Security checks in MoatAsset

contracts/MoatAsset.sol

@@ -1,6 +1,5 @@
-// Allow ERC20 deposits
 // withdraw the extra assets other than global balance (in case anyone donated for free) and then no need for seperate brokerage calculation
-// IMPORTANT CHECK - how the balance of tokens with less than 18 decimals are stored. Factor it.
+// IMPORTANT CHECK - decimals() - how the balance of tokens with less than 18 decimals are stored. Factor it.
 // update the balance along with "transferAssets" functions and also check the for onlyAllowedResolver
 
 pragma solidity ^0.4.24;
@@ -50,6 +49,7 @@ contract AssetDB is Registry {
 
     // AssetOwner >> TokenAddress >> Balance (as per respective decimals)
     mapping(address => mapping(address => uint)) balances;
+    // mapping(address => uint) globalBalance;
     address eth = 0xeeeeeeeeeeeeeeeeeeeeeeeeeeeeeeeeeeeeeeee;
 
     function getBalance(
@@ -63,43 +63,49 @@ contract AssetDB is Registry {
     function deposit(address tknAddr, uint amount) public payable {
         if (msg.value > 0) {
             balances[msg.sender][eth] += msg.value;
+            // globalBalance[eth] += msg.value;
         } else {
             token tokenFunctions = token(tknAddr);
             tokenFunctions.transferFrom(msg.sender, address(this), amount);
-            balances[msg.sender][eth] += msg.value;
+            balances[msg.sender][tknAddr] += amount;
+            // globalBalance[tknAddr] += amount;
         }
     }
 
-    function withdraw(address addr, uint amt) public {
-        require(balances[msg.sender][addr] >= amt, "Insufficient Balance");
-        balances[msg.sender][addr] -= amt;
-        if (addr == eth) {
-            msg.sender.transfer(amt);
+    function withdraw(address tknAddr, uint amount) public {
+        require(balances[msg.sender][tknAddr] >= amount, "Insufficient Balance");
+        balances[msg.sender][tknAddr] -= amount;
+        // globalBalance[tknAddr] -= amount;
+        if (tknAddr == eth) {
+            msg.sender.transfer(amount);
         } else {
-            token tokenFunctions = token(addr);
-            tokenFunctions.transfer(msg.sender, amt);
+            token tokenFunctions = token(tknAddr);
+            tokenFunctions.transfer(msg.sender, amount);
         }
     }
 
     function updateBalance(
         address tokenAddr,
-        uint amt,
+        uint amount,
         bool add,
         address user
     ) public onlyAllowedResolver(user)
     {
         if (add) {
-            balances[user][tokenAddr] += amt;
+            balances[user][tokenAddr] += amount;
+            // globalBalance[tokenAddr] += amount;
         } else {
-            balances[user][tokenAddr] -= amt;
+            balances[user][tokenAddr] -= amount;
+            // globalBalance[tokenAddr] -= amount;
         }
     }
 
-    function transferAssets(
+    function moveAssets(
         address tokenAddress,
         uint amount,
-        address sendTo
-    ) public onlyAllowedResolver 
+        address sendTo,
+        address user
+    ) public onlyAllowedResolver(user)
     {
         if (tokenAddress == eth) {
             sendTo.transfer(amount);
@@ -107,6 +113,8 @@ contract AssetDB is Registry {
             token tokenFunctions = token(tokenAddress);
             tokenFunctions.transfer(sendTo, amount);
         }
+        balances[user][tokenAddress] -= amount;
+        // globalBalance[tokenAddress] -= amount;
     }
 
 }
@@ -118,9 +126,6 @@ contract MoatAsset is AssetDB {
         registryAddress = rAddr;
     }
 
-    // emit an event atleast
-    function () public payable {
-        deposit(eth);
-    }
+    function () public payable {}
 
 }

contracts/MoatResolver.sol

@@ -1,121 +1,4 @@
 // Global Freeze Variable
 // no more than 10 ETH allowed as of now
 // withdraw store the 0.5% on the contract itself and can be withdrawn by admin addresses
-
-pragma solidity ^0.4.24;
-
-interface token {
-    function approve(address spender, uint256 value) external returns (bool);
-    function transfer(address receiver, uint amount) external returns (bool);
-    function balanceOf(address who) external returns(uint256);
-}
-
-interface AddressRegistry {
-    function getAddr(string AddrName) external returns(address);
-}
-
-
-contract Registry {
-    address public RegistryAddress;
-    modifier onlyAdmin() {
-        require(
-            msg.sender == getAddress("admin"),
-            "Permission Denied"
-        );
-        _;
-    }
-    function getAddress(string AddressName) internal view returns(address) {
-        AddressRegistry aRegistry = AddressRegistry(RegistryAddress);
-        address realAddress = aRegistry.getAddr(AddressName);
-        require(realAddress != address(0), "Invalid Address");
-        return realAddress;
-    }
-}
-
-interface Kyber {
-    function trade(
-        address src,
-        uint srcAmount,
-        address dest,
-        address destAddress,
-        uint maxDestAmount,
-        uint minConversionRate,
-        address walletId
-    ) external payable returns (uint);
-}
-
-interface MoatAsset {
-    function getBalance(address AssetHolder, address Token) external view returns (uint256 balance);
-    function TransferAssets(address tokenAddress, uint amount, address sendTo) external;
-    function UpdateBalance(address tokenAddr, uint amt, bool add, address target) external;
-}
-
-contract KyberTrade is Registry {
-
-    event eKyber(address src, address dest, uint weiAmt, uint srcAmt);
-    function ExecuteTrade(
-        uint weiAmt,
-        address src,
-        address dest,
-        uint srcAmt,
-        uint slipRate
-    ) public {
-        MoatAsset MAFunctions = MoatAsset(getAddress("asset"));
-
-        // Balance check
-        uint UserBalance = MAFunctions.getBalance(msg.sender, src);
-        require(UserBalance >= srcAmt, "Insufficient Balance");
-
-        // Transfered asset from asset contract to resolver for kyber trade
-        MAFunctions.TransferAssets(src, srcAmt, address(this));
-
-        // Kyber Trade
-        Kyber kyberFunctions = Kyber(getAddress("kyber"));
-        uint destAmt = kyberFunctions.trade.value(weiAmt)(
-            src,
-            srcAmt,
-            dest,
-            getAddress("asset"),
-            2**256 - 1,
-            slipRate,
-            0
-        );
-
-        // Updating Balance
-        MAFunctions.UpdateBalance(src, srcAmt, false, msg.sender);
-        MAFunctions.UpdateBalance(dest, destAmt, true, msg.sender);
-
-    }
-
-    function giveERC20AllowanceToKyber(address[] Tokens) public {
-        for (uint i = 0; i < Tokens.length; i++) {
-            token tokenFunctions = token(Tokens[i]);
-            tokenFunctions.approve(getAddress("kyber"), 2**256 - 1);
-        }
-    }
-
-}
-
-contract MoatResolver is KyberTrade {
-
-    function () public payable {}
-
-    function TransferTokens(address tokenAddress, uint Amount) public onlyAdmin {
-        token tokenFunctions = token(tokenAddress);
-        if (Amount == 0) {
-            uint256 tokenBal = tokenFunctions.balanceOf(address(this));
-        } else {
-            tokenBal = Amount;
-        }
-        tokenFunctions.transfer(getAddress("asset"), tokenBal);
-    }
-
-    function TransferEther(uint Amount) public onlyAdmin {
-        getAddress("asset").transfer(Amount);
-    }
-
-    constructor(address rAddr) public {
-        RegistryAddress = rAddr;
-    }
-
-}
+// https://bitbucket.org/Sowmay/resolver-dex/src/master/contracts/MoatResolver.sol

contracts/protocols/MoatMaker.sol

@@ -1,7 +1,7 @@
 // get back the ownership of CDP
 // mechanism to transfer an existing CDP (2 txn process)
 // factor the WETH to PETH conversion rate - https://chat.makerdao.com/direct/Sean
-// run an event after changing the CDP ownership
+// run an event after eveything which change the DApp info like changing the CDP ownership
 // implement repay loan function
 
 pragma solidity 0.4.24;