@keep-network/tbtc-v2 0.1.1-dev.43 → 0.1.1-dev.44

package/contracts/bridge/MovingFunds.sol

@@ -21,6 +21,7 @@ import {BytesLib} from "@keep-network/bitcoin-spv-sol/contracts/BytesLib.sol";
 import "./BitcoinTx.sol";
 import "./BridgeState.sol";
 import "./Redemption.sol";
+import "./Wallets.sol";
 
 /// @title Moving Bridge wallet funds
 /// @notice The library handles the logic for moving Bitcoin between Bridge
@@ -38,11 +39,155 @@ library MovingFunds {
     using BTCUtils for bytes;
     using BytesLib for bytes;
 
+    event MovingFundsCommitmentSubmitted(
+        bytes20 walletPubKeyHash,
+        bytes20[] targetWallets,
+        address submitter
+    );
+
     event MovingFundsCompleted(
         bytes20 walletPubKeyHash,
         bytes32 movingFundsTxHash
     );
 
+    event MovingFundsTimedOut(bytes20 walletPubKeyHash);
+
+    /// @notice Submits the moving funds target wallets commitment.
+    ///         Once all requirements are met, that function registers the
+    ///         target wallets commitment and opens the way for moving funds
+    ///         proof submission.
+    /// @param walletPubKeyHash 20-byte public key hash of the source wallet
+    /// @param walletMainUtxo Data of the source wallet's main UTXO, as
+    ///        currently known on the Ethereum chain
+    /// @param walletMembersIDs Identifiers of the source wallet signing group
+    ///        members
+    /// @param walletMemberIndex Position of the caller in the source wallet
+    ///        signing group members list
+    /// @param targetWallets List of 20-byte public key hashes of the target
+    ///        wallets that the source wallet commits to move the funds to
+    /// @dev Requirements:
+    ///      - The source wallet must be in the MovingFunds state
+    ///      - The source wallet must not have pending redemption requests
+    ///      - The source wallet must not have submitted its commitment already
+    ///      - The expression `keccak256(abi.encode(walletMembersIDs))` must
+    ///        be exactly the same as the hash stored under `membersIdsHash`
+    ///        for the given source wallet in the ECDSA registry. Those IDs are
+    ///        not directly stored in the contract for gas efficiency purposes
+    ///        but they can be read from appropriate `DkgResultSubmitted`
+    ///        and `DkgResultApproved` events.
+    ///      - The `walletMemberIndex` must be in range [1, walletMembersIDs.length]
+    ///      - The caller must be the member of the source wallet signing group
+    ///        at the position indicated by `walletMemberIndex` parameter
+    ///      - The `walletMainUtxo` components must point to the recent main
+    ///        UTXO of the source wallet, as currently known on the Ethereum
+    ///        chain.
+    ///      - Source wallet BTC balance must be greater than zero
+    ///      - At least one Live wallet must exist in the system
+    ///      - Submitted target wallets count must match the expected count
+    ///        `N = min(liveWalletsCount, ceil(walletBtcBalance / walletMaxBtcTransfer))`
+    ///        where `N > 0`
+    ///      - Each target wallet must be not equal to the source wallet
+    ///      - Each target wallet must follow the expected order i.e. all
+    ///        target wallets 20-byte public key hashes represented as numbers
+    ///        must form a strictly increasing sequence without duplicates.
+    ///      - Each target wallet must be in Live state
+    function submitMovingFundsCommitment(
+        BridgeState.Storage storage self,
+        bytes20 walletPubKeyHash,
+        BitcoinTx.UTXO calldata walletMainUtxo,
+        uint32[] calldata walletMembersIDs,
+        uint256 walletMemberIndex,
+        bytes20[] calldata targetWallets
+    ) external {
+        Wallets.Wallet storage wallet = self.registeredWallets[
+            walletPubKeyHash
+        ];
+
+        require(
+            wallet.state == Wallets.WalletState.MovingFunds,
+            "Source wallet must be in MovingFunds state"
+        );
+
+        require(
+            wallet.pendingRedemptionsValue == 0,
+            "Source wallet must handle all pending redemptions first"
+        );
+
+        require(
+            wallet.movingFundsTargetWalletsCommitmentHash == bytes32(0),
+            "Target wallets commitment already submitted"
+        );
+
+        require(
+            self.ecdsaWalletRegistry.isWalletMember(
+                wallet.ecdsaWalletID,
+                walletMembersIDs,
+                msg.sender,
+                walletMemberIndex
+            ),
+            "Caller is not a member of the source wallet"
+        );
+
+        uint64 walletBtcBalance = self.getWalletBtcBalance(
+            walletPubKeyHash,
+            walletMainUtxo
+        );
+
+        require(walletBtcBalance > 0, "Wallet BTC balance is zero");
+
+        uint256 expectedTargetWalletsCount = Math.min(
+            self.liveWalletsCount,
+            Math.ceilDiv(walletBtcBalance, self.walletMaxBtcTransfer)
+        );
+
+        // This requirement fails only when `liveWalletsCount` is zero. In
+        // that case, the system cannot accept the commitment and must provide
+        // new wallets first.
+        //
+        // TODO: Expose separate function to reset the moving funds timeout
+        //       if no Live wallets exist in the system.
+        require(expectedTargetWalletsCount > 0, "No target wallets available");
+
+        require(
+            targetWallets.length == expectedTargetWalletsCount,
+            "Submitted target wallets count is other than expected"
+        );
+
+        uint160 lastProcessedTargetWallet = 0;
+
+        for (uint256 i = 0; i < targetWallets.length; i++) {
+            bytes20 targetWallet = targetWallets[i];
+
+            require(
+                targetWallet != walletPubKeyHash,
+                "Submitted target wallet cannot be equal to the source wallet"
+            );
+
+            require(
+                uint160(targetWallet) > lastProcessedTargetWallet,
+                "Submitted target wallet breaks the expected order"
+            );
+
+            require(
+                self.registeredWallets[targetWallet].state ==
+                    Wallets.WalletState.Live,
+                "Submitted target wallet must be in Live state"
+            );
+
+            lastProcessedTargetWallet = uint160(targetWallet);
+        }
+
+        wallet.movingFundsTargetWalletsCommitmentHash = keccak256(
+            abi.encodePacked(targetWallets)
+        );
+
+        emit MovingFundsCommitmentSubmitted(
+            walletPubKeyHash,
+            targetWallets,
+            msg.sender
+        );
+    }
+
     /// @notice Used by the wallet to prove the BTC moving funds transaction
     ///         and to make the necessary state changes. Moving funds is only
     ///         accepted if it satisfies SPV proof.
@@ -125,7 +270,7 @@ library MovingFunds {
         );
 
         self.notifyWalletFundsMoved(walletPubKeyHash, targetWalletsHash);
-
+        // slither-disable-next-line reentrancy-events
         emit MovingFundsCompleted(walletPubKeyHash, movingFundsTxHash);
     }
 
@@ -283,4 +428,39 @@ library MovingFunds {
 
         return (targetWalletsHash, outputsTotalValue);
     }
+
+    /// @notice Notifies about a timed out moving funds process. Terminates
+    ///         the wallet and slashes signing group members as a result.
+    /// @param walletPubKeyHash 20-byte public key hash of the wallet
+    /// @dev Requirements:
+    ///      - The wallet must be in the MovingFunds state
+    ///      - The moving funds timeout must be actually exceeded
+    function notifyMovingFundsTimeout(
+        BridgeState.Storage storage self,
+        bytes20 walletPubKeyHash
+    ) external {
+        Wallets.Wallet storage wallet = self.registeredWallets[
+            walletPubKeyHash
+        ];
+
+        require(
+            wallet.state == Wallets.WalletState.MovingFunds,
+            "ECDSA wallet must be in MovingFunds state"
+        );
+
+        require(
+            /* solhint-disable-next-line not-rely-on-time */
+            block.timestamp >
+                wallet.movingFundsRequestedAt + self.movingFundsTimeout,
+            "Moving funds has not timed out yet"
+        );
+
+        self.terminateWallet(walletPubKeyHash);
+
+        // TODO: Perform slashing of wallet operators, reward the notifier
+        //       using seized amount, and add unit tests for that.
+
+        // slither-disable-next-line reentrancy-events
+        emit MovingFundsTimedOut(walletPubKeyHash);
+    }
 }

package/contracts/bridge/Redemption.sol

@@ -430,10 +430,6 @@ library Redemption {
         BitcoinTx.UTXO calldata mainUtxo,
         bytes20 walletPubKeyHash
     ) external {
-        // TODO: Just as for `submitSweepProof`, fail early if the function
-        //       call gets frontrunned. See discussion:
-        //       https://github.com/keep-network/tbtc-v2/pull/106#discussion_r801745204
-
         // The actual transaction proof is performed here. After that point, we
         // can assume the transaction happened on Bitcoin chain and has
         // a sufficient number of confirmations as determined by
@@ -603,11 +599,10 @@ library Redemption {
         bytes20 walletPubKeyHash,
         RedemptionTxOutputsProcessingInfo memory processInfo
     ) internal returns (RedemptionTxOutputsInfo memory resultInfo) {
-        // Helper variable that counts the number of processed redemption
-        // outputs. Redemptions can be either pending or reported as timed out.
-        // TODO: Revisit the approach with redemptions count according to
-        //       https://github.com/keep-network/tbtc-v2/pull/128#discussion_r808237765
-        uint256 processedRedemptionsCount = 0;
+        // Helper flag indicating whether there was at least one redemption
+        // output present (redemption must be either pending or reported as
+        // timed out).
+        bool redemptionPresent = false;
 
         // Outputs processing loop.
         for (uint256 i = 0; i < processInfo.outputsCount; i++) {
@@ -654,7 +649,7 @@ library Redemption {
                     );
                 resultInfo.totalBurnableValue += burnableValue;
                 resultInfo.totalTreasuryFee += treasuryFee;
-                processedRedemptionsCount++;
+                redemptionPresent = true;
             }
 
             // Make the `outputStartingIndex` pointing to the next output by
@@ -666,7 +661,7 @@ library Redemption {
         // referring back to the wallet PKH and just burning main UTXO value
         // for transaction fees.
         require(
-            processedRedemptionsCount > 0,
+            redemptionPresent,
             "Redemption transaction must process at least one redemption"
         );
     }
@@ -842,7 +837,7 @@ library Redemption {
             // Propagate timeout consequences to the wallet
             self.notifyWalletTimedOutRedemption(walletPubKeyHash);
         }
-
+        // slither-disable-next-line reentrancy-events
         emit RedemptionTimedOut(walletPubKeyHash, redeemerOutputScript);
 
         // Return the requested amount of tokens to the redeemer

package/contracts/bridge/Sweep.sol

@@ -109,9 +109,6 @@ library Sweep {
         BitcoinTx.Proof calldata sweepProof,
         BitcoinTx.UTXO calldata mainUtxo
     ) external {
-        // TODO: Fail early if the function call gets frontrunned. See discussion:
-        //       https://github.com/keep-network/tbtc-v2/pull/106#discussion_r801745204
-
         // The actual transaction proof is performed here. After that point, we
         // can assume the transaction happened on Bitcoin chain and has
         // a sufficient number of confirmations as determined by

package/contracts/bridge/Wallets.sol

@@ -16,8 +16,8 @@
 pragma solidity ^0.8.9;
 
 import {BTCUtils} from "@keep-network/bitcoin-spv-sol/contracts/BTCUtils.sol";
-import {IWalletRegistry as EcdsaWalletRegistry} from "@keep-network/ecdsa/contracts/api/IWalletRegistry.sol";
 import {EcdsaDkg} from "@keep-network/ecdsa/contracts/libraries/EcdsaDkg.sol";
+import {Math} from "@openzeppelin/contracts/utils/math/Math.sol";
 
 import "./BitcoinTx.sol";
 import "./EcdsaLib.sol";
@@ -40,8 +40,15 @@ library Wallets {
         ///      fulfill their pending redemption requests although new
         ///      redemption requests and new deposit reveals are not accepted.
         MovingFunds,
-        /// @dev The wallet moved or redeemed all their funds and cannot
-        ///      perform any action.
+        /// @dev The wallet moved or redeemed all their funds and is in the
+        ///      closing period where they can be subject of fraud challenges
+        ///      and must defend against them. This state is needed to protect
+        ///      against deposit frauds on deposits revealed but not swept.
+        ///      The closing period must be greater that the deposit refund
+        ///      time plus some time margin.
+        Closing,
+        /// @dev The wallet finalized the closing period successfully and
+        ///      cannot perform any action in the Bridge.
         Closed,
         /// @dev The wallet committed a fraud that was reported. The wallet is
         ///      blocked and can not perform any actions in the Bridge.
@@ -68,6 +75,9 @@ library Wallets {
         // UNIX timestamp indicating the moment the wallet was requested to
         // move their funds.
         uint32 movingFundsRequestedAt;
+        // UNIX timestamp indicating the moment the wallet's closing period
+        // started.
+        uint32 closingStartedAt;
         // Current state of the wallet.
         WalletState state;
         // Moving funds target wallet commitment submitted by the wallet. It
@@ -88,6 +98,11 @@ library Wallets {
         bytes20 indexed walletPubKeyHash
     );
 
+    event WalletClosing(
+        bytes32 indexed ecdsaWalletID,
+        bytes20 indexed walletPubKeyHash
+    );
+
     event WalletClosed(
         bytes32 indexed ecdsaWalletID,
         bytes20 indexed walletPubKeyHash
@@ -237,6 +252,8 @@ library Wallets {
         // Set the freshly created wallet as the new active wallet.
         self.activeWalletPubKeyHash = walletPubKeyHash;
 
+        self.liveWalletsCount++;
+
         emit NewWalletRegistered(ecdsaWalletID, walletPubKeyHash);
     }
 
@@ -347,9 +364,8 @@ library Wallets {
     }
 
     /// @notice Requests a wallet to move their funds. If the wallet balance
-    ///         is zero, the wallet is closed immediately and the ECDSA
-    ///         registry is notified about this fact. If the move funds
-    ///         request refers to the current active wallet, such a wallet
+    ///         is zero, the wallet closing begins immediately. If the move
+    ///         funds request refers to the current active wallet, such a wallet
     ///         is no longer considered active and the active wallet slot
     ///         is unset allowing to trigger a new wallet creation immediately.
     /// @param walletPubKeyHash 20-byte public key hash of the wallet
@@ -363,8 +379,8 @@ library Wallets {
 
         if (wallet.mainUtxoHash == bytes32(0)) {
             // If the wallet has no main UTXO, that means its BTC balance
-            // is zero and it should be closed immediately.
-            closeWallet(self, walletPubKeyHash);
+            // is zero and the wallet closing should begin immediately.
+            beginWalletClosing(self, walletPubKeyHash);
         } else {
             // Otherwise, initialize the moving funds process.
             wallet.state = WalletState.MovingFunds;
@@ -380,51 +396,49 @@ library Wallets {
             // possible in order to get a new healthy active wallet.
             delete self.activeWalletPubKeyHash;
         }
+
+        self.liveWalletsCount--;
     }
 
-    /// @notice Closes the given wallet and notifies the ECDSA registry
-    ///         about this fact.
+    /// @notice Begins the closing period of the given wallet.
     /// @param walletPubKeyHash 20-byte public key hash of the wallet
     /// @dev Requirements:
     ///      - The caller must make sure that the wallet is in the
-    ///        Live or MovingFunds state.
-    function closeWallet(
+    ///        MovingFunds state
+    function beginWalletClosing(
         BridgeState.Storage storage self,
         bytes20 walletPubKeyHash
     ) internal {
         Wallet storage wallet = self.registeredWallets[walletPubKeyHash];
+        // Initialize the closing period.
+        wallet.state = WalletState.Closing;
+        /* solhint-disable-next-line not-rely-on-time */
+        wallet.closingStartedAt = uint32(block.timestamp);
 
-        wallet.state = WalletState.Closed;
-
-        emit WalletClosed(wallet.ecdsaWalletID, walletPubKeyHash);
-
-        self.ecdsaWalletRegistry.closeWallet(wallet.ecdsaWalletID);
+        emit WalletClosing(wallet.ecdsaWalletID, walletPubKeyHash);
     }
 
-    /// @notice Reports about a fraud committed by the given wallet. This
-    ///         function performs slashing and wallet termination in reaction
-    ///         to a proven fraud and it should only be called when the fraud
-    ///         was confirmed.
+    /// @notice Finalizes the closing period of the given wallet and notifies
+    ///         the ECDSA registry about this fact.
     /// @param walletPubKeyHash 20-byte public key hash of the wallet
     /// @dev Requirements:
-    ///      - Wallet must be in Live or MovingFunds state
-    function notifyWalletFraud(
+    ///      - The caller must make sure that the wallet is in the Closing state
+    ///
+    /// TODO: Make this function callable from the Bridge contract if
+    ///       `block.timestamp > wallet.closingStartedAt + self.walletClosingPeriod`.
+    ///
+    // slither-disable-next-line dead-code
+    function finalizeWalletClosing(
         BridgeState.Storage storage self,
         bytes20 walletPubKeyHash
     ) internal {
-        WalletState walletState = self
-            .registeredWallets[walletPubKeyHash]
-            .state;
+        Wallet storage wallet = self.registeredWallets[walletPubKeyHash];
 
-        require(
-            walletState == WalletState.Live ||
-                walletState == WalletState.MovingFunds,
-            "ECDSA wallet must be in Live or MovingFunds state"
-        );
+        wallet.state = WalletState.Closed;
 
-        terminateWallet(self, walletPubKeyHash);
+        emit WalletClosed(wallet.ecdsaWalletID, walletPubKeyHash);
 
-        // TODO: Perform slashing of wallet operators and add unit tests for that.
+        self.ecdsaWalletRegistry.closeWallet(wallet.ecdsaWalletID);
     }
 
     /// @notice Terminates the given wallet and notifies the ECDSA registry
@@ -435,13 +449,17 @@ library Wallets {
     /// @param walletPubKeyHash 20-byte public key hash of the wallet
     /// @dev Requirements:
     ///      - The caller must make sure that the wallet is in the
-    ///        Live or MovingFunds state.
+    ///        Live or MovingFunds or Closing state.
     function terminateWallet(
         BridgeState.Storage storage self,
         bytes20 walletPubKeyHash
     ) internal {
         Wallet storage wallet = self.registeredWallets[walletPubKeyHash];
 
+        if (wallet.state == WalletState.Live) {
+            self.liveWalletsCount--;
+        }
+
         wallet.state = WalletState.Terminated;
 
         emit WalletTerminated(wallet.ecdsaWalletID, walletPubKeyHash);
@@ -505,6 +523,6 @@ library Wallets {
         // If funds were moved, the wallet has no longer a main UTXO.
         delete wallet.mainUtxoHash;
 
-        closeWallet(self, walletPubKeyHash);
+        beginWalletClosing(self, walletPubKeyHash);
     }
 }

package/deploy/00_resolve_relay.ts

@@ -0,0 +1,28 @@
+import { HardhatRuntimeEnvironment } from "hardhat/types"
+import { DeployFunction } from "hardhat-deploy/types"
+
+const func: DeployFunction = async function (hre: HardhatRuntimeEnvironment) {
+  const { getNamedAccounts, deployments, helpers } = hre
+  const { log } = deployments
+  const { deployer } = await getNamedAccounts()
+
+  const Relay = await deployments.getOrNull("Relay")
+
+  if (Relay && helpers.address.isValid(Relay.address)) {
+    log(`using external Relay at ${Relay.address}`)
+  } else if (hre.network.name !== "hardhat") {
+    throw new Error("deployed Relay contract not found")
+  } else {
+    log("deploying Relay stub")
+
+    await deployments.deploy("Relay", {
+      contract: "TestRelay",
+      from: deployer,
+      log: true,
+    })
+  }
+}
+
+export default func
+
+func.tags = ["Relay"]

package/deploy/04_deploy_bank.ts

@@ -0,0 +1,25 @@
+import { HardhatRuntimeEnvironment } from "hardhat/types"
+import { DeployFunction } from "hardhat-deploy/types"
+
+const func: DeployFunction = async function (hre: HardhatRuntimeEnvironment) {
+  const { deployments, getNamedAccounts } = hre
+  const { deploy } = deployments
+  const { deployer } = await getNamedAccounts()
+
+  const Bank = await deploy("Bank", {
+    from: deployer,
+    args: [],
+    log: true,
+  })
+
+  if (hre.network.tags.tenderly) {
+    await hre.tenderly.verify({
+      name: "Bank",
+      address: Bank.address,
+    })
+  }
+}
+
+export default func
+
+func.tags = ["Bank"]

package/deploy/05_deploy_bridge.ts

@@ -0,0 +1,60 @@
+import { HardhatRuntimeEnvironment } from "hardhat/types"
+import { DeployFunction } from "hardhat-deploy/types"
+
+const func: DeployFunction = async function (hre: HardhatRuntimeEnvironment) {
+  const { deployments, getNamedAccounts } = hre
+  const { deploy } = deployments
+  const { deployer, treasury } = await getNamedAccounts()
+
+  const Bank = await deployments.get("Bank")
+  const Relay = await deployments.get("Relay")
+
+  // TODO: Test for mainnet deployment that when `WalletRegistry` is provided
+  // in `external/mainnet/` directory it gets resolved correctly, and the deployment
+  // script from `@keep-network/ecdsa` is not invoked once again.
+  const WalletRegistry = await deployments.get("WalletRegistry")
+
+  const txProofDifficultyFactor = 6
+
+  const Deposit = await deploy("Deposit", { from: deployer, log: true })
+  const Sweep = await deploy("Sweep", { from: deployer, log: true })
+  const Redemption = await deploy("Redemption", { from: deployer, log: true })
+  const Wallets = await deploy("Wallets", { from: deployer, log: true })
+  const Fraud = await deploy("Fraud", { from: deployer, log: true })
+  const MovingFunds = await deploy("MovingFunds", {
+    from: deployer,
+    log: true,
+  })
+
+  const Bridge = await deploy("Bridge", {
+    from: deployer,
+    args: [
+      Bank.address,
+      Relay.address,
+      treasury,
+      WalletRegistry.address,
+      txProofDifficultyFactor,
+    ],
+    libraries: {
+      Deposit: Deposit.address,
+      Sweep: Sweep.address,
+      Redemption: Redemption.address,
+      Wallets: Wallets.address,
+      Fraud: Fraud.address,
+      MovingFunds: MovingFunds.address,
+    },
+    log: true,
+  })
+
+  if (hre.network.tags.tenderly) {
+    await hre.tenderly.verify({
+      name: "Bridge",
+      address: Bridge.address,
+    })
+  }
+}
+
+export default func
+
+func.tags = ["Bridge"]
+func.dependencies = ["Bank", "Relay", "Treasury", "WalletRegistry"]

package/deploy/06_bank_update_bridge.ts

@@ -0,0 +1,19 @@
+import { HardhatRuntimeEnvironment } from "hardhat/types"
+import { DeployFunction } from "hardhat-deploy/types"
+
+const func: DeployFunction = async function (hre: HardhatRuntimeEnvironment) {
+  const { getNamedAccounts, deployments } = hre
+  const { execute, log } = deployments
+  const { deployer } = await getNamedAccounts()
+
+  const Bridge = await deployments.get("Bridge")
+
+  log("updating Bridge in Bank")
+
+  await execute("Bank", { from: deployer }, "updateBridge", Bridge.address)
+}
+
+export default func
+
+func.tags = ["BankUpdateBridge"]
+func.dependencies = ["Bank", "Bridge"]

package/deploy/07_transfer_ownership.ts

@@ -0,0 +1,17 @@
+import { HardhatRuntimeEnvironment } from "hardhat/types"
+import { DeployFunction } from "hardhat-deploy/types"
+
+const func: DeployFunction = async function (hre: HardhatRuntimeEnvironment) {
+  const { getNamedAccounts, helpers } = hre
+  const { deployer, governance } = await getNamedAccounts()
+
+  await helpers.ownable.transferOwnership("Bank", governance, deployer)
+
+  await helpers.ownable.transferOwnership("Bridge", governance, deployer)
+}
+
+export default func
+
+func.tags = ["TransferOwnership"]
+func.dependencies = ["Bank", "Bridge"]
+func.runAtTheEnd = true