-
Notifications
You must be signed in to change notification settings - Fork 40
Escape Hatch: Add a way for owners of a funding-failed deposit to ask nicely for their UTXO(s) back #583
Conversation
This is the term used in the spec, so keep consistency throughout comments and revert messages.
It was still implying the output script had to be a P2WPKH script.
Funders no longer bond, they pay, and that payment is refunded in case of a fault that they did not cause.
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
Concept ACK. Question about storage, but I'm not the expert so I'll leave that to @NicholasDotSol
/// requests the return of a sent UTXO to _abortOutputScript. It | ||
/// imposes no requirements on the signing group. Signers may or may | ||
/// not send their UTXO to the requested output script, at their | ||
/// discretion and with no penalty for failing to do so. This can be |
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
I think it's worth explaining that while "there's no protocol incentive" a signer still "should" return funds, or similar? Just being clear that while the protocol can't enforce it, that doesn't mean depositors need to expect signers will steal their funds. Most signers at launch will be known entities after all
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
Did a pass at this, have a look.
This acts as a signal to the signing group corresponding to a deposit that failed funding that the depositor would like their UTXO back. This signal is completely unenforced by the system, as once it is deliverable the funding process has already failed completely and the signers have retrieved their bonds. However, it allows for off-chain coordination to return the funder's UTXO in unusual cases such as a funding transaction that was unprovable to the contract.
e87ef5c
to
24601d3
Compare
@NicholasDotSol one more for youuuu. |
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
looks good to me
) | ||
}) | ||
|
||
beforeEach(async () => { |
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
nit, but we can move all of this to the before
block, and then:
beforeEach(async () => {
await createSnapshot()
})
afterEach(async () => {
await restoreSnapshot()
})
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
Bah, I actually wanted to do this, but I think we're close enough here that I'm going to punt it to an imaginary future improvement.
To allow for mistakes in funding that can't be managed on-chain, this PR introduces a new deposit function,
requestFunderAbort
, that can only be called by the TDT holder after deposit setup has failed. The function merely emits aFunderAbortRequested
event that carries a funder-specified output script. Signers should, though they are not obligated by protocol or cryptoeconomically incentivized, coordinate to return any UTXO to the signer-controlled wallet back to the requested output script in the abort request.Remaining:
Closes #550.