmatic point of view if there is some mistake in the smolJoes address the contract will be permanently broken and you won't be able to call it again with the correct address.

[0x0Louis]

That's not wrong, but as it's a proxy nothing is permanent in any case.

[0x0Louis]

Wrong parenthesis, if smolJoe is not set EOAs wouldn't pay any fees, change to:
if (address(smolJoes) != 0 && (smolJoes.balanceOf(_msgSender()) == 0 || _msgSender() != tx.origin)) {

[0x0Louis]

Typo address(0)3

[0x0Louis]

If it's newly deployed then this is not necessary, as it would set it with initialize

[cryptofish7]

On the upgrade though, it will be "newly deployed" but it won't call initialize.

[0x0Louis]

Oh indeed, my bad I thought it was setting it on the implementation again

[jummy123]

NIT: Mark this variable explicitly as public (default if not specified) to match the style of other variables.

[jummy123]

Tests are failing as you are comparing address with int. 0 needs to be cast to address address(0) (I also think I made the same error when proposing the code snippet)

[jummy123]

I think there is a potential for a problem here if you deploy this update and don't set the smolJoe variable immediately, as && short circuits nobody would pay any fee on deposit until smolJoe address was set. It looks like this will be covered by the deployment script but still worth being aware.

[jummy123]

I think the following fixes the above problem.

if (!(address(smolJoes) != address(0) && smolJoes.balanceOf(_msgSender()) > 0 && _msgSender() == tx.origin)) {
     _fee = _amount.mul(depositFeePercent).div(DEPOSIT_FEE_PERCENT_PRECISION);
}

[jummy123]

There doesn't look to be a bug there but for fuller test coverage you should also deposit via the vault before transferring the ERC721 to it.