Deposit contract suggestions #95
Conversation
|
Minimum allowed coverage is Generated by 🐒 cobertura-action against b663b89 |
kairos-cli: implement call to deposit endpoint and integration test
|
What's the idea behind this PR? Is it supposed to replace the other deposit contract PR? |
|
|
||
| #[derive(Event)] | ||
| pub struct Deposit { | ||
| pub account: Key, |
There was a problem hiding this comment.
What is this key type?
Can we use a more specific type?
There was a problem hiding this comment.
The problem is that this could be an AccountHash or a ContractPackageHash.
If you follow how the code that creates the Deposit event you can see that get_immediate_caller is called to figure out who the depositor is. That function in turn is calling call_stack_element_to_key which returns an Key which is derived either from an AccountHash or ContractPackageHash.
Notice that the underlying representation of these two types is not identical.
The question is whether it makes sense to constrain it to AccountHashes, that would imply that Contracts could not have a kairos/L2 account.
We could probably wrap it in an Either type
There was a problem hiding this comment.
I did this on purpose to support both Account Hashs and Contract Hashs, the Key wrapper in my implementation will work well for anything Kairos.
I know we don't like Casper Types but in this case it makes sense to use Key.
There was a problem hiding this comment.
@jonas089 If a contract is the depositor how do they make l2 transactions.
The Key is way to broad, it does not work.
To address an l2 account we cannot use casper account hash.
We need the user's public key.
It would be best if we got the public key from the l1 in the Deposit event.
If we cannot get the public key on the l1 in Deposit We could require the user to send it to the deposit endpoint with the deploy we forward.
But that would require going through the l2 to make a deposit which we might not want.
Making the l2 accounts Casper account hashes would require a lot of work and extra in zk compute.
#[repr(C)]
#[derive(PartialEq, Eq, Clone, Copy, PartialOrd, Ord, Hash)]
#[cfg_attr(feature = "datasize", derive(DataSize))]
pub enum Key {
/// A `Key` under which a user account is stored.
Account(AccountHash),
/// A `Key` under which a smart contract is stored and which is the pseudo-hash of the
/// contract.
Hash(HashAddr),
/// A `Key` which is a [`URef`], under which most types of data can be stored.
URef(URef),
/// A `Key` under which we store a transfer.
Transfer(TransferAddr),
/// A `Key` under which we store a deploy info.
DeployInfo(DeployHash),
/// A `Key` under which we store an era info.
EraInfo(EraId),
/// A `Key` under which we store a purse balance.
Balance(URefAddr),
/// A `Key` under which we store bid information
Bid(AccountHash),
/// A `Key` under which we store withdraw information.
Withdraw(AccountHash),
/// A `Key` variant whose value is derived by hashing [`URef`]s address and arbitrary data.
Dictionary(DictionaryAddr),
/// A `Key` variant under which system contract hashes are stored.
SystemContractRegistry,
/// A `Key` under which we store current era info.
EraSummary,
/// A `Key` under which we store unbond information.
Unbond(AccountHash),
/// A `Key` variant under which chainspec and other hashes are stored.
ChainspecRegistry,
/// A `Key` variant under which we store a registry of checksums.
ChecksumRegistry,
}There was a problem hiding this comment.
There is no way to derive the Public Key from an account hash.
I think your statement that "this doesn't work" is extreme. It definitely works and it might actually be the only solution, it just implies that we will have to hash Public Keys in some places and construct Account Hashs from those Public Keys when parsing the Events.
We can for simplicity restrict it to an account hash, but through call stack we will likely not be able to retrieve a Public Key. I see that this causes computational overhead, but it may not be avoidable unless we find a way to retrieve the Public Key directly from the callstack when the caller is an Account ( and ideally also for another Contract ). I am not aware of such functionality and if none of us find an alternative then I think that we have no choice.
It looks like we will have to use Account Hashs instead of Public Keys for accounting, or at least compute and match the Account Hash when applying Deposits to the L2 state.
There was a problem hiding this comment.
But this again is a Casper public key.
Or do we also use Casper public key in the L2?
There was a problem hiding this comment.
@koxu1996 I don't think we need to send a full signed tx deposit.
The signing of the tx deposit adds no additional guarantees over what the l1 session provides.
I was thinking we would just use tx for withdraw and transfer, and treat deposit separately since it's l1 initiated and simpler.
There was a problem hiding this comment.
We should make this decision asap @koxu1996 @Avi-D-coder so that we don't get blocked here. I'd like to merge this PR into the other contract PR because I think it's getting harder to work with when there are 2 PRs for the same issue.
Also we need the kairos-l1-utils crate which is not included on this branch for some reason. I am also confused over the issue that Andrzej pointed out where it looks like this PR is set to merge into Main.
There was a problem hiding this comment.
I agree with Avi I think the easiest would be using the named arg.
@jonas089 @koxu1996 Setting this PR to merge into master serves the purpose of seeing what exact changes would make it in master obviously and to review how the bigger picture would look like.
It moreover triggers the whole pipeline to run since the GHA only run on PRs against master.
There was a problem hiding this comment.
@Avi-D-coder Okay, I will stick to non-tx deposit.
@marijanp PR is "deposit contract suggestions", so as the name suggests, it should include suggestions/improvements over contract, not the whole contract.
| u64::try_from(amount).unwrap_or_else(|_| runtime::revert(ApiError::InvalidArgument)); | ||
|
|
||
| let new_deposit_record: Deposit = Deposit { | ||
| account: get_immediate_caller().unwrap_or_revert(), |
There was a problem hiding this comment.
We only use get_immediate_caller once.
Can we inline it and make it more robust?
There was a problem hiding this comment.
It is calling call_stack_element_to_key which is a function that is quite deeper. I would say it is fine to keep it factored out.
The idea is to get the requested changes incorporated and finallize the deposit contract. After we reach a state that addresses all the problems, the idea is to merge this into the It would be great if you could answer some of the review comments here. |
Sounds good, however I am confused by current target branch:
@marijanp Could you update base into Right now reviewing PR is more difficult (it includes many more commits), also there is a risk that someone will press "merge" button and merge it directly into |
@marijanp Well... I think we should take responsibility for our own work - I am glad you changed the base. The approver was missing, because I didn't want to let you merge it directly to |
|
you can merge this, lgtm edit: I'm done for today and will be back tomorrow morning. |
|
I resolved the conflicts and the PR is now ready to be merged. |
marijanp
force-pushed
the
feature/deposit-contract
branch
from
947e278
to
40822ed
Compare
marijanp
force-pushed
the
deposit-contract-marijan
branch
from
b163dff
to
b663b89
Compare
|
Is this PR ready to be merged? |
|
@jonas089 not yet, I'm investigating why the GHA fails |
Incorporate refactorings after discussions with @Avi-D-coder.
Merge this branch into
feature/deposit-contractthen mergefeature/deposit-contractinto master.Or directly merge this.