Stability for Flow

[caffeinum]

Currently, Flows are not very stable. For example, you can get into the state where you should know secret, but somehow it's null. We should make Flows more obvious in the sense of data flow before releasing and having real money and users' headaches at stake.

Main UX obstacles are:

• [ ] user does not have enough balance to swap
• [ ] user already has a swap with this person

Main security obstacles:

• [ ] user lost a Swap ID – this goes to SwapHistory issue.

• [ ] second party left right after signing and I dont know that

• [ ] I froze my money, I should have all the values so I can get them back

• [ ] bad connection to server, I am not sure if money were sent

• [ ] I froze money, but second party left away – can I refund?

• [ ] we both froze our money – how can I be sure it is? double-check

• [ ] I am ready to withdraw, but I don't know

• [ ] ETH owner had lost a secret key, but his ETH were withdraw already

Given the above, we have next steps:

For brevity and polimorphism we call BTC = base, ETH = secondary

setup

Both know only the participant address and amounts to send. We cannot leave this step until both agree on continuing swap.

sync balances

This step should check the balances for everyone. Double-check you have money you claim to have.

lock base currency

Submit secret method goes here. BTC owner should froze his money.

The shared state adds script address and exact values. We cannot leave until both know these.

ETH owner also checks the frozen balance is just equals to what was expected.

lock secondary currency

ETH owner locks funds on the smart contract.

This step has no additional data. That's only he should send message, that funds are ready.

BTC owner doesnt leave until he knows exactly that contract has the right balance, and the hash matches. ETH owner does not leave until BTC owner leaves.

withdraw secondary

BTC owner does not leave this step until ETH were transferred to his account. ETH owner does not leave until he receives the message that ETH were withdrawn

withdraw base currency

Although he has everything he needs, BTC owner waits for message to mark swap as finished. ETH owner cannot leave the step until he makes a successful withdraw tx.

[caffeinum]

All in all, state has two parts:

• informational flags
• crypto data

On exiting every step, Flow should have this data:

step	flags	data
setup	meSigned,participantSigned
sync balance	balanceEnough	balance
lock base	baseLocked	scriptValues, (secret), secretHash, lockedBalance, lockTxHash
lock seco	secondaryLocked	lockedBalance, lockTxHash
withdraw seco	secondaryWithdrawn	withdrawTxHash, (secret)
withdraw base	baseWithdrawn	withdrawTxHash

Also, for every step, there is a person, who decides step's finished.

step	responsible
setup	both
sync balance	both
lock base	secondaryOwner
lock seco	baseOwner
withdraw seco	secondaryOwner
withdraw base	baseOwner
finish	both

[caffeinum]

this.state = {
  step: 0,

  signTransactionHash: null,
  isSignFetching: false,
  isMeSigned: false,

  secretHash: null,
  btcScriptValues: null,

  btcScriptVerified: false,

  isBalanceFetching: false,
  isBalanceEnough: false,
  balance: null,

  btcScriptCreatingTransactionHash: null,
  ethSwapCreationTransactionHash: null,

  isEthContractFunded: false,

  secret: null,

  isEthWithdrawn: false,
  isBtcWithdrawn: false,

  refundTransactionHash: null,
  isRefunded: false,

  isFinished: false,
}

[caffeinum]

on hold

[caffeinum]

Есть предложение разделить Flow на две части:

• setup
• withdraw

Шаги убрать, вместо этого добавить список проверок, делать их можно в любом порядке. Это значит, почти весь код из Flow перенести в классы ***Swap. А Flow сведется к

// BTC2ETH
try {
  await btcSwap.setup()
  await ethSwap.check()
  await ethSwap.withdraw()
} catch () {
  await btcSwap.refund()
}

Например, список необходимых действий для обменов BTC<->ETH

ETHSwap
Sender	Recipient
lock funds	check contract balance
	withdraw

BTCSwap
Sender	Recipient
request sign	request script values
submit secret	check script
sync balance	verify script
lock funds	withdraw
send script values

[0xZick]

полностью за, это как Игорь сделал EOS - BTC только ты хочешь более явно разделить

[noxonsu]

чеклист перенести в темплейты ишью и закрыть можно думаю

[caffeinum]

@noxonsu ишью о том, чтоб учесть эти все проблемы в архитектуре. Можно временно закрыть, наверное

[noxonsu]

перенести в вики тогда и закрыть

[caffeinum]

Это более общий вариант #4

[caffeinum]

Пока что мы пришли примерно к такому, если вкратце:

Вначале берем BTC2EOS Игоря, а дальше смотрим:

pull Handlers

Это круто, более того, они нужны везде, поэтому логично положить из в swap.swap/Room.js

push Handlers

По сути являются сообщениями, чаще всего это ответы на pull. Их можно сделать структурами данных без кода вовсе.

import { scriptValuesMessageGenerator } from '../btc/push'
room.sendMessage(scriptValuesMessageGenerator(state))

transaction Handlers

Тут самый сок. Это именно то, что отвечает прямо за действия.

Но почему бы не класть их напрямую в BtcSwap, EthSwap ? Это как раз действия с блокчейном.

Примеры идей: https://github.com/caffeinum/swap.core/commit/fd5925a9445790d4679ae787ab97213c22fee689

[noxonsu]

устарело