@dydxprotocol/perpetual

Ethereum Smart Contracts and TypeScript client library for the dYdX Perpetual Contracts Protocol. Currently used by trade.dydx.exchange.

Full Documentation at docs.dydx.exchange.

Table of Contents

• Documentation
• Install
• Contracts
• Security
• Development
• Maintainers
• License

Documentation

Check out our full documentation at docs.dydx.exchange:

• Protocol Overview
• Perpetual Guide and Contract Specification

Install

npm i -s @dydxprotocol/perpetual

Contracts

Mainnet

Contract Name	Description	Address
PerpetualProxy	Proxy contract and entrypoint for the core protocol	0x07aBe965500A49370D331eCD613c7AC47dD6e547
PerpetualV1	Upgradeable logic contract for the core protocol	0xE883b3efdaE637fC599b467478a23199778F2cCf
P1FundingOracle	Funding rate oracle	0x4525D2B71f7f018c9EBddFcD336852A85404e75B
P1MakerOracle	Price oracle	0x538038E526517680735568f9C5342c6E68bbDA12
P1Orders	Trader contract for limit and stop-limit orders	0x3ea6F88eC8F7b24Bb3Ad206fa80124210e8e28F3
P1Liquidation	Trader contract for liquidations	0x18Ba3F12f9d3699dE7D451cA97ED55Cd33DD0f80
P1LiquidationProxy	Proxy contract for doing liquidations that contribute to an insurance fund	0x51C72bEfAe54D365A9D0C08C486aee4F99285e08
P1Deleveraging	Trader contract for deleveraging	0xa4e4A9ae84882BE5049E450A3500ba1CD012F0C5

Security

Independent Audits

The smart contracts were audited independently by Zeppelin Solutions at commit c5e2b0e, excluding P1Orders.sol.

Zeppelin Solutions Audit Report

Code Coverage

All production smart contracts are tested and have 100% line and branch coverage.

Vulnerability Disclosure Policy

The disclosure of security vulnerabilities helps us ensure the security of our users.

How to report a security vulnerability?

If you believe you’ve found a security vulnerability in one of our contracts or platforms, send it to us by emailing security@dydx.exchange. Please include the following details with your report:

• A description of the location and potential impact of the vulnerability.

• A detailed description of the steps required to reproduce the vulnerability.

Scope

Any vulnerability not previously disclosed by us or our independent auditors in their reports.

Guidelines

We require that all reporters:

• Make every effort to avoid privacy violations, degradation of user experience, disruption to production systems, and destruction of data during security testing.

• Use the identified communication channels to report vulnerability information to us.

• Keep information about any vulnerabilities you’ve discovered confidential between yourself and dYdX until we’ve had 30 days to resolve the issue.

If you follow these guidelines when reporting an issue to us, we commit to:

• Not pursue or support any legal action related to your findings.

• Work with you to understand and resolve the issue quickly (including an initial confirmation of your report within 72 hours of submission).

• Grant a monetary reward based on the OWASP risk assessment methodology.

Development

Compile Contracts

Requires a running docker engine.

npm run build

Compile TypeScript

npm run build:js

Test

Requires a running docker engine.

Start test node:

docker-compose up

Deploy contracts to test node & run tests:

npm test

Just run tests (contracts must already be deployed to test node):

npm run test_only

Just deploy contracts to test node:

npm run deploy_test

Maintainers

• Brendan Chou @brendanchou brendan@dydx.exchange

• Ken Schiller @kenadia ken@dydx.exchange

License

Apache-2.0