@keep-network/tbtc-v2 0.1.1-dev.43 → 0.1.1-dev.46

package/contracts/bridge/BridgeState.sol

@@ -15,6 +15,8 @@
 
 pragma solidity ^0.8.9;
 
+import {IWalletRegistry as EcdsaWalletRegistry} from "@keep-network/ecdsa/contracts/api/IWalletRegistry.sol";
+
 import "./IRelay.sol";
 import "./Deposit.sol";
 import "./Redemption.sol";
@@ -81,6 +83,11 @@ library BridgeState {
         // if per single redemption. `movingFundsTxMaxTotalFee` is a total
         // fee for the entire transaction.
         uint64 movingFundsTxMaxTotalFee;
+        // Time after which the moving funds process can be reported as
+        // timed out. It is counted from the moment when the wallet
+        // was requested to move their funds and switched to the MovingFunds
+        // state. Value in seconds.
+        uint32 movingFundsTimeout;
         // The minimal amount that can be requested for redemption.
         // Value of this parameter must take into account the value of
         // `redemptionTreasuryFeeDivisor` and `redemptionTxMaxFee`
@@ -174,40 +181,257 @@ library BridgeState {
         // active wallet. Can be unset to the zero value under certain
         // circumstances.
         bytes20 activeWalletPubKeyHash;
+        // The current number of wallets in the Live state.
+        uint32 liveWalletsCount;
+        // The maximum BTC amount in satoshi than can be transferred to a single
+        // target wallet during the moving funds process.
+        uint64 walletMaxBtcTransfer;
+        // Determines the length of the wallet closing period, i.e. the period
+        // when the wallet remains in the Closing state and can be subject
+        // of deposit fraud challenges. This value is in seconds and should be
+        // greater than the deposit refund time plus some time margin.
+        uint32 walletClosingPeriod;
         // Maps the 20-byte wallet public key hash (computed using Bitcoin
         // HASH160 over the compressed ECDSA public key) to the basic wallet
         // information like state and pending redemptions value.
         mapping(bytes20 => Wallets.Wallet) registeredWallets;
     }
 
+    event DepositParametersUpdated(
+        uint64 depositDustThreshold,
+        uint64 depositTreasuryFeeDivisor,
+        uint64 depositTxMaxFee
+    );
+
+    event RedemptionParametersUpdated(
+        uint64 redemptionDustThreshold,
+        uint64 redemptionTreasuryFeeDivisor,
+        uint64 redemptionTxMaxFee,
+        uint256 redemptionTimeout
+    );
+
+    event MovingFundsParametersUpdated(
+        uint64 movingFundsTxMaxTotalFee,
+        uint32 movingFundsTimeout
+    );
+
     event WalletParametersUpdated(
         uint32 walletCreationPeriod,
         uint64 walletMinBtcBalance,
         uint64 walletMaxBtcBalance,
-        uint32 walletMaxAge
+        uint32 walletMaxAge,
+        uint64 walletMaxBtcTransfer,
+        uint32 walletClosingPeriod
     );
 
+    event FraudParametersUpdated(
+        uint256 fraudSlashingAmount,
+        uint256 fraudNotifierRewardMultiplier,
+        uint256 fraudChallengeDefeatTimeout,
+        uint256 fraudChallengeDepositAmount
+    );
+
+    /// @notice Updates parameters of deposits.
+    /// @param _depositDustThreshold New value of the deposit dust threshold in
+    ///        satoshis. It is the minimal amount that can be requested to
+    ////       deposit. Value of this parameter must take into account the value
+    ///        of `depositTreasuryFeeDivisor` and `depositTxMaxFee` parameters
+    ///        in order to make requests that can incur the treasury and
+    ///        transaction fee and still satisfy the depositor
+    /// @param _depositTreasuryFeeDivisor New value of the treasury fee divisor.
+    ///        It is the divisor used to compute the treasury fee taken from
+    ///        each deposit and transferred to the treasury upon sweep proof
+    ///        submission. That fee is computed as follows:
+    ///        `treasuryFee = depositedAmount / depositTreasuryFeeDivisor`
+    ///        For example, if the treasury fee needs to be 2% of each deposit,
+    ///        the `depositTreasuryFeeDivisor` should be set to `50`
+    ///        because `1/50 = 0.02 = 2%`
+    /// @param _depositTxMaxFee New value of the deposit tx max fee in satoshis.
+    ///        It is the maximum amount of BTC transaction fee that can
+    ///        be incurred by each swept deposit being part of the given sweep
+    ///        transaction. If the maximum BTC transaction fee is exceeded,
+    ///        such transaction is considered a fraud
+    /// @dev Requirements:
+    ///      - Deposit dust threshold must be greater than zero
+    ///      - Deposit treasury fee divisor must be greater than zero
+    ///      - Deposit transaction max fee must be greater than zero
+    function updateDepositParameters(
+        Storage storage self,
+        uint64 _depositDustThreshold,
+        uint64 _depositTreasuryFeeDivisor,
+        uint64 _depositTxMaxFee
+    ) internal {
+        require(
+            _depositDustThreshold > 0,
+            "Deposit dust threshold must be greater than zero"
+        );
+
+        require(
+            _depositTreasuryFeeDivisor > 0,
+            "Deposit treasury fee divisor must be greater than zero"
+        );
+
+        require(
+            _depositTxMaxFee > 0,
+            "Deposit transaction max fee must be greater than zero"
+        );
+
+        self.depositDustThreshold = _depositDustThreshold;
+        self.depositTreasuryFeeDivisor = _depositTreasuryFeeDivisor;
+        self.depositTxMaxFee = _depositTxMaxFee;
+
+        emit DepositParametersUpdated(
+            _depositDustThreshold,
+            _depositTreasuryFeeDivisor,
+            _depositTxMaxFee
+        );
+    }
+
+    /// @notice Updates parameters of redemptions.
+    /// @param _redemptionDustThreshold New value of the redemption dust
+    ///        threshold in satoshis. It is the minimal amount that can be
+    ///        requested for redemption. Value of this parameter must take into
+    ///        account the value of `redemptionTreasuryFeeDivisor` and
+    ///        `redemptionTxMaxFee` parameters in order to make requests that
+    ///        can incur the treasury and transaction fee and still satisfy the
+    ///        redeemer.
+    /// @param _redemptionTreasuryFeeDivisor New value of the redemption
+    ///        treasury fee divisor. It is the divisor used to compute the
+    ///        treasury fee taken from each redemption request and transferred
+    ///        to the treasury upon successful request finalization. That fee is
+    ///        computed as follows:
+    ///        `treasuryFee = requestedAmount / redemptionTreasuryFeeDivisor`
+    ///        For example, if the treasury fee needs to be 2% of each
+    ///        redemption request, the `redemptionTreasuryFeeDivisor` should
+    ///        be set to `50` because `1/50 = 0.02 = 2%`.
+    /// @param _redemptionTxMaxFee New value of the redemption transaction max
+    ///        fee in satoshis. It is the maximum amount of BTC transaction fee
+    ///        that can be incurred by each redemption request being part of the
+    ///        given redemption transaction. If the maximum BTC transaction fee
+    ///        is exceeded, such transaction is considered a fraud.
+    ///        This is a per-redemption output max fee for the redemption
+    ///        transaction.
+    /// @param _redemptionTimeout New value of the redemption timeout in seconds.
+    ///        It is the time after which the redemption request can be reported
+    ///        as timed out. It is counted from the moment when the redemption
+    ///        request was created via `requestRedemption` call. Reported  timed
+    ///        out requests are cancelled and locked TBTC is returned to the
+    ///        redeemer in full amount.
+    /// @dev Requirements:
+    ///      - Redemption dust threshold must be greater than zero
+    ///      - Redemption treasury fee divisor must be greater than zero
+    ///      - Redemption transaction max fee must be greater than zero
+    ///      - Redemption timeout must be greater than zero
+    function updateRedemptionParameters(
+        Storage storage self,
+        uint64 _redemptionDustThreshold,
+        uint64 _redemptionTreasuryFeeDivisor,
+        uint64 _redemptionTxMaxFee,
+        uint256 _redemptionTimeout
+    ) internal {
+        require(
+            _redemptionDustThreshold > 0,
+            "Redemption dust threshold must be greater than zero"
+        );
+
+        require(
+            _redemptionTreasuryFeeDivisor > 0,
+            "Redemption treasury fee divisor must be greater than zero"
+        );
+
+        require(
+            _redemptionTxMaxFee > 0,
+            "Redemption transaction max fee must be greater than zero"
+        );
+
+        require(
+            _redemptionTimeout > 0,
+            "Redemption timeout must be greater than zero"
+        );
+
+        self.redemptionDustThreshold = _redemptionDustThreshold;
+        self.redemptionTreasuryFeeDivisor = _redemptionTreasuryFeeDivisor;
+        self.redemptionTxMaxFee = _redemptionTxMaxFee;
+        self.redemptionTimeout = _redemptionTimeout;
+
+        emit RedemptionParametersUpdated(
+            _redemptionDustThreshold,
+            _redemptionTreasuryFeeDivisor,
+            _redemptionTxMaxFee,
+            _redemptionTimeout
+        );
+    }
+
+    /// @notice Updates parameters of moving funds.
+    /// @param _movingFundsTxMaxTotalFee New value of the moving funds transaction
+    ///        max total fee in satoshis. It is the maximum amount of the total
+    ///        BTC transaction fee that is acceptable in a single moving funds
+    ///        transaction. This is a _total_ max fee for the entire moving
+    ///        funds transaction.
+    /// @param _movingFundsTimeout New value of the moving funds timeout in
+    ///        seconds. It is the time after which the moving funds process can
+    ///        be reported as timed out. It is counted from the moment when the
+    ///        wallet was requested to move their funds and switched to the
+    ///        MovingFunds state.
+    /// @dev Requirements:
+    ///      - Moving funds transaction max total fee must be greater than zero
+    ///      - Moving funds timeout must be greater than zero
+    function updateMovingFundsParameters(
+        Storage storage self,
+        uint64 _movingFundsTxMaxTotalFee,
+        uint32 _movingFundsTimeout
+    ) internal {
+        require(
+            _movingFundsTxMaxTotalFee > 0,
+            "Moving funds transaction max total fee must be greater than zero"
+        );
+
+        require(
+            _movingFundsTimeout > 0,
+            "Moving funds timeout must be greater than zero"
+        );
+
+        self.movingFundsTxMaxTotalFee = _movingFundsTxMaxTotalFee;
+        self.movingFundsTimeout = _movingFundsTimeout;
+
+        emit MovingFundsParametersUpdated(
+            _movingFundsTxMaxTotalFee,
+            _movingFundsTimeout
+        );
+    }
+
     /// @notice Updates parameters of wallets.
     /// @param _walletCreationPeriod New value of the wallet creation period in
     ///        seconds, determines how frequently a new wallet creation can be
     ///        requested
     /// @param _walletMinBtcBalance New value of the wallet minimum BTC balance
-    ///        in satoshis, used to decide about wallet creation or closing
+    ///        in satoshi, used to decide about wallet creation or closing
     /// @param _walletMaxBtcBalance New value of the wallet maximum BTC balance
-    ///        in satoshis, used to decide about wallet creation
+    ///        in satoshi, used to decide about wallet creation
     /// @param _walletMaxAge New value of the wallet maximum age in seconds,
     ///        indicates the maximum age of a wallet in seconds, after which
     ///        the wallet moving funds process can be requested
+    /// @param _walletMaxBtcTransfer New value of the wallet maximum BTC transfer
+    ///        in satoshi, determines the maximum amount that can be transferred
+    ///        to a single target wallet during the moving funds process
+    /// @param _walletClosingPeriod New value of the wallet closing period in
+    ///        seconds, determines the length of the wallet closing period,
+    //         i.e. the period when the wallet remains in the Closing state
+    //         and can be subject of deposit fraud challenges
     /// @dev Requirements:
     ///      - Wallet minimum BTC balance must be greater than zero
     ///      - Wallet maximum BTC balance must be greater than the wallet
     ///        minimum BTC balance
+    ///      - Wallet maximum BTC transfer must be greater than zero
+    ///      - Wallet closing period must be greater than zero
     function updateWalletParameters(
         Storage storage self,
         uint32 _walletCreationPeriod,
         uint64 _walletMinBtcBalance,
         uint64 _walletMaxBtcBalance,
-        uint32 _walletMaxAge
+        uint32 _walletMaxAge,
+        uint64 _walletMaxBtcTransfer,
+        uint32 _walletClosingPeriod
     ) internal {
         require(
             _walletMinBtcBalance > 0,
@@ -217,17 +441,76 @@ library BridgeState {
             _walletMaxBtcBalance > _walletMinBtcBalance,
             "Wallet maximum BTC balance must be greater than the minimum"
         );
+        require(
+            _walletMaxBtcTransfer > 0,
+            "Wallet maximum BTC transfer must be greater than zero"
+        );
+        require(
+            _walletClosingPeriod > 0,
+            "Wallet closing period must be greater than zero"
+        );
 
         self.walletCreationPeriod = _walletCreationPeriod;
         self.walletMinBtcBalance = _walletMinBtcBalance;
         self.walletMaxBtcBalance = _walletMaxBtcBalance;
         self.walletMaxAge = _walletMaxAge;
+        self.walletMaxBtcTransfer = _walletMaxBtcTransfer;
+        self.walletClosingPeriod = _walletClosingPeriod;
 
         emit WalletParametersUpdated(
             _walletCreationPeriod,
             _walletMinBtcBalance,
             _walletMaxBtcBalance,
-            _walletMaxAge
+            _walletMaxAge,
+            _walletMaxBtcTransfer,
+            _walletClosingPeriod
+        );
+    }
+
+    /// @notice Updates parameters related to frauds.
+    /// @param _fraudSlashingAmount New value of the fraud slashing amount in T,
+    ///        it is the amount slashed from each wallet member for committing
+    ///        a fraud
+    /// @param _fraudNotifierRewardMultiplier New value of the fraud notifier
+    ///        reward multiplier as percentage, it determines the percentage of
+    ///        the notifier reward from the staking contact the notifier of
+    ///        a fraud receives. The value must be in the range [0, 100]
+    /// @param _fraudChallengeDefeatTimeout New value of the challenge defeat
+    ///        timeout in seconds, it is the amount of time the wallet has to
+    ///        defeat a fraud challenge. The value must be greater than zero
+    /// @param _fraudChallengeDepositAmount New value of the fraud challenge
+    ///        deposit amount in wei, it is the amount of ETH the party
+    ///        challenging the wallet for fraud needs to deposit
+    /// @dev Requirements:
+    ///      - Fraud notifier reward multiplier must be in the range [0, 100]
+    ///      - Fraud challenge defeat timeout must be greater than 0
+    function updateFraudParameters(
+        Storage storage self,
+        uint256 _fraudSlashingAmount,
+        uint256 _fraudNotifierRewardMultiplier,
+        uint256 _fraudChallengeDefeatTimeout,
+        uint256 _fraudChallengeDepositAmount
+    ) internal {
+        require(
+            _fraudNotifierRewardMultiplier <= 100,
+            "Fraud notifier reward multiplier must be in the range [0, 100]"
+        );
+
+        require(
+            _fraudChallengeDefeatTimeout > 0,
+            "Fraud challenge defeat timeout must be greater than zero"
+        );
+
+        self.fraudSlashingAmount = _fraudSlashingAmount;
+        self.fraudNotifierRewardMultiplier = _fraudNotifierRewardMultiplier;
+        self.fraudChallengeDefeatTimeout = _fraudChallengeDefeatTimeout;
+        self.fraudChallengeDepositAmount = _fraudChallengeDepositAmount;
+
+        emit FraudParametersUpdated(
+            _fraudSlashingAmount,
+            _fraudNotifierRewardMultiplier,
+            _fraudChallengeDefeatTimeout,
+            _fraudChallengeDepositAmount
         );
     }
 }

package/contracts/bridge/Deposit.sol

@@ -149,7 +149,7 @@ library Deposit {
         require(
             self.registeredWallets[reveal.walletPubKeyHash].state ==
                 Wallets.WalletState.Live,
-            "Wallet is not in Live state"
+            "Wallet must be in Live state"
         );
 
         require(
@@ -250,7 +250,7 @@ library Deposit {
         deposit.treasuryFee = self.depositTreasuryFeeDivisor > 0
             ? fundingOutputAmount / self.depositTreasuryFeeDivisor
             : 0;
-
+        // slither-disable-next-line reentrancy-events
         emit DepositRevealed(
             fundingTxHash,
             reveal.fundingOutputIndex,

package/contracts/bridge/Fraud.sol

@@ -42,6 +42,8 @@ import "./Wallets.sol";
 ///      Therefore the transaction spending the UTXO must be proven in the
 ///      Bridge before a challenge defeat is called.
 library Fraud {
+    using Wallets for BridgeState.Storage;
+
     using BytesLib for bytes;
     using BTCUtils for bytes;
     using BTCUtils for uint32;
@@ -59,17 +61,17 @@ library Fraud {
     }
 
     event FraudChallengeSubmitted(
-        bytes20 walletPublicKeyHash,
+        bytes20 walletPubKeyHash,
         bytes32 sighash,
         uint8 v,
         bytes32 r,
         bytes32 s
     );
 
-    event FraudChallengeDefeated(bytes20 walletPublicKeyHash, bytes32 sighash);
+    event FraudChallengeDefeated(bytes20 walletPubKeyHash, bytes32 sighash);
 
     event FraudChallengeDefeatTimedOut(
-        bytes20 walletPublicKeyHash,
+        bytes20 walletPubKeyHash,
         bytes32 sighash
     );
 
@@ -98,8 +100,8 @@ library Fraud {
     ///        for reference
     /// @param signature Bitcoin signature in the R/S/V format
     /// @dev Requirements:
-    ///      - Wallet behind `walletPublicKey` must be in `Live` or `MovingFunds`
-    ///        state
+    ///      - Wallet behind `walletPublicKey` must be in Live or MovingFunds
+    ///        or Closing state
     ///      - The challenger must send appropriate amount of ETH used as
     ///        fraud challenge deposit
     ///      - The signature (represented by r, s and v) must be generated by
@@ -139,8 +141,9 @@ library Fraud {
 
         require(
             wallet.state == Wallets.WalletState.Live ||
-                wallet.state == Wallets.WalletState.MovingFunds,
-            "Wallet is neither in Live nor MovingFunds state"
+                wallet.state == Wallets.WalletState.MovingFunds ||
+                wallet.state == Wallets.WalletState.Closing,
+            "Wallet must be in Live or MovingFunds or Closing state"
         );
 
         uint256 challengeKey = uint256(
@@ -155,7 +158,7 @@ library Fraud {
         /* solhint-disable-next-line not-rely-on-time */
         challenge.reportedAt = uint32(block.timestamp);
         challenge.resolved = false;
-
+        // slither-disable-next-line reentrancy-events
         emit FraudChallengeSubmitted(
             walletPubKeyHash,
             sighash,
@@ -232,7 +235,7 @@ library Fraud {
 
         // Send the ether deposited by the challenger to the treasury
         /* solhint-disable avoid-low-level-calls */
-        // slither-disable-next-line low-level-calls
+        // slither-disable-next-line low-level-calls,unchecked-lowlevel,arbitrary-send
         self.treasury.call{gas: 100000, value: challenge.depositAmount}("");
         /* solhint-enable avoid-low-level-calls */
 
@@ -241,7 +244,7 @@ library Fraud {
             walletPublicKey.slice32(32)
         );
         bytes20 walletPubKeyHash = compressedWalletPublicKey.hash160View();
-
+        // slither-disable-next-line reentrancy-events
         emit FraudChallengeDefeated(walletPubKeyHash, sighash);
     }
 
@@ -264,9 +267,11 @@ library Fraud {
     ///        the transaction input the signature is produced for. See BIP-143
     ///        for reference
     /// @dev Requirements:
-    ///      - `walletPublicKey` and `sighash` must identify an open fraud
+    ///      - The wallet must be in the Live or MovingFunds or Closing or
+    ///        Terminated state
+    ///      - The `walletPublicKey` and `sighash` must identify an open fraud
     ///        challenge
-    ///      - the amount of time indicated by `challengeDefeatTimeout` must pass
+    ///      - The amount of time indicated by `challengeDefeatTimeout` must pass
     ///        after the challenge was reported
     function notifyFraudChallengeDefeatTimeout(
         BridgeState.Storage storage self,
@@ -278,11 +283,14 @@ library Fraud {
         );
 
         FraudChallenge storage challenge = self.fraudChallenges[challengeKey];
+
         require(challenge.reportedAt > 0, "Fraud challenge does not exist");
+
         require(
             !challenge.resolved,
             "Fraud challenge has already been resolved"
         );
+
         require(
             /* solhint-disable-next-line not-rely-on-time */
             block.timestamp >=
@@ -290,14 +298,10 @@ library Fraud {
             "Fraud challenge defeat period did not time out yet"
         );
 
-        // TODO: Call notifyFraud from Wallets library
-        // TODO: Reward the challenger
-
         challenge.resolved = true;
-
         // Return the ether deposited by the challenger
         /* solhint-disable avoid-low-level-calls */
-        // slither-disable-next-line low-level-calls
+        // slither-disable-next-line low-level-calls,unchecked-lowlevel
         challenge.challenger.call{gas: 100000, value: challenge.depositAmount}(
             ""
         );
@@ -308,7 +312,33 @@ library Fraud {
             walletPublicKey.slice32(32)
         );
         bytes20 walletPubKeyHash = compressedWalletPublicKey.hash160View();
+        Wallets.WalletState walletState = self
+            .registeredWallets[walletPubKeyHash]
+            .state;
+
+        if (
+            walletState == Wallets.WalletState.Live ||
+            walletState == Wallets.WalletState.MovingFunds ||
+            walletState == Wallets.WalletState.Closing
+        ) {
+            self.terminateWallet(walletPubKeyHash);
+
+            // TODO: Perform slashing of the wallet operators, reward the
+            //       challenger, and add unit tests for that.
+        } else if (walletState == Wallets.WalletState.Terminated) {
+            // This is a special case when the wallet was already terminated
+            // due to a previous deliberate protocol violation. In that
+            // case, this function should be still callable for other fraud
+            // challenges timeouts in order to let the challenger unlock its
+            // ETH deposit back. However, the wallet termination logic is
+            // not called and the challenger is not rewarded.
+        } else {
+            revert(
+                "Wallet must be in Live or MovingFunds or Closing or Terminated state"
+            );
+        }
 
+        // slither-disable-next-line reentrancy-events
         emit FraudChallengeDefeatTimedOut(walletPubKeyHash, sighash);
     }