Artinals Protocol
  • Introduction
    • What is Artinals?
    • Overview of the Modules
    • Key Concepts and Terminology
  • Getting Started
    • Prerequisites
    • Cloning the Repository
    • Building and Testing the Modules
  • ART20
    • Overview and Capabilities
    • Data Structures
      • NFT
      • CollectionCap
      • UserBalance
      • TokenIdCounter
      • Dual IDs
    • Events
      • NFTMintedEvent
      • CollectionCreatedEvent
      • MetadataUpdateEvent
      • BurnEvent
      • TransferEvent
      • Additional Events
    • Functions and Entry Points
      • Initializing the Module
      • Creating Collections
      • Minting ART20 NFTs
      • Updating Metadata
      • Transfer and Burn Operations
      • Batch Operations
      • Deny List Mechanics and Authority
      • Custom Transfers
    • Value Sources (API, Oracle)
    • Best Practices & Examples
  • SALE Module
    • Purpose and Functionality
    • Interdependence
    • Price Index Module
    • Liquidity Module
    • Data Structures
      • NFTSale
      • NFTListing
  • Events
    • SaleCreated
    • NFTPurchased
    • PriceUpdateEvent
    • CurrencyWithdrawn
    • DenyList & Related Events
    • PoolCreatedEvent
    • OrderCanceled
    • OrderExecuted
  • Functions and Entry Points
    • Creating a Sale
    • Adding NFTs to a Sale
    • Purchasing NFTs from a Sale
    • Withdrawing Proceeds
    • Managing Sale State
    • Core Trading Functionality
  • Integrating with ART20
  • Examples & Best Practices
  • MARKET Module
    • Introduction
    • Testnet (Beta)
    • Smart Contract Overview
    • Data Structures
      • Trade Ledger (TradeLedger)
      • Trade Offer (TradeOffer)
      • Buy Offer (BuyOffer)
      • Ledger Registry (LedgerRegistry)
    • Event Structures
      • Offer Created (OfferCreated)
      • Offer Accepted (OfferAccepted)
      • Buy Offer Created (BuyOfferCreated)
      • Buy Offer Accepted (BuyOfferAccepted)
      • Batch Transactions
    • Event Emissions
    • Functions and Entry Points
      • Trade Ledger Management
      • Register Ledger
      • Get Trade Ledger
      • Create Sell Offer
      • Accept Sell Offer
      • Cancel Sell Offer
      • Create Buy Offer
      • Accept Buy Offer
      • Cancel Buy Offer
      • Batch Accept Sell Offers
      • Batch Accept Buy Offers
  • Security Mechanisms
  • TRADE Module
    • Introduction
    • Purpose and Ecosystem Role
    • Data Structures
      • TradingPool
      • LiquidityPosition
      • PriceOracle
      • CollectionPool
    • Events
      • PoolCreated
      • LiquidityAdded
      • LiquidityRemoved
      • TradeExecuted
      • PoolStatusChanged
      • PoolFeesUpdated
    • Functions and Entry Points
      • Creating and Managing Liquidity Pools
      • Adding/Removing Liquidity
      • Swapping NFTs and Tokens
      • Fee Mechanics and Distribution
      • Emergency Operations and Recovery
  • Working with Price Oracles
  • Metrics and Statistics (24h Volumes, TWAP, Price Impact)
  • Integration with SALE and ART20
  • Integration and Workflows
    • Typical User Journeys
      • Creating a Collection and Minting Tokens (ART20)
      • Listing and Selling NFTs (SALE)
      • Providing Liquidity and Trading NFTs (TRADE)
    • Example Scripts and Transactions
    • Interactions Between Modules
  • Security, Permissions, and Deny Lists
    • Introduction
    • Role of Deny List in ART20
    • Creator vs. Owner Permissions
    • Fee Distribution and Authority
    • Best Practices for Secure Deployment
  • Testing and Troubleshooting
    • Running Unit Tests
    • Common Issues and Solutions
    • Debugging and Emitting Debug Events
  • Advanced Topics
    • Value Sources (API Endpoints and Oracle Addresses)
    • Batch Update Operations
    • Customizing Parameters (Fees, Supply, Price Ranges)
    • Extensibility and Future Integrations
  • Appendices
    • Move Language and Sui Concepts
    • Glossary of Terms
    • Code Style and Conventions
  • Building on Top of the Artinals Contract
    • Overview
    • Package ID
    • Import Modules
    • Commom Integration Patterns
    • Best Practices
    • Common Errors and Solutions
Powered by GitBook
On this page

Security Mechanisms

Security is critical in a decentralized marketplace. This contract implements several security checks to prevent unauthorized access and manipulation.

2.1 Ownership Checks

  • Only the original offer owner can cancel a sell or buy order.

  • Sellers must own the NFTs before listing them for sale.

2.2 Trade Validations

  • Preventing invalid amounts:

    • Offers with 0 price or NFTs are rejected.

    • Users cannot overbuy or oversell assets.

  • Currency Type Checks:

    • Buyers and sellers must use the correct token (CURRENCY).

    • Trade Ledgers only accept transactions in registered currencies.

2.3 Preventing Overflows

To prevent integer overflows, all calculations use safe arithmetic:

moveCopyEditfun safe_add(a: u64, b: u64): u64 {
    assert!(a <= MAX_U64 - b, E_OVERFLOW);
    a + b
}

This ensures that large trades don’t cause unexpected errors.

2.4 Deny List Enforcement

  • If a collection enables deny lists, restricted users cannot trade.

  • The deny list is managed by the collection owner.

3. Best Practices for Integration

To ensure smooth integration with this contract, follow these best practices:

3.1 Listening for Events

Marketplace applications should subscribe to blockchain events for real-time updates.

  • Example: Track new orders using OfferCreated events.

  • Example: Remove orders when OfferAccepted or OfferCancelled events are detected.

3.2 Validating User Inputs

Before calling contract functions:

  • Ensure that users own the NFTs they want to sell.

  • Verify that buyers have enough funds before accepting offers.

  • Handle error codes gracefully in the frontend.

3.3 Batch Transactions for Efficiency

  • Encourage batch processing of multiple buy/sell offers to reduce gas fees.

  • Example: A buyer can purchase 10 NFTs in a single transaction using batch_accept_offers.

3.4 Price Indexing

  • Use get_price_levels() to fetch sorted price levels.

  • Enable efficient price discovery by listing NFTs based on indexed prices.

3.5 Handling Partial Fills

  • Orders may partially fill, so the UI should update the order status dynamically.

  • Example:

    • If a sell order is partially filled, update the remaining quantity.

    • If a buy order is partially accepted, adjust the requested asset count.

3.6 Preventing Front-Running

  • Users should refresh their data before confirming trades.

  • Frontend applications can pre-check availability before calling accept_offer.

PreviousBatch Accept Buy OffersNextIntroduction

Last updated 3 months ago