@inco/lightning 0.1.30 → 0.1.31

package/src/libs/incoLightning_0_1_29__863421733.sol

@@ -0,0 +1,389 @@
+// AUTOGENERATED FILE. DO NOT EDIT.
+// This file was generated by the IncoLightning library generator.
+// The original template is located at Lib.template.sol
+
+/// SPDX-License-Identifier: No License
+pragma solidity ^0.8;
+
+import "../IncoLightning.sol";
+import { ebool, euint256, ETypes } from "../Types.sol";
+
+IncoLightning constant inco = IncoLightning(0xeBAFF6D578733E4603b99CBdbb221482F29a78E1);
+address constant deployedBy = 0x8202D2D747784Cb7D48868E44C42C4bf162a70BC;
+uint256 constant defaultDecryptionDelayLimit = 2 hours;
+
+library e {
+    function sanitize(euint256 a) internal returns (euint256) {
+        if (euint256.unwrap(a) == bytes32(0)) {
+            return asEuint256(0);
+        }
+        return a;
+    }
+
+    function sanitize(ebool a) internal returns (ebool) {
+        if (ebool.unwrap(a) == bytes32(0)) {
+            return asEbool(false);
+        }
+        return a;
+    }
+
+    function s(euint256 a) internal returns (euint256) {
+        return sanitize(a);
+    }
+
+    function s(ebool a) internal returns (ebool) {
+        return sanitize(a);
+    }
+
+    function add(euint256 a, euint256 b) internal returns (euint256) {
+        return inco.eAdd(s(a), s(b));
+    }
+
+    function add(euint256 a, uint256 b) internal returns (euint256) {
+        return inco.eAdd(s(a), asEuint256(b));
+    }
+
+    function add(uint256 a, euint256 b) internal returns (euint256) {
+        return inco.eAdd(asEuint256(a), s(b));
+    }
+
+    function sub(euint256 a, euint256 b) internal returns (euint256) {
+        return inco.eSub(s(a), s(b));
+    }
+
+    function sub(euint256 a, uint256 b) internal returns (euint256) {
+        return inco.eSub(s(a), asEuint256(b));
+    }
+
+    function sub(uint256 a, euint256 b) internal returns (euint256) {
+        return inco.eSub(asEuint256(a), s(b));
+    }
+
+    function mul(euint256 a, euint256 b) internal returns (euint256) {
+        return inco.eMul(s(a), s(b));
+    }
+
+    function mul(euint256 a, uint256 b) internal returns (euint256) {
+        return inco.eMul(s(a), asEuint256(b));
+    }
+
+    function mul(uint256 a, euint256 b) internal returns (euint256) {
+        return inco.eMul(asEuint256(a), s(b));
+    }
+
+    function div(euint256 a, euint256 b) internal returns (euint256) {
+        return inco.eDiv(s(a), s(b));
+    }
+
+    function div(euint256 a, uint256 b) internal returns (euint256) {
+        return inco.eDiv(s(a), asEuint256(b));
+    }
+
+    function div(uint256 a, euint256 b) internal returns (euint256) {
+        return inco.eDiv(asEuint256(a), s(b));
+    }
+
+    function rem(euint256 a, euint256 b) internal returns (euint256) {
+        return inco.eRem(s(a), s(b));
+    }
+
+    function rem(euint256 a, uint256 b) internal returns (euint256) {
+        return inco.eRem(s(a), asEuint256(b));
+    }
+
+    function rem(uint256 a, euint256 b) internal returns (euint256) {
+        return inco.eRem(asEuint256(a), s(b));
+    }
+
+    function and(euint256 a, euint256 b) internal returns (euint256) {
+        return euint256.wrap(inco.eBitAnd(euint256.unwrap(s(a)), euint256.unwrap(s(b))));
+    }
+
+    function and(euint256 a, uint256 b) internal returns (euint256) {
+        return euint256.wrap(inco.eBitAnd(euint256.unwrap(s(a)), euint256.unwrap(asEuint256(b))));
+    }
+
+    function and(uint256 a, euint256 b) internal returns (euint256) {
+        return euint256.wrap(inco.eBitAnd(euint256.unwrap(asEuint256(a)), euint256.unwrap(s(b))));
+    }
+
+    function and(ebool a, ebool b) internal returns (ebool) {
+        return ebool.wrap(inco.eBitAnd(ebool.unwrap(s(a)), ebool.unwrap(s(b))));
+    }
+
+    function and(ebool a, bool b) internal returns (ebool) {
+        return ebool.wrap(inco.eBitAnd(ebool.unwrap(s(a)), ebool.unwrap(asEbool(b))));
+    }
+
+    function and(bool a, ebool b) internal returns (ebool) {
+        return ebool.wrap(inco.eBitAnd(ebool.unwrap(asEbool(a)), ebool.unwrap(s(b))));
+    }
+
+    function or(euint256 a, euint256 b) internal returns (euint256) {
+        return euint256.wrap(inco.eBitOr(euint256.unwrap(s(a)), euint256.unwrap(s(b))));
+    }
+
+    function or(euint256 a, uint256 b) internal returns (euint256) {
+        return euint256.wrap(inco.eBitOr(euint256.unwrap(s(a)), euint256.unwrap(asEuint256(b))));
+    }
+
+    function or(uint256 a, euint256 b) internal returns (euint256) {
+        return euint256.wrap(inco.eBitOr(euint256.unwrap(asEuint256(a)), euint256.unwrap(s(b))));
+    }
+
+    function or(ebool a, ebool b) internal returns (ebool) {
+        return ebool.wrap(inco.eBitOr(ebool.unwrap(s(a)), ebool.unwrap(s(b))));
+    }
+
+    function or(ebool a, bool b) internal returns (ebool) {
+        return ebool.wrap(inco.eBitOr(ebool.unwrap(s(a)), ebool.unwrap(asEbool(b))));
+    }
+
+    function or(bool a, ebool b) internal returns (ebool) {
+        return ebool.wrap(inco.eBitOr(ebool.unwrap(asEbool(a)), ebool.unwrap(s(b))));
+    }
+
+    function xor(euint256 a, euint256 b) internal returns (euint256) {
+        return euint256.wrap(inco.eBitXor(euint256.unwrap(s(a)), euint256.unwrap(s(b))));
+    }
+
+    function xor(euint256 a, uint256 b) internal returns (euint256) {
+        return euint256.wrap(inco.eBitXor(euint256.unwrap(s(a)), euint256.unwrap(asEuint256(b))));
+    }
+
+    function xor(uint256 a, euint256 b) internal returns (euint256) {
+        return euint256.wrap(inco.eBitXor(euint256.unwrap(asEuint256(a)), euint256.unwrap(s(b))));
+    }
+
+    function xor(ebool a, ebool b) internal returns (ebool) {
+        return ebool.wrap(inco.eBitXor(ebool.unwrap(s(a)), ebool.unwrap(s(b))));
+    }
+
+    function xor(ebool a, bool b) internal returns (ebool) {
+        return ebool.wrap(inco.eBitXor(ebool.unwrap(s(a)), ebool.unwrap(asEbool(b))));
+    }
+
+    function xor(bool a, ebool b) internal returns (ebool) {
+        return ebool.wrap(inco.eBitXor(ebool.unwrap(asEbool(a)), ebool.unwrap(s(b))));
+    }
+
+    function shl(euint256 a, euint256 b) internal returns (euint256) {
+        return inco.eShl(s(a), s(b));
+    }
+
+    function shl(euint256 a, uint256 b) internal returns (euint256) {
+        return inco.eShl(s(a), asEuint256(b));
+    }
+
+    function shl(uint256 a, euint256 b) internal returns (euint256) {
+        return inco.eShl(asEuint256(a), s(b));
+    }
+
+    function shr(euint256 a, euint256 b) internal returns (euint256) {
+        return inco.eShr(s(a), s(b));
+    }
+
+    function shr(euint256 a, uint256 b) internal returns (euint256) {
+        return inco.eShr(s(a), asEuint256(b));
+    }
+
+    function shr(uint256 a, euint256 b) internal returns (euint256) {
+        return inco.eShr(asEuint256(a), s(b));
+    }
+
+    function rotl(euint256 a, euint256 b) internal returns (euint256) {
+        return inco.eRotl(s(a), s(b));
+    }
+
+    function rotl(euint256 a, uint256 b) internal returns (euint256) {
+        return inco.eRotl(s(a), asEuint256(b));
+    }
+
+    function rotl(uint256 a, euint256 b) internal returns (euint256) {
+        return inco.eRotl(asEuint256(a), s(b));
+    }
+
+    function rotr(euint256 a, euint256 b) internal returns (euint256) {
+        return inco.eRotr(s(a), s(b));
+    }
+
+    function rotr(euint256 a, uint256 b) internal returns (euint256) {
+        return inco.eRotr(s(a), asEuint256(b));
+    }
+
+    function rotr(uint256 a, euint256 b) internal returns (euint256) {
+        return inco.eRotr(asEuint256(a), s(b));
+    }
+
+    function eq(euint256 a, euint256 b) internal returns (ebool) {
+        return inco.eEq(s(a), s(b));
+    }
+
+    function eq(euint256 a, uint256 b) internal returns (ebool) {
+        return inco.eEq(s(a), asEuint256(b));
+    }
+
+    function eq(uint256 a, euint256 b) internal returns (ebool) {
+        return inco.eEq(asEuint256(a), s(b));
+    }
+
+    function ne(euint256 a, euint256 b) internal returns (ebool) {
+        return inco.eNe(s(a), s(b));
+    }
+
+    function ne(euint256 a, uint256 b) internal returns (ebool) {
+        return inco.eNe(s(a), asEuint256(b));
+    }
+
+    function ne(uint256 a, euint256 b) internal returns (ebool) {
+        return inco.eNe(asEuint256(a), s(b));
+    }
+
+    function ge(euint256 a, euint256 b) internal returns (ebool) {
+        return inco.eGe(s(a), s(b));
+    }
+
+    function ge(euint256 a, uint256 b) internal returns (ebool) {
+        return inco.eGe(s(a), asEuint256(b));
+    }
+
+    function ge(uint256 a, euint256 b) internal returns (ebool) {
+        return inco.eGe(asEuint256(a), s(b));
+    }
+
+    function gt(euint256 a, euint256 b) internal returns (ebool) {
+        return inco.eGt(s(a), s(b));
+    }
+
+    function gt(euint256 a, uint256 b) internal returns (ebool) {
+        return inco.eGt(s(a), asEuint256(b));
+    }
+
+    function gt(uint256 a, euint256 b) internal returns (ebool) {
+        return inco.eGt(asEuint256(a), s(b));
+    }
+
+    function le(euint256 a, euint256 b) internal returns (ebool) {
+        return inco.eLe(s(a), s(b));
+    }
+
+    function le(euint256 a, uint256 b) internal returns (ebool) {
+        return inco.eLe(s(a), asEuint256(b));
+    }
+
+    function le(uint256 a, euint256 b) internal returns (ebool) {
+        return inco.eLe(asEuint256(a), s(b));
+    }
+
+    function lt(euint256 a, euint256 b) internal returns (ebool) {
+        return inco.eLt(s(a), s(b));
+    }
+
+    function lt(euint256 a, uint256 b) internal returns (ebool) {
+        return inco.eLt(s(a), asEuint256(b));
+    }
+
+    function lt(uint256 a, euint256 b) internal returns (ebool) {
+        return inco.eLt(asEuint256(a), s(b));
+    }
+
+    function min(euint256 a, euint256 b) internal returns (euint256) {
+        return inco.eMin(s(a), s(b));
+    }
+
+    function min(euint256 a, uint256 b) internal returns (euint256) {
+        return inco.eMin(s(a), asEuint256(b));
+    }
+
+    function min(uint256 a, euint256 b) internal returns (euint256) {
+        return inco.eMin(asEuint256(a), s(b));
+    }
+
+    function max(euint256 a, euint256 b) internal returns (euint256) {
+        return inco.eMax(s(a), s(b));
+    }
+
+    function max(euint256 a, uint256 b) internal returns (euint256) {
+        return inco.eMax(s(a), asEuint256(b));
+    }
+
+    function max(uint256 a, euint256 b) internal returns (euint256) {
+        return inco.eMax(asEuint256(a), s(b));
+    }
+
+    function not(ebool a) internal returns (ebool) {
+        return inco.eNot(s(a));
+    }
+
+    function rand() internal returns (euint256) {
+        return euint256.wrap(inco.eRand(ETypes.Uint256));
+    }
+
+    function randBounded(uint256 upperBound) internal returns (euint256) {
+        return euint256.wrap(inco.eRandBounded(euint256.unwrap(asEuint256(upperBound)), ETypes.Uint256));
+    }
+
+    function randBounded(euint256 upperBound) internal returns (euint256) {
+        return euint256.wrap(inco.eRandBounded(euint256.unwrap(s(upperBound)), ETypes.Uint256));
+    }
+
+    function asEuint256(uint256 a) internal returns (euint256) {
+        return inco.asEuint256(a);
+    }
+
+    function asEbool(bool a) internal returns (ebool) {
+        return inco.asEbool(a);
+    }
+
+    function asEbool(euint256 a) internal returns (ebool) {
+        return ebool.wrap(inco.eCast(euint256.unwrap(a), ETypes.Bool));
+    }
+
+    function asEuint256(ebool a) internal returns (euint256) {
+        return euint256.wrap(inco.eCast(ebool.unwrap(a), ETypes.Uint256));
+    }
+
+    function newEuint256(bytes memory ciphertext, address user) internal returns (euint256) {
+        return inco.newEuint256(ciphertext, user);
+    }
+
+    function newEbool(bytes memory ciphertext, address user) internal returns (ebool) {
+        return inco.newEbool(ciphertext, user);
+    }
+
+    function allow(euint256 a, address to) internal {
+        inco.allow(euint256.unwrap(a), to);
+    }
+
+    function allow(ebool a, address to) internal {
+        inco.allow(ebool.unwrap(a), to);
+    }
+
+    function allowThis(euint256 a) internal {
+        allow(a, address(this));
+    }
+
+    function allowThis(ebool a) internal {
+        allow(a, address(this));
+    }
+
+    function isAllowed(address user, euint256 a) internal view returns (bool) {
+        return inco.isAllowed(euint256.unwrap(a), user);
+    }
+
+    function select(ebool control, euint256 ifTrue, euint256 ifFalse) internal returns (euint256) {
+        return euint256.wrap(inco.eIfThenElse(s(control), euint256.unwrap(s(ifTrue)), euint256.unwrap(s(ifFalse))));
+    }
+
+    function select(ebool control, ebool ifTrue, ebool ifFalse) internal returns (ebool) {
+        return ebool.wrap(inco.eIfThenElse(s(control), ebool.unwrap(s(ifTrue)), ebool.unwrap(s(ifFalse))));
+    }
+
+    function requestDecryption(euint256 a, bytes4 callbackSelector, bytes memory callbackData) internal returns (uint256 requestId) {
+        requestId = inco.requestDecryption(callbackSelector, block.timestamp + defaultDecryptionDelayLimit, euint256.unwrap(s(a)), callbackData);
+    }
+
+    function requestDecryption(ebool a, bytes4 callbackSelector, bytes memory callbackData) internal returns (uint256 requestId) {
+        requestId = inco.requestDecryption(callbackSelector, block.timestamp + defaultDecryptionDelayLimit, ebool.unwrap(s(a)), callbackData);
+    }
+}

package/src/lightning-parts/DecryptionHandler.sol

@@ -1,24 +1,35 @@
 // SPDX-License-Identifier: No License
 pragma solidity ^0.8;
 
-import {BaseAccessControlList} from "./AccessControl/BaseAccessControlList.sol";
 import {SenderNotAllowedForHandle} from "../Types.sol";
-import {SignatureVerifier} from "./primitives/SignatureVerifier.sol";
+import {BaseAccessControlList} from "./AccessControl/BaseAccessControlList.sol";
 import {EIP712} from "@openzeppelin/contracts/utils/cryptography/EIP712.sol";
 import {EventCounter} from "./primitives/EventCounter.sol";
+import {SignatureVerifier} from "./primitives/SignatureVerifier.sol";
 
 struct Request {
     uint256 maxTimestamp;
     address callbackContract;
     bytes4 callbackSelector;
-    // todo #450 should contain the handle
     bool fulfilled;
     bytes data;
+    // Adding at end of struct which should be unused state slot for version 0.2.0
+    bytes32 handle;
+    // This value is redundant for the contract but required for getPendingRequests, rather than duplicate this struct
+    // adding it here redundantly for now
+    uint256 requestId;
 }
 
 struct DecryptionResult {
     bytes32 abiEncodedResult;
     uint256 requestId;
+    // Added in 0.2.0 to offer an integrity check
+    bytes32 handle;
+}
+
+struct SignedDecryptionResult {
+    DecryptionResult result;
+    bytes signature;
 }
 
 event DecryptionRequested(
@@ -30,8 +41,13 @@ event DecryptionRequested(
 
 contract DecryptionHandlerStorage {
     struct DecryptionStorage {
-        uint256 requestIdCounter;
-        mapping(uint256 => Request) request;
+        // The next request ID to assign. This and higher numbers have never been used,
+        // hence there are no pending requests in that range.
+        uint256 nextRequestId;
+        mapping(uint256 => Request) requests;
+        // A requestId for which all previous requests have been fulfilled or are expired.
+        // Must be less than or equal to nextRequestId.  Only increases.
+        uint256 lowWatermark;
     }
 
     bytes32 private constant DecryptionStorageLocation =
@@ -85,16 +101,24 @@ abstract contract DecryptionHandler is
     DecryptionHandlerEip712Checker
 {
     // The Covalidator callback machinery relies on these exact error signatures which are hardcoded in eth_callback.go
-    error RequestAlreadyFulfilled();
-    error RequestExpired();
-    error InvalidResultSignature();
+    error AllRequestsAlreadyFulfilledOrExpired();
+    // Thrown when either msg.sender is not a valid signer or the signature is not from a valid signer
+    error InvalidResultSignature(address msgSender, bytes signature);
 
     event RequestFulfilled(
         uint256 indexed requestId,
         bool success,
-        uint256 eventId
+        uint256 eventId,
+        bytes32 handle
     );
 
+    // Maximum number of request mappings to access on any operation.
+    uint256 constant ITERATION_BOUND = 100;
+
+    function pending(Request memory r) internal view returns (bool) {
+        return !r.fulfilled && r.maxTimestamp >= block.timestamp;
+    }
+
     /// @dev callback function MUST be of form `function name(bytes32 requestId, bytes32 result, bytes memory data)`
     function requestDecryption(
         // todo support multiple handles per request
@@ -109,15 +133,20 @@ abstract contract DecryptionHandler is
         );
 
         DecryptionStorage storage $ = getDecryptionStorage();
-        requestId = $.requestIdCounter++;
-        $.request[requestId] = Request({
+        requestId = $.nextRequestId;
+        $.nextRequestId++;
+        $.requests[requestId] = Request({
             maxTimestamp: maxTimestamp,
             callbackContract: msg.sender,
             callbackSelector: callbackSelector,
             fulfilled: false,
-            data: data
+            data: data,
+            handle: handle,
+            requestId: requestId
         });
 
+        advanceLowWatermark(ITERATION_BOUND);
+
         emit DecryptionRequested(
             requestId,
             handle,
@@ -128,37 +157,179 @@ abstract contract DecryptionHandler is
 
     function fulfillRequest(
         DecryptionResult memory result,
-        bytes memory /* signature */
+        bytes memory signature
     ) external {
+        SignedDecryptionResult[]
+            memory signedResults = new SignedDecryptionResult[](1);
+        signedResults[0] = SignedDecryptionResult({
+            result: result,
+            signature: signature
+        });
+        fulfillRequestsBatch(signedResults);
+    }
+
+    function fulfillRequestsBatch(
+        SignedDecryptionResult[] memory results
+    ) public {
         DecryptionStorage storage $ = getDecryptionStorage();
-        Request storage request = $.request[result.requestId];
 
-        require(!request.fulfilled, RequestAlreadyFulfilled());
-        require(request.maxTimestamp >= block.timestamp, RequestExpired());
-        // require(isValidResult(result, signature), InvalidResultSignature());
-        require(
-            msg.sender == opSignerPubkeyAddress(),
-            InvalidResultSignature()
-        ); // todo beta implem so backend does not need to implement EIP712 signing yet
-        request.fulfilled = true;
-
-        bytes memory callbackCalldata = abi.encodeWithSelector(
-            request.callbackSelector,
-            result.requestId,
-            result.abiEncodedResult,
-            request.data
-        );
-        (bool success, ) = request.callbackContract.call(callbackCalldata);
-        emit RequestFulfilled(result.requestId, success, getNewEventId());
+        bool fulfilledSome = false;
+
+        for (uint i = 0; i < results.length; i++) {
+            Request storage request = $.requests[results[i].result.requestId];
+
+            if (!pending(request)) {
+                // The request was already fulfilled, or has expired.  Neither is an error.
+                continue;
+            }
+            // Support either an EIP712 signature or a direct call from the signer
+            require(
+                isSigner(msg.sender) ||
+                    isValidResult(results[i].result, results[i].signature),
+                InvalidResultSignature(msg.sender, results[i].signature)
+            );
+
+            bytes memory callbackCalldata = abi.encodeWithSelector(
+                request.callbackSelector,
+                results[i].result.requestId,
+                results[i].result.abiEncodedResult,
+                request.data
+                // TODO: add handle as an integrity check - already added to DecryptionResult but adding here would mean
+                //   dapp callback function signatures would need to change - which would be a breaking change
+                // request.handle
+            );
+
+            (bool success, ) = request.callbackContract.call(callbackCalldata);
+
+            request.fulfilled = true;
+            fulfilledSome = true;
+
+            emit RequestFulfilled(
+                results[i].result.requestId,
+                success,
+                getNewEventId(),
+                results[i].result.handle
+            );
+        }
+        // If we did not advance we revert, so that we can detect if everything is fulfilled during gas estimation
+        require(fulfilledSome, AllRequestsAlreadyFulfilledOrExpired());
+
+        // Otherwise, do some work to advance the low water mark.
+        advanceLowWatermark(ITERATION_BOUND);
     }
 
-    function getRequest(
-        uint256 requestId
-    ) external view returns (Request memory) {
-        return getDecryptionStorage().request[requestId];
+    /**
+     * @dev Get some pending requests.
+     * @param offset A parameter for paginating through the whole set of pending requests.
+     *     Use zero for an initial query, then use the previous query's nextOffset to continue traversal.
+     * @param maxRequests The maximum number of pending to return.
+     * @param iterationBound The maximum number of non-pending requests to iterate over before returning.
+     * @return nextOffset The next offset to use to continue to scan through the pending request set.
+     *     Returns the input offset if the whole set has been scanned.  Can re-query with this offset
+     *     to see any new pending requests, or re-query with a zero offset to return the whole set again.
+
+     * @return requests Some pending requests.  May be fewer than requested, possibly zero.  There may be
+     *     more requests available if the returned nextOffset is greater than the input offset.
+     */
+    function getPendingRequests(
+        uint256 offset,
+        uint256 maxRequests,
+        uint256 iterationBound
+    ) external view returns (uint256 nextOffset, Request[] memory requests) {
+        DecryptionStorage storage $ = getDecryptionStorage();
+
+        uint256 lwm = $.lowWatermark;
+        uint256 nextRequestId = $.nextRequestId;
+
+        // Start at the higher of offset and lwm, possibly skipping many completed requests.
+        uint256 id = offset;
+        if (id < lwm) {
+            id = lwm;
+        }
+
+        // Don't scan more than iterationBound extra entries or pass the nextRequestId.
+        uint256 limit = id + maxRequests + iterationBound;
+        if (limit > nextRequestId) {
+            limit = nextRequestId;
+        }
+
+        // Now id >= lmw and limit <= nextRequestId.
+        // It's possible that id >= limit, which is fine,
+        // and the next two loops will exit immediately.
+
+        // First calculate the size of array we need to allocate.
+        // (It's cheaper to scan the requests twice instead of allocating too much.)
+        uint256 numRequests = 0;
+        for (uint256 i = id; i < limit && numRequests < maxRequests; i++) {
+            Request memory request = $.requests[i];
+            if (pending(request)) {
+                numRequests++;
+            }
+        }
+
+        // Now populate the array
+        requests = new Request[](numRequests);
+        for (uint256 n = 0; id < limit && n < numRequests; id++) {
+            Request memory request = $.requests[id];
+            if (pending(request)) {
+                requests[n] = request;
+                n++;
+            }
+        }
+        nextOffset = id;
+    }
+
+    /**
+     * @dev Get some pending requests with a bounded number of iterations.
+     * @param offset A parameter for paginating through the whole set of pending requests.
+     *     Use zero for an initial query, then use the previous query's nextOffset to continue traversal.
+     * @param maxRequests The maximum number of pending to return.
+     * @return nextOffset The next offset to use to continue to scan through the pending request set.
+     *     Returns the input offset if the whole set has been scanned.  Can re-query with this offset
+     *     to see any new pending requests, or re-query with a zero offset to return the whole set again.
+     * @return requests Some pending requests.  May be fewer than requested, possibly zero.  There may be
+     *     more requests available if the returned nextOffset is greater than the input offset.
+     */
+    function getPendingRequests(
+        uint256 offset,
+        uint256 maxRequests
+    ) external view returns (uint256 nextOffset, Request[] memory requests) {
+        return this.getPendingRequests(offset, maxRequests, ITERATION_BOUND);
+    }
+
+    function getNextRequestId() external view returns (uint256) {
+        return getDecryptionStorage().nextRequestId;
     }
 
-    function getRequestIdCounter() external view returns (uint256) {
-        return getDecryptionStorage().requestIdCounter;
+    function getLowWatermarkRequestId() external view returns (uint256) {
+        return getDecryptionStorage().lowWatermark;
+    }
+
+    /**
+     * @dev Advance the low watermark until we hit a pending request, the requestId counter, or iterationBound steps.
+     * @param iterationBound The maximum number of requests to iterate over.
+     * @notice This function is public so that we can externally drive the low watermark in extreme cases.
+     */
+    function advanceLowWatermark(uint256 iterationBound) public {
+        DecryptionStorage storage $ = getDecryptionStorage();
+        uint256 lwm = $.lowWatermark;
+        uint256 nextRequestId = $.nextRequestId;
+        // Calling advanceLowWatermark with a 0 iterationBound will have no effect, but it will waste gas, and previously
+        // has been indicative of a bug, so leaving this revert as a affordance to callers.
+        require(iterationBound > 0, "iterateBound is zero!");
+        uint256 limit = lwm + iterationBound;
+        if (limit > nextRequestId) {
+            limit = nextRequestId;
+        }
+
+        while (lwm < limit) {
+            Request storage request = $.requests[lwm];
+            // Stop advancing when we hit the first still pending request
+            if (pending(request)) {
+                break;
+            }
+            lwm++;
+        }
+        $.lowWatermark = lwm;
     }
 }