@keep-network/tbtc-v2 0.1.1-dev.41 → 0.1.1-dev.44

package/contracts/bridge/BridgeState.sol

@@ -15,23 +15,28 @@
 
 pragma solidity ^0.8.9;
 
+import {IWalletRegistry as EcdsaWalletRegistry} from "@keep-network/ecdsa/contracts/api/IWalletRegistry.sol";
+
 import "./IRelay.sol";
 import "./Deposit.sol";
-import "./Redeem.sol";
+import "./Redemption.sol";
 import "./Fraud.sol";
+import "./Wallets.sol";
 
 import "../bank/Bank.sol";
 
 library BridgeState {
     // TODO: Make parameters governable
     struct Storage {
-        // The number of confirmations on the Bitcoin chain required to
-        // successfully evaluate an SPV proof.
-        uint256 txProofDifficultyFactor;
-        // Address of the Bank this Bridge belongs to.
+        // Address of the Bank the Bridge belongs to.
         Bank bank;
         // Bitcoin relay providing the current Bitcoin network difficulty.
         IRelay relay;
+        // ECDSA Wallet Registry contract handle.
+        EcdsaWalletRegistry ecdsaWalletRegistry;
+        // The number of confirmations on the Bitcoin chain required to
+        // successfully evaluate an SPV proof.
+        uint256 txProofDifficultyFactor;
         // Address where the deposit and redemption treasury fees will be sent
         // to. Treasury takes part in the operators rewarding process.
         address treasury;
@@ -78,6 +83,11 @@ library BridgeState {
         // if per single redemption. `movingFundsTxMaxTotalFee` is a total
         // fee for the entire transaction.
         uint64 movingFundsTxMaxTotalFee;
+        // Time after which the moving funds process can be reported as
+        // timed out. It is counted from the moment when the wallet
+        // was requested to move their funds and switched to the MovingFunds
+        // state. Value in seconds.
+        uint32 movingFundsTimeout;
         // The minimal amount that can be requested for redemption.
         // Value of this parameter must take into account the value of
         // `redemptionTreasuryFeeDivisor` and `redemptionTxMaxFee`
@@ -120,7 +130,7 @@ library BridgeState {
         //    successfully
         // - `notifyRedemptionTimeout` in case the request was reported
         //    to be timed out
-        mapping(uint256 => Redeem.RedemptionRequest) pendingRedemptions;
+        mapping(uint256 => Redemption.RedemptionRequest) pendingRedemptions;
         // Collection of all timed out redemptions requests indexed by
         // redemption key built as
         // `keccak256(walletPubKeyHash | redeemerOutputScript)`. The
@@ -134,7 +144,7 @@ library BridgeState {
         // - `notifyRedemptionTimeout` which puts the redemption key to this
         //    mapping basing on a timed out request stored previously in
         //    `pendingRedemptions` mapping.
-        mapping(uint256 => Redeem.RedemptionRequest) timedOutRedemptions;
+        mapping(uint256 => Redemption.RedemptionRequest) timedOutRedemptions;
         // The amount of stake slashed from each member of a wallet for a fraud.
         uint256 fraudSlashingAmount;
         // The percentage of the notifier reward from the staking contract
@@ -155,23 +165,302 @@ library BridgeState {
         // spent if it was used as an input of a transaction that have been
         // proven in the Bridge.
         mapping(uint256 => bool) spentMainUTXOs;
+        // Determines how frequently a new wallet creation can be requested.
+        // Value in seconds.
+        uint32 walletCreationPeriod;
+        // The minimum BTC threshold in satoshi that is used to decide about
+        // wallet creation or closing.
+        uint64 walletMinBtcBalance;
+        // The maximum BTC threshold in satoshi that is used to decide about
+        // wallet creation.
+        uint64 walletMaxBtcBalance;
+        // The maximum age of a wallet in seconds, after which the wallet
+        // moving funds process can be requested.
+        uint32 walletMaxAge;
+        // 20-byte wallet public key hash being reference to the currently
+        // active wallet. Can be unset to the zero value under certain
+        // circumstances.
+        bytes20 activeWalletPubKeyHash;
+        // The current number of wallets in the Live state.
+        uint32 liveWalletsCount;
+        // The maximum BTC amount in satoshi than can be transferred to a single
+        // target wallet during the moving funds process.
+        uint64 walletMaxBtcTransfer;
+        // Maps the 20-byte wallet public key hash (computed using Bitcoin
+        // HASH160 over the compressed ECDSA public key) to the basic wallet
+        // information like state and pending redemptions value.
+        mapping(bytes20 => Wallets.Wallet) registeredWallets;
+    }
+
+    event DepositParametersUpdated(
+        uint64 depositDustThreshold,
+        uint64 depositTreasuryFeeDivisor,
+        uint64 depositTxMaxFee
+    );
+
+    event RedemptionParametersUpdated(
+        uint64 redemptionDustThreshold,
+        uint64 redemptionTreasuryFeeDivisor,
+        uint64 redemptionTxMaxFee,
+        uint256 redemptionTimeout
+    );
+
+    event MovingFundsParametersUpdated(
+        uint64 movingFundsTxMaxTotalFee,
+        uint32 movingFundsTimeout
+    );
+
+    event WalletParametersUpdated(
+        uint32 walletCreationPeriod,
+        uint64 walletMinBtcBalance,
+        uint64 walletMaxBtcBalance,
+        uint32 walletMaxAge,
+        uint64 walletMaxBtcTransfer
+    );
+
+    event FraudParametersUpdated(
+        uint256 fraudSlashingAmount,
+        uint256 fraudNotifierRewardMultiplier,
+        uint256 fraudChallengeDefeatTimeout,
+        uint256 fraudChallengeDepositAmount
+    );
+
+    /// @notice Updates parameters of deposits.
+    /// @param _depositDustThreshold New value of the deposit dust threshold in
+    ///        satoshis. It is the minimal amount that can be requested to
+    ////       deposit. Value of this parameter must take into account the value
+    ///        of `depositTreasuryFeeDivisor` and `depositTxMaxFee` parameters
+    ///        in order to make requests that can incur the treasury and
+    ///        transaction fee and still satisfy the depositor
+    /// @param _depositTreasuryFeeDivisor New value of the treasury fee divisor.
+    ///        It is the divisor used to compute the treasury fee taken from
+    ///        each deposit and transferred to the treasury upon sweep proof
+    ///        submission. That fee is computed as follows:
+    ///        `treasuryFee = depositedAmount / depositTreasuryFeeDivisor`
+    ///        For example, if the treasury fee needs to be 2% of each deposit,
+    ///        the `depositTreasuryFeeDivisor` should be set to `50`
+    ///        because `1/50 = 0.02 = 2%`
+    /// @param _depositTxMaxFee New value of the deposit tx max fee in satoshis.
+    ///        It is the maximum amount of BTC transaction fee that can
+    ///        be incurred by each swept deposit being part of the given sweep
+    ///        transaction. If the maximum BTC transaction fee is exceeded,
+    ///        such transaction is considered a fraud
+    /// @dev Requirements:
+    ///      - Deposit treasury fee divisor must be greater than zero
+    function updateDepositParameters(
+        Storage storage self,
+        uint64 _depositDustThreshold,
+        uint64 _depositTreasuryFeeDivisor,
+        uint64 _depositTxMaxFee
+    ) internal {
+        require(
+            _depositTreasuryFeeDivisor > 0,
+            "Deposit treasury fee divisor must be greater than zero"
+        );
+
+        self.depositDustThreshold = _depositDustThreshold;
+        self.depositTreasuryFeeDivisor = _depositTreasuryFeeDivisor;
+        self.depositTxMaxFee = _depositTxMaxFee;
+
+        emit DepositParametersUpdated(
+            _depositDustThreshold,
+            _depositTreasuryFeeDivisor,
+            _depositTxMaxFee
+        );
     }
 
-    // TODO: Is it the right place for this function? Should we move it to Bridge?
-    /// @notice Determines the current Bitcoin SPV proof difficulty context.
-    /// @return proofDifficulty Bitcoin proof difficulty context.
-    function proofDifficultyContext(Storage storage self)
-        internal
-        view
-        returns (BitcoinTx.ProofDifficulty memory proofDifficulty)
-    {
-        IRelay relay = self.relay;
-        proofDifficulty.currentEpochDifficulty = relay
-            .getCurrentEpochDifficulty();
-        proofDifficulty.previousEpochDifficulty = relay
-            .getPrevEpochDifficulty();
-        proofDifficulty.difficultyFactor = self.txProofDifficultyFactor;
-
-        return proofDifficulty;
+    /// @notice Updates parameters of redemptions.
+    /// @param _redemptionDustThreshold New value of the redemption dust
+    ///        threshold in satoshis. It is the minimal amount that can be
+    ///        requested for redemption. Value of this parameter must take into
+    ///        account the value of `redemptionTreasuryFeeDivisor` and
+    ///        `redemptionTxMaxFee` parameters in order to make requests that
+    ///        can incur the treasury and transaction fee and still satisfy the
+    ///        redeemer.
+    /// @param _redemptionTreasuryFeeDivisor New value of the redemption
+    ///        treasury fee divisor. It is the divisor used to compute the
+    ///        treasury fee taken from each redemption request and transferred
+    ///        to the treasury upon successful request finalization. That fee is
+    ///        computed as follows:
+    ///        `treasuryFee = requestedAmount / redemptionTreasuryFeeDivisor`
+    ///        For example, if the treasury fee needs to be 2% of each
+    ///        redemption request, the `redemptionTreasuryFeeDivisor` should
+    ///        be set to `50` because `1/50 = 0.02 = 2%`.
+    /// @param _redemptionTxMaxFee New value of the redemption transaction max
+    ///        fee in satoshis. It is the maximum amount of BTC transaction fee
+    ///        that can be incurred by each redemption request being part of the
+    ///        given redemption transaction. If the maximum BTC transaction fee
+    ///        is exceeded, such transaction is considered a fraud.
+    /// @param _redemptionTimeout New value of the redemption timeout in seconds.
+    ///        It is the time after which the redemption request can be reported
+    ///        as timed out. It is counted from the moment when the redemption
+    ///        request was created via `requestRedemption` call. Reported  timed
+    ///        out requests are cancelled and locked TBTC is returned to the
+    ///        redeemer in full amount.
+    /// @dev Requirements:
+    ///      - Redemption treasury fee divisor must be greater than zero
+    ///      - Redemption timeout must be greater than zero
+    function updateRedemptionParameters(
+        Storage storage self,
+        uint64 _redemptionDustThreshold,
+        uint64 _redemptionTreasuryFeeDivisor,
+        uint64 _redemptionTxMaxFee,
+        uint256 _redemptionTimeout
+    ) internal {
+        require(
+            _redemptionTreasuryFeeDivisor > 0,
+            "Redemption treasury fee divisor must be greater than zero"
+        );
+
+        require(
+            _redemptionTimeout > 0,
+            "Redemption timeout must be greater than zero"
+        );
+
+        self.redemptionDustThreshold = _redemptionDustThreshold;
+        self.redemptionTreasuryFeeDivisor = _redemptionTreasuryFeeDivisor;
+        self.redemptionTxMaxFee = _redemptionTxMaxFee;
+        self.redemptionTimeout = _redemptionTimeout;
+
+        emit RedemptionParametersUpdated(
+            _redemptionDustThreshold,
+            _redemptionTreasuryFeeDivisor,
+            _redemptionTxMaxFee,
+            _redemptionTimeout
+        );
+    }
+
+    /// @notice Updates parameters of moving funds.
+    /// @param _movingFundsTxMaxTotalFee New value of the moving funds transaction
+    ///        max total fee in satoshis. It is the maximum amount of the total
+    ///        BTC transaction fee that is acceptable in a single moving funds
+    ///        transaction. This is a _total_ max fee for the entire moving
+    ///        funds transaction.
+    /// @param _movingFundsTimeout New value of the moving funds timeout in
+    ///        seconds. It is the time after which the moving funds process can
+    ///        be reported as timed out. It is counted from the moment when the
+    ///        wallet was requested to move their funds and switched to the
+    ///        MovingFunds state.
+    /// @dev Requirements:
+    ///      - Moving funds timeout must be greater than zero
+    function updateMovingFundsParameters(
+        Storage storage self,
+        uint64 _movingFundsTxMaxTotalFee,
+        uint32 _movingFundsTimeout
+    ) internal {
+        require(
+            _movingFundsTimeout > 0,
+            "Moving funds timeout must be greater than zero"
+        );
+
+        self.movingFundsTxMaxTotalFee = _movingFundsTxMaxTotalFee;
+        self.movingFundsTimeout = _movingFundsTimeout;
+
+        emit MovingFundsParametersUpdated(
+            _movingFundsTxMaxTotalFee,
+            _movingFundsTimeout
+        );
+    }
+
+    /// @notice Updates parameters of wallets.
+    /// @param _walletCreationPeriod New value of the wallet creation period in
+    ///        seconds, determines how frequently a new wallet creation can be
+    ///        requested
+    /// @param _walletMinBtcBalance New value of the wallet minimum BTC balance
+    ///        in satoshi, used to decide about wallet creation or closing
+    /// @param _walletMaxBtcBalance New value of the wallet maximum BTC balance
+    ///        in satoshi, used to decide about wallet creation
+    /// @param _walletMaxAge New value of the wallet maximum age in seconds,
+    ///        indicates the maximum age of a wallet in seconds, after which
+    ///        the wallet moving funds process can be requested
+    /// @param _walletMaxBtcTransfer New value of the wallet maximum BTC transfer
+    ///        in satoshi, determines the maximum amount that can be transferred
+    //         to a single target wallet during the moving funds process
+    /// @dev Requirements:
+    ///      - Wallet minimum BTC balance must be greater than zero
+    ///      - Wallet maximum BTC balance must be greater than the wallet
+    ///        minimum BTC balance
+    ///      - Wallet maximum BTC transfer must be greater than zero
+    function updateWalletParameters(
+        Storage storage self,
+        uint32 _walletCreationPeriod,
+        uint64 _walletMinBtcBalance,
+        uint64 _walletMaxBtcBalance,
+        uint32 _walletMaxAge,
+        uint64 _walletMaxBtcTransfer
+    ) internal {
+        require(
+            _walletMinBtcBalance > 0,
+            "Wallet minimum BTC balance must be greater than zero"
+        );
+        require(
+            _walletMaxBtcBalance > _walletMinBtcBalance,
+            "Wallet maximum BTC balance must be greater than the minimum"
+        );
+        require(
+            _walletMaxBtcTransfer > 0,
+            "Wallet maximum BTC transfer must be greater than zero"
+        );
+
+        self.walletCreationPeriod = _walletCreationPeriod;
+        self.walletMinBtcBalance = _walletMinBtcBalance;
+        self.walletMaxBtcBalance = _walletMaxBtcBalance;
+        self.walletMaxAge = _walletMaxAge;
+        self.walletMaxBtcTransfer = _walletMaxBtcTransfer;
+
+        emit WalletParametersUpdated(
+            _walletCreationPeriod,
+            _walletMinBtcBalance,
+            _walletMaxBtcBalance,
+            _walletMaxAge,
+            _walletMaxBtcTransfer
+        );
+    }
+
+    /// @notice Updates parameters related to frauds.
+    /// @param _fraudSlashingAmount New value of the fraud slashing amount in T,
+    ///        it is the amount slashed from each wallet member for committing
+    ///        a fraud
+    /// @param _fraudNotifierRewardMultiplier New value of the fraud notifier
+    ///        reward multiplier as percentage, it determines the percentage of
+    ///        the notifier reward from the staking contact the notifier of
+    ///        a fraud receives. The value must be in the range [0, 100]
+    /// @param _fraudChallengeDefeatTimeout New value of the challenge defeat
+    ///        timeout in seconds, it is the amount of time the wallet has to
+    ///        defeat a fraud challenge. The value must be greater than zero
+    /// @param _fraudChallengeDepositAmount New value of the fraud challenge
+    ///        deposit amount in wei, it is the amount of ETH the party
+    ///        challenging the wallet for fraud needs to deposit
+    /// @dev Requirements:
+    ///      - Fraud notifier reward multiplier must be in the range [0, 100]
+    ///      - Fraud challenge defeat timeout must be greater than 0
+    function updateFraudParameters(
+        Storage storage self,
+        uint256 _fraudSlashingAmount,
+        uint256 _fraudNotifierRewardMultiplier,
+        uint256 _fraudChallengeDefeatTimeout,
+        uint256 _fraudChallengeDepositAmount
+    ) internal {
+        require(
+            _fraudNotifierRewardMultiplier <= 100,
+            "Fraud notifier reward multiplier must be in the range [0, 100]"
+        );
+
+        require(
+            _fraudChallengeDefeatTimeout > 0,
+            "Fraud challenge defeat timeout must be greater than zero"
+        );
+
+        self.fraudSlashingAmount = _fraudSlashingAmount;
+        self.fraudNotifierRewardMultiplier = _fraudNotifierRewardMultiplier;
+        self.fraudChallengeDefeatTimeout = _fraudChallengeDefeatTimeout;
+        self.fraudChallengeDepositAmount = _fraudChallengeDepositAmount;
+
+        emit FraudParametersUpdated(
+            _fraudSlashingAmount,
+            _fraudNotifierRewardMultiplier,
+            _fraudChallengeDefeatTimeout,
+            _fraudChallengeDepositAmount
+        );
     }
 }

package/contracts/bridge/Deposit.sol

@@ -22,9 +22,29 @@ import "./BitcoinTx.sol";
 import "./BridgeState.sol";
 import "./Wallets.sol";
 
+/// @title Bridge deposit
+/// @notice The library handles the logic for revealing Bitcoin deposits to
+///         the Bridge.
+/// @dev The depositor puts together a P2SH or P2WSH address to deposit the
+///      funds. This script is unique to each depositor and looks like this:
+///
+///      ```
+///      <depositorAddress> DROP
+///      <blindingFactor> DROP
+///      DUP HASH160 <walletPubKeyHash> EQUAL
+///      IF
+///        CHECKSIG
+///      ELSE
+///        DUP HASH160 <refundPubkeyHash> EQUALVERIFY
+///        <refundLocktime> CHECKLOCKTIMEVERIFY DROP
+///        CHECKSIG
+///      ENDIF
+///      ```
+///
+///      Since each depositor has their own Ethereum address and their own
+///      secret blinding factor, each depositor’s script is unique, and the hash
+///      of each depositor’s script is unique.
 library Deposit {
-    using Wallets for Wallets.Data;
-
     using BTCUtils for bytes;
     using BytesLib for bytes;
 
@@ -123,14 +143,13 @@ library Deposit {
     ///      deposit script unlocks to receive their BTC back.
     function revealDeposit(
         BridgeState.Storage storage self,
-        Wallets.Data storage wallets,
         BitcoinTx.Info calldata fundingTx,
         DepositRevealInfo calldata reveal
     ) external {
         require(
-            wallets.registeredWallets[reveal.walletPubKeyHash].state ==
+            self.registeredWallets[reveal.walletPubKeyHash].state ==
                 Wallets.WalletState.Live,
-            "Wallet is not in Live state"
+            "Wallet must be in Live state"
         );
 
         require(
@@ -231,7 +250,7 @@ library Deposit {
         deposit.treasuryFee = self.depositTreasuryFeeDivisor > 0
             ? fundingOutputAmount / self.depositTreasuryFeeDivisor
             : 0;
-
+        // slither-disable-next-line reentrancy-events
         emit DepositRevealed(
             fundingTxHash,
             reveal.fundingOutputIndex,

package/contracts/bridge/EcdsaLib.sol

@@ -1,3 +1,18 @@
+// SPDX-License-Identifier: MIT
+
+// ██████████████     ▐████▌     ██████████████
+// ██████████████     ▐████▌     ██████████████
+//               ▐████▌    ▐████▌
+//               ▐████▌    ▐████▌
+// ██████████████     ▐████▌     ██████████████
+// ██████████████     ▐████▌     ██████████████
+//               ▐████▌    ▐████▌
+//               ▐████▌    ▐████▌
+//               ▐████▌    ▐████▌
+//               ▐████▌    ▐████▌
+//               ▐████▌    ▐████▌
+//               ▐████▌    ▐████▌
+
 pragma solidity ^0.8.9;
 
 import "@keep-network/bitcoin-spv-sol/contracts/BytesLib.sol";

package/contracts/bridge/Fraud.sol

@@ -24,7 +24,26 @@ import "./EcdsaLib.sol";
 import "./BridgeState.sol";
 import "./Wallets.sol";
 
+/// @title Bridge fraud
+/// @notice The library handles the logic for challenging Bridge wallets that
+///         committed fraud.
+/// @dev Anyone can submit a fraud challenge indicating that a UTXO being under
+///      the wallet control was unlocked by the wallet but was not used
+///      according to the protocol rules. That means the wallet signed
+///      a transaction input pointing to that UTXO and there is a unique
+///      sighash and signature pair associated with that input.
+///
+///      In order to defeat the challenge, the same wallet public key and
+///      signature must be provided as were used to calculate the sighash during
+///      the challenge. The wallet provides the preimage which produces sighash
+///      used to generate the ECDSA signature that is the subject of the fraud
+///      claim. The fraud challenge defeat attempt will only succeed if the
+///      inputs in the preimage are considered honestly spent by the wallet.
+///      Therefore the transaction spending the UTXO must be proven in the
+///      Bridge before a challenge defeat is called.
 library Fraud {
+    using Wallets for BridgeState.Storage;
+
     using BytesLib for bytes;
     using BTCUtils for bytes;
     using BTCUtils for uint32;
@@ -41,32 +60,18 @@ library Fraud {
         bool resolved;
     }
 
-    event FraudSlashingAmountUpdated(uint256 newFraudSlashingAmount);
-
-    event FraudNotifierRewardMultiplierUpdated(
-        uint256 newFraudNotifierRewardMultiplier
-    );
-
-    event FraudChallengeDefeatTimeoutUpdated(
-        uint256 newFraudChallengeDefeatTimeout
-    );
-
-    event FraudChallengeDepositAmountUpdated(
-        uint256 newFraudChallengeDepositAmount
-    );
-
     event FraudChallengeSubmitted(
-        bytes20 walletPublicKeyHash,
+        bytes20 walletPubKeyHash,
         bytes32 sighash,
         uint8 v,
         bytes32 r,
         bytes32 s
     );
 
-    event FraudChallengeDefeated(bytes20 walletPublicKeyHash, bytes32 sighash);
+    event FraudChallengeDefeated(bytes20 walletPubKeyHash, bytes32 sighash);
 
     event FraudChallengeDefeatTimedOut(
-        bytes20 walletPublicKeyHash,
+        bytes20 walletPubKeyHash,
         bytes32 sighash
     );
 
@@ -95,8 +100,8 @@ library Fraud {
     ///        for reference
     /// @param signature Bitcoin signature in the R/S/V format
     /// @dev Requirements:
-    ///      - Wallet behind `walletPublicKey` must be in `Live` or `MovingFunds`
-    ///        state
+    ///      - Wallet behind `walletPublicKey` must be in Live or MovingFunds
+    ///        or Closing state
     ///      - The challenger must send appropriate amount of ETH used as
     ///        fraud challenge deposit
     ///      - The signature (represented by r, s and v) must be generated by
@@ -104,7 +109,6 @@ library Fraud {
     ///      - Wallet can be challenged for the given signature only once
     function submitFraudChallenge(
         BridgeState.Storage storage self,
-        Wallets.Data storage wallets,
         bytes calldata walletPublicKey,
         bytes32 sighash,
         BitcoinTx.RSVSignature calldata signature
@@ -131,14 +135,15 @@ library Fraud {
         );
         bytes20 walletPubKeyHash = compressedWalletPublicKey.hash160View();
 
-        Wallets.Wallet storage wallet = wallets.registeredWallets[
+        Wallets.Wallet storage wallet = self.registeredWallets[
             walletPubKeyHash
         ];
 
         require(
             wallet.state == Wallets.WalletState.Live ||
-                wallet.state == Wallets.WalletState.MovingFunds,
-            "Wallet is neither in Live nor MovingFunds state"
+                wallet.state == Wallets.WalletState.MovingFunds ||
+                wallet.state == Wallets.WalletState.Closing,
+            "Wallet must be in Live or MovingFunds or Closing state"
         );
 
         uint256 challengeKey = uint256(
@@ -153,7 +158,7 @@ library Fraud {
         /* solhint-disable-next-line not-rely-on-time */
         challenge.reportedAt = uint32(block.timestamp);
         challenge.resolved = false;
-
+        // slither-disable-next-line reentrancy-events
         emit FraudChallengeSubmitted(
             walletPubKeyHash,
             sighash,
@@ -230,7 +235,7 @@ library Fraud {
 
         // Send the ether deposited by the challenger to the treasury
         /* solhint-disable avoid-low-level-calls */
-        // slither-disable-next-line low-level-calls
+        // slither-disable-next-line low-level-calls,unchecked-lowlevel,arbitrary-send
         self.treasury.call{gas: 100000, value: challenge.depositAmount}("");
         /* solhint-enable avoid-low-level-calls */
 
@@ -239,7 +244,7 @@ library Fraud {
             walletPublicKey.slice32(32)
         );
         bytes20 walletPubKeyHash = compressedWalletPublicKey.hash160View();
-
+        // slither-disable-next-line reentrancy-events
         emit FraudChallengeDefeated(walletPubKeyHash, sighash);
     }
 
@@ -262,9 +267,11 @@ library Fraud {
     ///        the transaction input the signature is produced for. See BIP-143
     ///        for reference
     /// @dev Requirements:
-    ///      - `walletPublicKey` and `sighash` must identify an open fraud
+    ///      - The wallet must be in the Live or MovingFunds or Closing or
+    ///        Terminated state
+    ///      - The `walletPublicKey` and `sighash` must identify an open fraud
     ///        challenge
-    ///      - the amount of time indicated by `challengeDefeatTimeout` must pass
+    ///      - The amount of time indicated by `challengeDefeatTimeout` must pass
     ///        after the challenge was reported
     function notifyFraudChallengeDefeatTimeout(
         BridgeState.Storage storage self,
@@ -276,11 +283,14 @@ library Fraud {
         );
 
         FraudChallenge storage challenge = self.fraudChallenges[challengeKey];
+
         require(challenge.reportedAt > 0, "Fraud challenge does not exist");
+
         require(
             !challenge.resolved,
             "Fraud challenge has already been resolved"
         );
+
         require(
             /* solhint-disable-next-line not-rely-on-time */
             block.timestamp >=
@@ -288,14 +298,10 @@ library Fraud {
             "Fraud challenge defeat period did not time out yet"
         );
 
-        // TODO: Call notifyFraud from Wallets library
-        // TODO: Reward the challenger
-
         challenge.resolved = true;
-
         // Return the ether deposited by the challenger
         /* solhint-disable avoid-low-level-calls */
-        // slither-disable-next-line low-level-calls
+        // slither-disable-next-line low-level-calls,unchecked-lowlevel
         challenge.challenger.call{gas: 100000, value: challenge.depositAmount}(
             ""
         );
@@ -306,7 +312,33 @@ library Fraud {
             walletPublicKey.slice32(32)
         );
         bytes20 walletPubKeyHash = compressedWalletPublicKey.hash160View();
+        Wallets.WalletState walletState = self
+            .registeredWallets[walletPubKeyHash]
+            .state;
+
+        if (
+            walletState == Wallets.WalletState.Live ||
+            walletState == Wallets.WalletState.MovingFunds ||
+            walletState == Wallets.WalletState.Closing
+        ) {
+            self.terminateWallet(walletPubKeyHash);
+
+            // TODO: Perform slashing of the wallet operators, reward the
+            //       challenger, and add unit tests for that.
+        } else if (walletState == Wallets.WalletState.Terminated) {
+            // This is a special case when the wallet was already terminated
+            // due to a previous deliberate protocol violation. In that
+            // case, this function should be still callable for other fraud
+            // challenges timeouts in order to let the challenger unlock its
+            // ETH deposit back. However, the wallet termination logic is
+            // not called and the challenger is not rewarded.
+        } else {
+            revert(
+                "Wallet must be in Live or MovingFunds or Closing or Terminated state"
+            );
+        }
 
+        // slither-disable-next-line reentrancy-events
         emit FraudChallengeDefeatTimedOut(walletPubKeyHash, sighash);
     }