Update from isopen

README.md

@@ -1,5 +1,5 @@
 # Telemint
-This is the smart contract that Telegram intends to use in order to put some of its best usernames up for auction. The blockchain network for this smart contract is The Open Network (https://ton.org).
+This is the smart contract that Telegram intends to use in order to put some of its best usernames up for auction. The blockchain network for this smart contract is The Open Network (<https://ton.org>).
 
 Anyone who finds serious security vulnerabilities in this smart contract prior to the auction launch will be rewarded.
 
@@ -18,7 +18,7 @@ One may also look at the [tlb decription](telemint.tlb) of internal messages and
 The first bidder receives a signed query from the server and sends it to NftCollection with the first bid attached.
 ```
 // Create an NftItem and start an auction. Signed by auction's private key. Acts as a first bid in the auction.
-telemint_unsigned_deploy$_ subwallet_id:uint32 valid_since:uint32 valid_till:uint32 token_name:TelemintText
+telemint_unsigned_deploy$_ subwallet_id:uint64 valid_since:uint32 valid_till:uint32 token_name:TelemintText
   content:^Cell auction_config:^TeleitemAuctionConfig royalty_params:(Maybe ^NftRoyaltyParams) = TelemintUnsignedDeploy;
 telemint_msg_deploy#4637289a  sig:bits512 msg:TelemintUnsignedDeploy = TelemintMsg;
 ```
@@ -46,7 +46,7 @@ The owner of an NftItem may start a new auction.
 // Start new auction. Accepted only from the owner.
 teleitem_msg_start_auction#487a8e81 query_id:int64 auction_config:^TeleitemAuctionConfig = TeleitemMsg;
 
-// Cancel auction auction. Accepted only from the owner. Forbidden if there are some active bids
+// Cancel auction. Accepted only from the owner. Forbidden if there are some active bids
 teleitem_msg_cancel_auction#371638ae query_id:int64 = TeleitemMsg;
 ```
 

SECURITY.md

@@ -0,0 +1,15 @@
+# Security Policy
+
+## Supported Versions
+
+| Version | Supported          |
+| ------- | ------------------ |
+| >=0.2.0 | :white_check_mark: |
+
+## Reporting a Vulnerability
+
+Use this section to tell people how to report a vulnerability.
+
+Tell them where to go, how often they can expect to get an update on a
+reported vulnerability, what to expect if the vulnerability is accepted or
+declined, etc.

func/common.fc

@@ -27,6 +27,7 @@ const int op::report_static_data = 0x8b771735;
 const int op::get_royalty_params = 0x693d3950;
 const int op::report_royalty_params = 0xa8cb00ad;
 
+const int err::invalid_subdomain_length = 70;
 const int err::invalid_length = 201;
 const int err::invalid_signature = 202;
 const int err::wrong_subwallet_id = 203;
@@ -49,9 +50,8 @@ const int err::forbidden_auction = 220;
 const int err::already_has_stakes = 221;
 const int err::auction_already_started = 222;
 const int err::invalid_auction_config = 223;
-const int err::incorrect_workchain = 333;
+const int err::invalid_workchain = 333;
 const int err::no_first_zero_byte = 413;
-const int err::bad_subdomain_length = 70;
 
 const int min_tons_for_storage = one_ton;
 const int workchain = 0;
@@ -64,7 +64,7 @@ slice zero_address() asm "b{00} PUSHSLICE";
 
 () force_chain(slice addr) impure inline {
     (int wc, _) = parse_std_addr(addr);
-    throw_unless(err::incorrect_workchain, wc == workchain);
+    throw_unless(err::invalid_workchain, wc == workchain);
 }
 
 
@@ -76,7 +76,7 @@ int get_top_domain_bits(slice domain) inline {
         i += 8;
         char = domain~load_uint(8); ;; we do not check domain.length because it MUST contains \0 character
     }
-    throw_unless(201, i); ;; should not start with \0
+    throw_unless(err::invalid_length, i); ;; should not start with \0
     return i;
 }
 
@@ -130,7 +130,7 @@ cell pack_init_int_message(slice dest, cell state_init, cell body) inline {
     return begin_cell()
             .store_uint(0x18, 6) ;; 011000 tag=0, ihr_disabled=1, allow_bounces=1, bounced=0, add_none
             .store_slice(dest)
-            .store_grams(0) ;; grams
+            .store_grams(0)
             .store_uint(4 + 2 + 1, 1 + 4 + 4 + 64 + 32 + 1 + 1 + 1)
             .store_ref(state_init)
             .store_ref(body)
@@ -288,7 +288,7 @@ cell pack_teleitem_msg_deploy(slice sender_address, int bid, cell info, cell con
     var cs = get_data().begin_parse();
     var res = (
             cs~load_int(1), ;; touched
-            cs~load_uint(32), ;; subwallet_id
+            cs~load_uint(64), ;; subwallet_id
             cs~load_uint(256), ;; owner_key
             cs~load_ref(), ;; content
             cs~load_ref(), ;; item_code
@@ -302,7 +302,7 @@ cell pack_teleitem_msg_deploy(slice sender_address, int bid, cell info, cell con
 _ save_collection_data(int touched, int subwallet_id, int owner_key, cell content, cell item_code, slice full_domain, cell royalty_params) impure inline {
     cell data = begin_cell()
             .store_int(touched, 1)
-            .store_uint(subwallet_id, 32)
+            .store_uint(subwallet_id, 64)
             .store_uint(owner_key, 256)
             .store_ref(content)
             .store_ref(item_code)
@@ -316,7 +316,7 @@ _ unpack_signed_cmd(slice cs) inline {
     return (
             cs~load_bits(512), ;; signature
             slice_hash(cs), ;; hash
-            cs~load_uint(32), ;; subwallet_id
+            cs~load_uint(64), ;; subwallet_id
             cs~load_uint(32), ;; valid_since
             cs~load_uint(32), ;; valid_till
             cs ;; cmd

func/nft-collection.fc

@@ -80,7 +80,7 @@ cell get_nft_content(int index, cell individual_nft_content) method_id {
 }
 
 (int, cell) dnsresolve(slice subdomain, int category) method_id {
-    throw_unless(err::bad_subdomain_length, slice_bits(subdomain) % 8 == 0);
+    throw_unless(err::invalid_subdomain_length, slice_bits(subdomain) % 8 == 0);
 
     int skipped_bits = subdomain~skip_first_zero_byte?() & 8;
 

func/nft-item.fc

@@ -276,9 +276,7 @@ cell change_dns_record(cell dns, slice in_msg_body) {
     return save_item_data(config, new_state);
 }
 
-;;
 ;;  GET Methods
-;;
 
 (int, int, slice, slice, cell) get_nft_data() method_id {
     (cell config, cell state) = unpack_item_data();
@@ -346,7 +344,7 @@ slice get_telemint_token_name() method_id {
     (cell nft_content, cell dns, cell token_info) = unpack_item_content(content);
 
     int subdomain_bits = slice_bits(subdomain);
-    throw_unless(err::bad_subdomain_length, subdomain_bits % 8 == 0);
+    throw_unless(err::invalid_subdomain_length, subdomain_bits % 8 == 0);
 
     int starts_with_zero_byte = subdomain.preload_int(8) == 0;
     throw_unless(err::no_first_zero_byte, starts_with_zero_byte);

func/stdlib.fc

@@ -1,5 +1,4 @@
 ;; Standard library for funC
-;;
 
 forall X -> tuple cons(X head, tuple tail) asm "CONS";
 forall X -> (X, tuple) uncons(tuple list) asm "UNCONS";

telemint.tlb

@@ -14,7 +14,7 @@ nft_collection_cmd_get_royalty_params#693d3950 = NftCollectionCmd;
 
 nft_answer_ownership_assigned#05138d91 query_id:uint64 prev_owner:MsgAddress forward_payload:(Either Cell ^Cell) = NftAnswer;
 nft_answer_excesses#d53276db query_id:uint64 = NftAnswer;
-nft_royalty_params#_ numerator:uint16 denominator:uint16 destination:MsgAddress = NftRoyaltyParams;
+nft_royalty_params#_ numerator:int16 denominator:int16 destination:MsgAddress = NftRoyaltyParams;
 
 teleitem_bid_info#38127de1 bid:Grams bid_ts:uint32 = TeleitemBidInfo;
 teleitem_last_bid bidder_address:MsgAddressInt bid:Grams bid_ts:uint32 = TeleitemLastBid;
@@ -42,9 +42,9 @@ teleitem_state$_ owner_address:MsgAddressInt content:^TeleitemContent
 
 teleitem_data$_ config:^TeleitemConfig state:(Maybe ^TeleitemState) = TeleitemData;
 
-telemint_data$_ touched:Bool subwallet_id:uint32 public_key:bits256 collection_content:^Cell nft_item_code:^Cell
+telemint_data$_ touched:Bool subwallet_id:uint64 public_key:bits256 collection_content:^Cell nft_item_code:^Cell
   full_domain:^TelemintText royalty_params:^NftRoyaltyParams = TelemintData;
 
-telemint_unsigned_deploy$_ subwallet_id:uint32 valid_since:uint32 valid_till:uint32 token_name:TelemintText
+telemint_unsigned_deploy$_ subwallet_id:uint64 valid_since:uint32 valid_till:uint32 token_name:TelemintText
   content:^Cell auction_config:^TeleitemAuctionConfig royalty_params:(Maybe ^NftRoyaltyParams) = TelemintUnsignedDeploy;
 telemint_msg_deploy#4637289a  sig:bits512 msg:TelemintUnsignedDeploy = TelemintMsg;