SchemeFactory Unable To Deploy Competition Scheme

[dOrgJelli]

While implementing the SchemeFactory within the client library, we ran into an issue: a SchemeFactory proposal cannot add a competition scheme to the DAO.

The process that's required to deploy a competition scheme is as follows:

1. Deploy Competition.sol Instance DAOFactory.createInstance("Competition")
   1.a. Save the address of the competition instance
2. Add ContributionRewardExt.sol As A Scheme SchemeFactory.propose("ContributionRewardExt", initParams)
   2.a. NOTE: initParams has competition's address in it as "rewarder"
3. After ContributionRewardExt is added as a scheme (and it's deployed), we need to call initialize on competition w/ the contributionrewardext's address.

FAILURE: step 3 is impossible, since the initialize function on competition can only be called during the initial creation process of the contract (if I'm not mistaken).

@orenyodfat am I understanding this correctly?

[orenyodfat]

• one option will be to do DAOFactory.createInstance("Competition") with no(null) init params ,so it will instance a new Competition without initilize it.

[dOrgJelli]

• one option will be to do DAOFactory.createInstance("Competition") with no(null) init params ,so it will instance a new Competition without initilize it.

If you do this, isn't there a security risk of the competition's initialize function callable by anyone, before you initialize it yourself?

[ben-kaufman]

Well not really a security risk. You will know if something like that has happened, and it's costly "attack" (mining fees...) with no reward, as you'll just deploy another Competition. So worst case it could force you to do some redeployment, but it is very unlikely as an attacker will need to listen to the blockchain and wait for a tx with this specific bytecode, then send immediatly a transaction before you get to send your initialize tx.

[orenyodfat]

fixed by #746