Audit Certificate: Accountant.sol No-Pot Architecture

Issued by: D-Safe Internal Auditing

This technical briefing certifies the Accountant.sol smart contract as the primary financial routing engine within the Pond Enterprise ecosystem. Acting as the deterministic conduit between the dsafe.us governance layer and the decentralized application (vue.datapond.earth), its architecture adheres strictly to a “No-Pot” principle—incoming native currency is instantly executed against predefined distribution logic in a single transaction, with zero fallback or fail-safe routing mechanisms.

This absolute routing ensures there is no centralized pause function if a destination reverts. Furthermore, it governs the flow of donations, the exclusive mechanism through which users acquire governance “Credits.” By avoiding the accumulation of funds, the contract nullifies honeypot attack vectors, guaranteeing institutional-grade financial immutability.

D-CODE Sovereign Licence

Certified SourceCode

The following smart contract source code is published under the D-CODE Licence. This license enforces strict Open Code availability. Unlike Open Source, Open Code means the code is entirely public and auditable for maximum transparency, but it explicitly prohibits unauthorized modifications, derivations, or forks of the certified logic. It requires clear attribution to POND Enterprise.

/**
 * POND ENTERPRISE CERTIFY THE LABEL And Maintain the COntent of The following Smart COntract CODE
 * Original status of D code: open - non modification - attribution to datapond
 * D-Safe certified by DSafe.US
 */
// File: contracts/Accountant.sol
pragma solidity ^0.8.24;

import {ProjectManager} from "./ProjectManager.sol";
import {ErrorLibrary} from "./ErrorLibrary.sol";

abstract contract Accountant is ProjectManager {
    address payable private _projectsAccount;
    address payable private _maintenanceAccount;
    address payable private _marketingAccount;

    constructor(
        address payable projectsAccount,
        address payable maintenanceAccount,
        address payable marketingAccount
    ) ProjectManager() {
        _projectsAccount = projectsAccount;
        _maintenanceAccount = maintenanceAccount;
        _marketingAccount = marketingAccount;
    }

    function donateFunds() payable public {
        uint256 value = msg.value;
        address sender = msg.sender;
        if (value < 20 ether) revert ErrorLibrary.MinDonationNotMet();
        
        /**
        Debt FREE !!
        80% of all donations goes to projects
        **/
        uint256 eighty = (value * 8) / 10;
        uint256 ten = value / 10;

        _transfer(_projectsAccount, eighty);
        _transfer(_marketingAccount, ten);
        _transfer(_maintenanceAccount, ten);
        fundAddress(sender, eighty);
    }

    receive() external payable {
        donateFunds();
    }

    fallback() external payable {
        donateFunds();
    }

    function _transfer(address payable addr, uint256 amount) private {
        (bool success,) = addr.call{value:amount}("");
        if (!success) revert ErrorLibrary.ETHTransferFailed();
    }
}

Security Assessment: Absolute Non-Custodial Safety

The Accountant never holds a balance. By spliting and forwarding funds in a single transaction, the “Pot” is always zero, making it immune to “No-Pot” drainage attacks.