Added validation of moved funds sweep proposal #762
Conversation
|
Solidity API documentation preview available in the artifacts of the https://github.com/keep-network/tbtc-v2/actions/runs/7276294367 check. |
tomaszslabon
force-pushed
the
update-proposal-validator-1
branch
from
c9d4587 to
a578602
Compare
|
Solidity API documentation preview available in the artifacts of the https://github.com/keep-network/tbtc-v2/actions/runs/7287309551 check. |
|
Solidity API documentation preview available in the artifacts of the https://github.com/keep-network/tbtc-v2/actions/runs/7301363343 check. |
| sweepRequest.walletPubKeyHash == proposal.walletPubKeyHash, | ||
| "Sweep request does not belong to the wallet" | ||
| ); | ||
|
|
There was a problem hiding this comment.
I'm wondering whether we need a kind of safety margin that would prevent handling moved funds sweep requests that are close to reaching their timeout. I mean a similar margin as we use for redemptions (REDEMPTION_REQUEST_TIMEOUT_SAFETY_MARGIN).
For redemptions, the goal of the safety margin is to prevent the case where the redeemer reports a timeout, gets their TBTC back, and additionally receives BTC from a belated wallet.
For moved funds sweep, a safety margin would prevent the case where the sweep request timeout is notified but the belated wallet would produce an unprovable Bitcoin transaction right after. The wallet would be anyway terminated and slashed upon timeout notification. A terminated wallet cannot be accused of fraud so, it wouldn't incur any negative consequences for producing an unprovable Bitcoin transaction. Moreover, if the sweep timeout would be a result of a software error rather than an explicit malice, such a wallet may try to recover to unlock funds. Having all funds under one UTXO would be very helpful in such a case.
That said, I think the safety margin is not needed for this function. Can you double-check and post your thoughts?
There was a problem hiding this comment.
I also think a timeout margin is unnecessary in case of moved funds sweep validation.
When a wallet performs a moved funds sweep transaction, it sends the funds to itself.
Therefore It shouldn't be a problem - the funds will end up in the wallet address, but as a single UTXO.
As you mentioned, the wallet will be in the Terminated state, so it won't be accused of a fraud even though it won't be able to submit the transaction proof.
|
Solidity API documentation preview available in the artifacts of the https://github.com/keep-network/tbtc-v2/actions/runs/7301504063 check. |
|
Solidity API documentation preview available in the artifacts of the https://github.com/keep-network/tbtc-v2/actions/runs/7358145453 check. |
#Refs: keep-network/keep-core#3733.
#Depends on: #757.
This PR adds moved funds sweep proposal validation to the wallet proposal validator smart contract.