Dear Sipherians, As part of our efforts to constantly test, improve and debug our contracts, we have redeployed our Sipher token contract and IBCO contract in order to remove the following function to prevent any uncertainty to the community.

     /**
     * @dev Set approval for Sipher Staking Pool
     */
    function setApproveForStaking(address _sipherStakingPool) external onlyOwner {
        require(block.timestamp < END, "Only allow edit before the Offer ends");
        require(_sipherStakingPool != address(0), "Invalid address");

        SipherStakingPool = ITimeLockPool(_sipherStakingPool);
        SIPHER.safeApprove(_sipherStakingPool, type(uint256).max);
    }

The function is designed to help every IBCO participant to claim and stake their SIPHER with ease with the goal of reducing the gas consumption by approving allowance of the token to staking contract at once.

However, after careful analysis and thanks to our community member Ha Dang (Maverick) for voicing this concern, there is indeed a risk that the Sipher team can pass any address as the parameter to the function that can get full allowance of the token to itself, it raises the risk that fund can be stolen by the team, this creates possible uncertainty for the IBCO participants.

With our goals as being transparent, upkeeping the highest possible standards for our codes, we decided to remove 2 functions and to redeploy the two smart contracts.

What changed?

Since IBCO and token contract are the most sensitive contracts, we have to prioritize safety over convenience. We removed the following 2 functions:

  1. function setApproveForStaking(address _sipherStakingPool)
  2. function claimAndDepositForStaking(uint256 amount, uint256 duration)

and ITimeLockPool public SipherStakingPool; property of the IBCO contract.

The $Sipher Token generation contract remains unchanged.

Why did we redeploy token contract when it is unchanged?

The old token contract allowed us to mint 40M Sipher token and send to the IBCO contract, those tokens are locked and will only be able to claim until a certain time hence we can't move them to the new IBCO contract.

This forces us to redeploy the new token contract and start off a clean slate.

Next steps