Deposit refunds#537
Open
guidanoli wants to merge 3 commits into
Open
Conversation
- This commit fixes CI, which produced bindings for test utility contracts, which happen to generate invalid Rust code (overloaded library function).
Open
29 tasks
This file contains hidden or bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
Sign up for free
to join this conversation on GitHub.
Already have an account?
Sign in to comment
1 participant
Add this suggestion to a batch that can be applied as a single commit.This suggestion is invalid because no changes were made to the code.Suggestions cannot be applied while the pull request is closed.Suggestions cannot be applied while viewing a subset of changes.Only one suggestion per line can be applied in a batch.Add this suggestion to a batch that can be applied as a single commit.Applying suggestions on deleted lines is not supported.You must change the existing code in this line in order to create a valid suggestion.Outdated suggestions cannot be applied.This suggestion has been applied or marked resolved.Suggestions cannot be applied from pending reviews.Suggestions cannot be applied on multi-line comments.Suggestions cannot be applied while the pull request is queued to merge.Suggestion cannot be applied right now. Please check back later.
Summary
This PR implements the deposit refunds feature in the contracts. The application contract, once foreclosed, accepts deposit inputs, validates them against the application's input box, decodes them, checks whether they were finalized by the outputs Merkle root validator, and issues refund outputs to the original depositors. This PR also simplifies the retrieval of the input box by removing the data availability byte array in place of a reference to the input box contract. Closes #512.
New deployment
To avoid growing the application contract too much, the refund output building logic was modularized in a separate contract,
RefundOutputBuilder, which is deployed as a singleton (like the input box contract) on every supported network. The user shouldn't need to know its address (like the portal contracts) because it is injected in every application contract by the application factory.Last-processed block number
We have been using the last-processed block number as proxy for the epoch index in the consensus contracts, but now it has another purpose: drawing the line between finalized and non-finalized inputs. This is crucial to deposit refunds, as finalized deposit inputs are assumed to have been processed by the application and refundable through the emergency withdrawal feature (accounts drive). Meanwhile, non-finalized deposit inputs are assumed to not have been processed by the application, and are therefore refundable directly on the base layer.
Breaking changes
With the data availability refactoring, a few breaking changes were introduced in the user-facing
IApplicationFactoryandISelfHostedApplicationFactoryinterfaces. Thebytes dataAvailabilityparameter was replaced with anIInputBox inputBoxparameter, both on functions and events. For clients that encoded/decoded the data availability byte array on their side, this change should make deployment easier, as they can simply pass the input box contract directly (or take it from the app deployment event, without decoding). This, of course, restricts apps to using only the input box as source of DA.Tests
This PR tests refunds for each type of deposit, with randomized depositor addresses, execution-layer data, token IDs and values. It also extensively tests each deposit decoder and refund builder.
Rust bindings
This PR also restricts Rust bindings generation only to a few source contracts. This change aims to circumvent a bug in Forge that generates invalid code for libraries with overloaded external functions (which only affects libraries we only use in tests).