The Palomadex Trader Contract is a CosmWasm smart contract that facilitates cross-chain trading and liquidity operations on the Paloma network. This contract acts as a bridge between different blockchain networks, enabling token swaps, liquidity provision, and cross-chain transfers.
Contract Name: crates.io:palomadex-trader-cw
Version: 0.1.0
Author: wc117 williamchang89117@gmail.com
The contract is structured with the following key components:
- Entry Points:
instantiate,execute,query,reply,migrate - Execute Functions: Core trading and administrative functions
- Reply Handlers: Process asynchronous operation results
- State Management: Persistent storage for contract state and settings
- Owner-based authorization: All administrative functions require owner privileges
- Multi-owner support: Contract can have multiple owners for enhanced security
- Owner validation: All owner addresses are validated before storage
- Cross-chain operations: Involves external chain interactions with potential for failures
- Liquidity management: Direct manipulation of LP token balances
- Fee handling: Service and gas fee configurations affect economic security
- Nonce management: Prevents replay attacks on cross-chain operations
Purpose: Initializes the contract with initial configuration
Access: Public (contract deployment)
Security Level: Critical
Parameters:
retry_delay: u64- Delay between retry attempts for failed operationsowners: Vec<String>- List of initial contract owners
Security Considerations:
- Owner addresses are validated before storage
- Sets contract version for migration tracking
- Initial state is immutable after deployment
Example Usage:
{
"retry_delay": 3600,
"owners": ["paloma1abc...", "paloma1def..."]
}Purpose: Handles contract upgrades and migrations
Access: Public (contract admin)
Security Level: Critical
Parameters:
deps: DepsMut- Contract dependencies_env: Env- Contract environment_msg: MigrateMsg- Migration message (empty)
Security Considerations:
- Updates contract version
- Preserves existing state during migration
- No state modifications allowed
Purpose: Main entry point for all contract operations
Access: Public (authenticated users)
Security Level: High
Parameters:
deps: DepsMut- Contract dependenciesenv: Env- Contract environmentinfo: MessageInfo- Transaction informationmsg: ExecuteMsg- Operation to execute
Security Considerations:
- Routes to specific execute functions based on message type
- Each function has its own authorization checks
- Returns
Response<PalomaMsg>for cross-chain operations
Purpose: Executes token swaps through DEX routers
Access: Owners only
Security Level: High
Parameters:
dex_router: Addr- DEX router contract addressoperations: Vec<SwapOperation>- Swap operations to executeminimum_receive: Option<Uint128>- Minimum tokens to receivemax_spread: Option<Decimal>- Maximum allowed spreadfunds: Vec<Coin>- Funds to send with transactionchain_id: String- Target chain identifierrecipient: String- Recipient address on target chain
Security Considerations:
- Authorization: Requires owner privileges
- Input validation: Validates DEX router and operations
- Slippage protection: Enforces minimum receive amounts
- Cross-chain risk: Operations may fail on target chain
- Fund safety: Uses submessage with reply for atomicity
Example Usage:
{
"exchange": {
"dex_router": "paloma1router...",
"operations": [
{
"astro_swap": {
"offer_asset_info": {"native_token": {"denom": "uluna"}},
"ask_asset_info": {"native_token": {"denom": "uusdc"}}
}
}
],
"minimum_receive": "1000000",
"max_spread": "0.01",
"funds": [{"denom": "uluna", "amount": "1000000"}],
"chain_id": "ethereum",
"recipient": "0x1234..."
}
}Purpose: Adds liquidity to DEX pairs
Access: Owners only
Security Level: High
Parameters:
pair: Addr- Pair contract addresscoins: Vec<Coin>- Coins to add as liquidityslippage_tolerance: Option<Decimal>- Maximum slippage alloweddepositor: String- Address to credit LP tokens to
Security Considerations:
- Authorization: Requires owner privileges
- Pair validation: Queries pair information before execution
- LP tracking: Tracks LP token balances per depositor
- Single coin handling: Supports single coin liquidity with swap
- Slippage protection: Enforces maximum slippage tolerance
Complex Logic:
- For single coin liquidity, calculates optimal swap amount using
calculate_swap_amount - Uses mathematical formula to determine swap ratio for balanced liquidity
- Handles both XYK and stable pairs differently
Example Usage:
{
"add_liquidity": {
"pair": "paloma1pair...",
"coins": [
{"denom": "uluna", "amount": "1000000"},
{"denom": "uusdc", "amount": "1000000"}
],
"slippage_tolerance": "0.01",
"depositor": "paloma1user..."
}
}Purpose: Removes liquidity from DEX pairs
Access: Owners only
Security Level: High
Parameters:
chain_id: String- Target chain for receiving tokenspair: Addr- Pair contract addressamount: Uint128- LP tokens to burnreceiver: String- Address to receive underlying tokens
Security Considerations:
- Authorization: Requires owner privileges
- Balance validation: Checks LP token balance before removal
- Cross-chain transfer: Sends tokens to target chain
- Atomic operation: Uses submessage with reply for consistency
Example Usage:
{
"remove_liquidity": {
"chain_id": "ethereum",
"pair": "paloma1pair...",
"amount": "1000000",
"receiver": "0x1234..."
}
}Purpose: Sends tokens to EVM-compatible chains
Access: Owners only
Security Level: High
Parameters:
chain_id: String- Target EVM chain identifieramounts: Vec<String>- Token amounts to sendrecipient: String- Recipient address on target chain
Security Considerations:
- Authorization: Requires owner privileges
- Multiple transfers: Supports sending multiple amounts in single transaction
- Cross-chain risk: Relies on Paloma bridge infrastructure
- No validation: Amounts are passed as strings without validation
Example Usage:
{
"send_to_evm": {
"chain_id": "ethereum",
"amounts": ["1000000uluna", "1000000uusdc"],
"recipient": "0x1234..."
}
}Purpose: Sends tokens to external chains with nonce protection
Access: Owners only
Security Level: High
Parameters:
chain_id: String- Target chain identifiertokens: Vec<String>- Token contract addressesto: String- Recipient addressamounts: Vec<Uint128>- Token amountsnonce: Uint128- Unique transaction identifier
Security Considerations:
- Authorization: Requires owner privileges
- Nonce protection: Prevents replay attacks using timestamp tracking
- Retry delay: Enforces minimum time between retries
- Input encoding: Encodes parameters for EVM contract calls
- Job scheduling: Uses Paloma scheduler for execution
Example Usage:
{
"send_token": {
"chain_id": "ethereum",
"tokens": ["0x1234...", "0x5678..."],
"to": "0xabcd...",
"amounts": ["1000000", "2000000"],
"nonce": "12345"
}
}Purpose: Configures chain-specific settings
Access: Owners only
Security Level: Medium
Parameters:
chain_id: String- Chain identifiercompass_job_id: String- Compass job identifiermain_job_id: String- Main job identifier
Security Considerations:
- Authorization: Requires owner privileges
- Storage update: Modifies persistent chain settings
- No validation: Job IDs are not validated
Example Usage:
{
"set_chain_setting": {
"chain_id": "ethereum",
"compass_job_id": "compass_eth_001",
"main_job_id": "main_eth_001"
}
}Purpose: Sets Paloma configuration for a chain
Access: Owners only
Security Level: Medium
Parameters:
chain_id: String- Chain identifier
Security Considerations:
- Authorization: Requires owner privileges
- Contract encoding: Creates EVM contract interface
- Job execution: Schedules job on Paloma network
- No parameters: Function takes no parameters
Example Usage:
{
"set_paloma": {
"chain_id": "ethereum"
}
}Purpose: Updates refund wallet address for a chain
Access: Owners only
Security Level: Medium
Parameters:
chain_id: String- Chain identifiernew_refund_wallet: String- New refund wallet address
Security Considerations:
- Authorization: Requires owner privileges
- Address validation: Validates EVM address format
- Contract encoding: Encodes function call for EVM contract
- Job scheduling: Uses Paloma scheduler for execution
Example Usage:
{
"update_refund_wallet": {
"chain_id": "ethereum",
"new_refund_wallet": "0x1234..."
}
}Purpose: Updates gas fee configuration for a chain
Access: Owners only
Security Level: Medium
Parameters:
chain_id: String- Chain identifiernew_gas_fee: Uint256- New gas fee amount
Security Considerations:
- Authorization: Requires owner privileges
- Fee validation: No validation of fee amount
- Contract encoding: Encodes uint256 parameter for EVM
- Job scheduling: Uses Paloma scheduler for execution
Example Usage:
{
"update_gas_fee": {
"chain_id": "ethereum",
"new_gas_fee": "20000000000000000"
}
}Purpose: Updates service fee collector address
Access: Owners only
Security Level: Medium
Parameters:
chain_id: String- Chain identifiernew_service_fee_collector: String- New fee collector address
Security Considerations:
- Authorization: Requires owner privileges
- Address validation: Validates EVM address format
- Economic impact: Affects fee collection mechanism
Example Usage:
{
"update_service_fee_collector": {
"chain_id": "ethereum",
"new_service_fee_collector": "0x1234..."
}
}Purpose: Updates service fee amount
Access: Owners only
Security Level: Medium
Parameters:
chain_id: String- Chain identifiernew_service_fee: Uint256- New service fee amount
Security Considerations:
- Authorization: Requires owner privileges
- Fee validation: No validation of fee amount
- Economic impact: Directly affects user costs
Example Usage:
{
"update_service_fee": {
"chain_id": "ethereum",
"new_service_fee": "1000000000000000"
}
}Purpose: Updates contract configuration
Access: Owners only
Security Level: Medium
Parameters:
retry_delay: Option<u64>- New retry delay (optional)
Security Considerations:
- Authorization: Requires owner privileges
- State modification: Updates persistent contract state
- Timing impact: Affects retry behavior for failed operations
Example Usage:
{
"update_config": {
"retry_delay": 7200
}
}Purpose: Adds new contract owners
Access: Existing owners only
Security Level: Critical
Parameters:
owners: Vec<String>- New owner addresses to add
Security Considerations:
- Authorization: Requires existing owner privileges
- Address validation: Validates all new owner addresses
- Duplicate prevention: Checks for existing owners before adding
- Privilege escalation: Grants full administrative access
Example Usage:
{
"add_owner": {
"owners": ["paloma1newowner..."]
}
}Purpose: Removes contract owners
Access: Existing owners only
Security Level: Critical
Parameters:
owner: String- Owner address to remove
Security Considerations:
- Authorization: Requires existing owner privileges
- Address validation: Validates owner address
- Existence check: Ensures owner exists before removal
- Privilege reduction: Removes administrative access
Example Usage:
{
"remove_owner": {
"owner": "paloma1oldowner..."
}
}Purpose: Cancels pending cross-chain transactions
Access: Owners only
Security Level: Medium
Parameters:
transaction_id: u64- Transaction ID to cancel
Security Considerations:
- Authorization: Requires owner privileges
- Transaction tracking: Relies on external transaction tracking
- No validation: Does not verify transaction existence
Example Usage:
{
"cancel_tx": {
"transaction_id": 12345
}
}Purpose: Handles all contract queries
Access: Public
Security Level: Low
Parameters:
deps: Deps- Contract dependencies_env: Env- Contract environmentmsg: QueryMsg- Query message
Available Queries:
State- Returns contract stateChainSetting- Returns chain-specific settingsLpQuery- Returns LP token balance for user
Example Usage:
{
"state": {}
}Purpose: Handles asynchronous operation results
Access: Internal (contract only)
Security Level: High
Parameters:
deps: DepsMut- Contract dependenciesenv: Env- Contract environmentmsg: Reply- Reply message with operation result
Reply Types:
REMOVE_LIQUIDITY_REPLY_ID- Handles liquidity removal resultsEXECUTE_REPLY_ID- Handles swap execution resultsADD_LIQUIDITY_REPLY_ID- Handles liquidity addition resultsEXECUTE_FOR_SINGLE_LIQUIDITY_REPLY_ID- Handles single coin liquidity results
Purpose: Processes liquidity removal results
Access: Internal
Security Level: High
Security Considerations:
- Balance calculation: Calculates actual received amounts
- Cross-chain transfer: Sends tokens to target chain
- Atomic operation: Ensures consistency of state changes
Purpose: Processes swap execution results
Access: Internal
Security Level: High
Security Considerations:
- Balance verification: Ensures sufficient output tokens
- Cross-chain transfer: Sends swapped tokens to recipient
- Amount calculation: Calculates actual received amount
Purpose: Processes liquidity addition results
Access: Internal
Security Level: High
Security Considerations:
- LP tracking: Updates LP token balances for depositor
- Balance calculation: Calculates actual LP tokens received
- State consistency: Ensures accurate balance tracking
Purpose: Processes single coin liquidity with swap results
Access: Internal
Security Level: High
Security Considerations:
- Swap verification: Ensures swap produced sufficient output
- Liquidity provision: Continues with liquidity addition
- Complex flow: Handles multi-step operation
Purpose: Calculates optimal swap amount for single coin liquidity
Access: Internal
Security Level: Medium
Parameters:
input_amount: Uint128- Input token amountreserve_in: Uint128- Reserve of input tokenfee_bps: u16- Fee in basis points
Security Considerations:
- Mathematical precision: Uses Decimal256 for calculations
- Fee consideration: Accounts for trading fees
- No overflow protection: Relies on Uint128 arithmetic
pub struct State {
pub owners: Vec<Addr>, // Contract owners
pub retry_delay: u64, // Retry delay for failed operations
}pub struct ChainSetting {
pub compass_job_id: String, // Compass job identifier
pub main_job_id: String, // Main job identifier
}STATE: Item<State>- Contract stateCHAIN_SETTINGS: Map<String, ChainSetting>- Chain-specific settingsLP_BALANCES: Map<(String, String), Uint128>- LP token balances per userMESSAGE_TIMESTAMP: Map<(String, String), Timestamp>- Message timestamps for nonce protection
Unauthorized- Access deniedPending- Operation is pending (nonce protection)UnknownReply- Invalid reply receivedUnsupportedCw20- CW20 tokens not supportedInsufficientLiquidity- Insufficient LP tokens
- Owner Privileges: All administrative functions require owner access - ensure secure key management
- Cross-chain Risk: Operations may fail on target chains - implement proper error handling
- Liquidity Management: Direct LP token manipulation - verify balance calculations
- Fee Configuration: Service and gas fees affect economics - validate fee amounts
- Input Validation: Some functions lack input validation - add parameter checks
- Error Handling: Limited error handling for external calls - improve error recovery
- State Consistency: Complex state updates - ensure atomicity
- Documentation: Some functions lack detailed documentation - improve code comments
- Testing: Complex logic requires comprehensive testing - add unit and integration tests
- Unit Tests: Test each function with various input parameters
- Integration Tests: Test cross-chain operations end-to-end
- Security Tests: Test access control and authorization
- Edge Cases: Test boundary conditions and error scenarios
- Gas Optimization: Test gas usage for all operations
- Initial Configuration: Set appropriate retry delays and owner addresses
- Chain Settings: Configure job IDs for all supported chains
- Fee Configuration: Set reasonable service and gas fees
- Monitoring: Implement monitoring for cross-chain operations
- Upgrade Path: Plan for contract upgrades and migrations