Skip to content

Commit

Permalink
Add watchtower check upon redemption request
Browse files Browse the repository at this point in the history 
From now on, the `Bridge` consults the `RedemptionWatchtower`
while a new redemption request arises. The redemption request
is allowed only if:
- The balance owner is not banned in the watchtower
- The redeemer is not banned in the watchtower
- The redemption key was not objected to in the past
  • Loading branch information
@lukasz-zimnoch
lukasz-zimnoch committed Feb 20, 2024
1 parent 912f96a commit 9936af5
Show file tree
Hide file tree
Showing 4 changed files with 866 additions and 525 deletions.
34 changes: 33 additions & 1 deletion solidity/contracts/bridge/Redemption.sol
View file
Original file line number Diff line number Diff line change
Expand Up @@ -24,6 +24,27 @@ import "./Wallets.sol";

import "../bank/Bank.sol";

/// @notice Interface of the RedemptionWatchtower.
interface IRedemptionWatchtower {
/// @notice Determines whether a redemption request is considered safe.
/// @param walletPubKeyHash 20-byte public key hash of the wallet that
/// is meant to handle the redemption request.
/// @param redeemerOutputScript The redeemer's length-prefixed output
/// script (P2PKH, P2WPKH, P2SH or P2WSH) that is meant to
/// receive the redeemed amount.
/// @param balanceOwner The address of the Bank balance owner whose balance
/// is getting redeemed.
/// @param redeemer The address that requested the redemption.
/// @return True if the redemption request is safe, false otherwise.
/// Specific safety criteria depend on the implementation.
function isSafeRedemption(
bytes20 walletPubKeyHash,
bytes calldata redeemerOutputScript,
address balanceOwner,
address redeemer
) external view returns (bool);
}

/// @notice Aggregates functions common to the redemption transaction proof
/// validation and to the moving funds transaction proof validation.
library OutboundTx {
Expand Down Expand Up @@ -402,7 +423,18 @@ library Redemption {
bytes memory redeemerOutputScript,
uint64 amount
) internal {
// TODO: Validate the request against the RedemptionWatchtower.
if (self.redemptionWatchtower != address(0)) {
require(
IRedemptionWatchtower(self.redemptionWatchtower)
.isSafeRedemption(
walletPubKeyHash,
redeemerOutputScript,
balanceOwner,
redeemer
),
"Redemption request rejected by the watchtower"
);
}

Wallets.Wallet storage wallet = self.registeredWallets[
walletPubKeyHash
Expand Down
41 changes: 41 additions & 0 deletions solidity/contracts/bridge/RedemptionWatchtower.sol
View file
Original file line number Diff line number Diff line change
Expand Up @@ -425,4 +425,45 @@ contract RedemptionWatchtower is OwnableUpgradeable {
_levelTwoDelay
);
}

/// @notice Determines whether a redemption request is considered safe.
/// @param walletPubKeyHash 20-byte public key hash of the wallet that
/// is meant to handle the redemption request.
/// @param redeemerOutputScript The redeemer's length-prefixed output
/// script (P2PKH, P2WPKH, P2SH or P2WSH) that is meant to
/// receive the redeemed amount.
/// @param balanceOwner The address of the Bank balance owner whose balance
/// is getting redeemed.
/// @param redeemer The address that requested the redemption.
/// @return True if the redemption request is safe, false otherwise.
/// The redemption is considered safe when:
/// - The balance owner is not banned,
/// - The redeemer is not banned,
/// - There are no objections against past redemptions from the
/// given wallet to the given redeemer output script.
function isSafeRedemption(
bytes20 walletPubKeyHash,
bytes calldata redeemerOutputScript,
address balanceOwner,
address redeemer
) external view returns (bool) {
if (isBanned[balanceOwner]) {
return false;
}

if (isBanned[redeemer]) {
return false;
}

uint256 redemptionKey = Redemption.getRedemptionKey(
walletPubKeyHash,
redeemerOutputScript
);

if (vetoProposals[redemptionKey].objectionsCount > 0) {
return false;
}

return true;
}
}
Loading

0 comments on commit 9936af5

Please sign in to comment.