comit-network / blockchain-contracts Goto Github PK
View Code? Open in Web Editor NEWHost the assembly/script code of blockchain contracts used in the COMIT protocol
License: GNU General Public License v3.0
Host the assembly/script code of blockchain contracts used in the COMIT protocol
License: GNU General Public License v3.0
There is no indication whether blockchain-contracts crates (and hence comit-rs) uses the hex from the RFCs.
Make it easy and clear for a potential user/developer whether we do what we say and avoid discrepancies that could impact the trust in CoBloX.
Ensure that blockchain_contracts is aligned with the RFCs.
Come up with a process instead of solving it with technology.
Any solutions that would impact the CI would deteriorate the devex (e.g. make CI fail if the hex used in the code is not the one from the RFC) as it would mean that both repos would need to be updated in a close timeframe.
Instead, we could provide an indicator on the blockchain_contract repo (or RFC repo?).
The indicator could be similar to the CI badges, where the badge goes read if the hex are not aligned with the RFC.
I imagine it could be possible with a mix of GitHub Pages and GitHub actions and extracting the hex in separate files in both repos.
Web3 and its transitive dependencies are unergonomic, bulky and overall pretty painful.
We need to get rid them.
Easy to consume and maintain code.
Clarity provides a fairly rich and yet lightweight low-level Ethereum interface: https://github.com/althea-net/clarity
It gives us stuff like an Address
type and transaction signing.
We only use a handful of RPC calls, those can easily be re-created with a small client that has exactly the interface we need.
Move the Ethereum HTLC to this repo.
DoD:
Blocked by comit-network/comit-rs#626
We have a hand-rolled implementation for signing our Bitcoin HTLC.
This harms interoperability with other wallets and limits the usecases of COMIT.
This would also allow us to clean up some code (old bitcoin_witness
crate).
Use miniscript because it is a standardized way for doing contracts on Bitcoin.
It will also allow us to untie the library component of COMIT from cnd.
In blockchain_contracts
:
c:or_i(and_v(v:sha256(0000000000000000000000000000000000000000000000000000000000000001),pk_h(A)),and_v(after(1000),pk_h(B)))
BitcoinHtlc
to not sign transactions anymore. Instead, we should return the miniscript that we used to create the BitcoinHtlc.blockchain-contracts
are free to do the signing themselves or just pass the miniscript on to other clients.In cnd
:
We would have to re-work how SpendOutput
is designed but basically, we just need to use the abstractions provided by blockchain-contracts
. blockchain-contracts
should provide everything so that we only need to put in:
Note: Make sure to use miniscript's fee estimation instead of hand rolling something!
We did quite some changes in blockchain contracts which are not yet used in comit-rs.
Release blockchain-contracts and use it in comit-rs
Merging PRs manually is cumbersome.
Make work as efficient as possible.
Setup bors (modify comit-rs').
The protocol naming spike introduces a split into protocols per ledger.
Adopt the new terminology in this crate. Do not mention rfc003
in this repo anymore.
The current folder structure already suggests that protocols are actually per ledger, we just need to rename some of the folders and move files around. There shouldn't be any functionality change necessary.
This involves reviewing/eliminating dependencies on the support crates.
Move issues
Copy issues
Also open issues to contribute back to rust-bitcoin orga (see TODOs in code).
to this repository as this one is done.
Blockchain-contracts is a security critical part of COMIT. At the moment, we have to watch out of dependency updates manually, which we practically never do. Additionally, cnd
depends on it, hence it is crucial that all the dependencies are on the latest version, otherwise we cannot update them in cnd (f.e. rust-bitcoin update comit-network/comit-rs#1493 is currently blocked by blockchain-contracts not using the up-to-date version of rust-bitcoin)
Keep dependencies up-to-date and make integration in cnd easy.
Setup dependabot and mergify the same way as in cnd.
As part of doing #4, a fair amount of duplication was created in the test-harness.
This crate contains code that is critical to COMIT. Not only the actual production code, but also the testcode should be easy to understand, verify and maintain.
Major painpoints:
@bonomat summarized some findings around the gas consumption of our ethereum related actions in #52 (deploy contract/fund/redeem/refund).
This should be documented in the code accordingly.
It should be clear from the code why certain gas limits have been chosen (e.g. code comments). These limits should also be ensured via tests.
See #52 (comment) for explanations
There was a draft PR #56 showing these limits and in #52 one can find a textual description.
Someone wanting to learn about gas cost and ethereum should grab this ticket and pair (e.g. with @bonomat ).
Replaces #52
Our make file defaults to stable
if RUST_TOOLCHAIN
is not defined.
Line 4 in 876a4be
We have two CI targets, one for stable
and one for beta
. However, both set the environment variable to beta
:
blockchain-contracts/.circleci/config.yml
Lines 10 to 16 in 876a4be
blockchain-contracts/.circleci/config.yml
Lines 27 to 33 in 876a4be
Hence, we never build on stable
:D
It is hard for a developer to understand why the HTLC does not behave as expected in case of failure.
Make it easier to understand why a call to the Ethereum HTLCs fail.
Use revert
and on failure paths. See comit-network/spikes#37 for more details.
Tasks:
revert
with a reason instead of return
. The transaction must be marked as Failed
if secret is incorrect or attempt to refund is made and time is not yet expired.revert
as above.With PR comit-network/comit-rs#1073, I noticed that our HTLCs currently have different APIs:
BitcoinHtlc
provides you methods for unlock_with_secret
and unlock_after_timeout
that return a single struct that contains all the data you need for creating the final transactionEtherHtlc
and Erc20Htlc
provide several accessor methods for this kind of data.The variant chosen for BitcoinHtlc
deemed to be very helpful down the line and helps with embedding the domain into the code: An HTLC can only be unlocked in one of two ways. Having two public methods represents that very clearly.
We should try and create a similar abstraction for EtherHtlc
and Erc20Htlc
.
Each HTLC should have three methods:
compute_address
, for Ethereum bytecode
and gas_limit
)It seems like both HTLCs for Ethereum (Ether and Erc20) do not print the keccak256 of the proposed messages:
Code claims:
However, I was not able to reproduce the same hash for neither of the 2:
Tested with web3js and http://emn178.github.io/online-tools/keccak_256.html
> var Web3 = require('web3');
> console.log(web3.utils.soliditySha3({ type: 'string', value: "Refunded"}))
0x51e3aa8099bfbb7b9fee513355876c379349ac1dca81cd9eb4e0653e784ff985
undefined
> console.log(web3.utils.soliditySha3({ type: 'string', value: "Refunded()"}))
0x8616bbbbad963e4e65b1366f1d75dfb63f9e9704bbbf91fb01bec70849906cf7
()
which are meant to be included, i.e. keccak256("Refunded")
Provide Htlc for Bitcoin (rfc003).
Blocked by comit-network/comit-rs#626
We provide gas limit recommendation for ERC20 and Ether contracts interactions.
These recommendations are coming from the actual gas usage during the tests run:
Except for
which comes from comit-rs e2e tests.As you can see, the actual gas usage in comments is actually way lower than the recommendation. This is because when the recommendation is decreased from 100,000 to 50,000 then the Ethereum transaction fails due to out of gas
.
We don't know why.
Be able to justify the gas limit recommendations and explain why we recommend 100,000 when actually the max usage is 30,000.
fundLowGas
(rename to fundWithInsufficientGas
) and run the test with --keep-on-failure
to have parity still running after test failure. The test will fail because fundLowGas
checks that the transaction is failed. If the transaction is successful because there is enough gas, an exception is thrown making the test fail.If you did not reach any conclusion from A. Play around in testnet and try to reach a conclusion.
Note: If the conclusion that parity is not behaving like testnet, then need to question whether our recommendations are valid, whether they are testable, we should swap eth node, etc.
Note: Gas prices are mentioned in the comments, these are not in scope.
A declarative, efficient, and flexible JavaScript library for building user interfaces.
๐ Vue.js is a progressive, incrementally-adoptable JavaScript framework for building UI on the web.
TypeScript is a superset of JavaScript that compiles to clean JavaScript output.
An Open Source Machine Learning Framework for Everyone
The Web framework for perfectionists with deadlines.
A PHP framework for web artisans
Bring data to life with SVG, Canvas and HTML. ๐๐๐
JavaScript (JS) is a lightweight interpreted programming language with first-class functions.
Some thing interesting about web. New door for the world.
A server is a program made to process requests and deliver data to clients.
Machine learning is a way of modeling and interpreting data that allows a piece of software to respond intelligently.
Some thing interesting about visualization, use data art
Some thing interesting about game, make everyone happy.
We are working to build community through open source technology. NB: members must have two-factor auth.
Open source projects and samples from Microsoft.
Google โค๏ธ Open Source for everyone.
Alibaba Open Source for everyone
Data-Driven Documents codes.
China tencent open source team.