RandomBeacon

RandomBeacon

This file documents a contract which is not yet deployed to Mainnet.

Keep Random Beacon contract. It lets to request a new relay entry and validates the new relay entry provided by the network. This contract is in charge of all other Random Beacon activities such as group lifecycle or slashing.

Should be owned by the governance contract controlling Random Beacon parameters.

genesisSeed

uint256 genesisSeed

Seed value used for the genesis group selection. https://www.wolframalpha.com/input/?i=pi+to+78+digits

_callbackGasLimit

uint256 _callbackGasLimit

Relay entry callback gas limit. This is the gas limit with which callback function provided in the relay request transaction is executed. The callback is executed with a new relay entry value in the same transaction the relay entry is submitted.

_groupCreationFrequency

uint256 _groupCreationFrequency

The frequency of new group creation. Groups are created with a fixed frequency of relay requests.

_maliciousDkgResultSlashingAmount

uint96 _maliciousDkgResultSlashingAmount

Slashing amount for submitting a malicious DKG result. Every DKG result submitted can be challenged for the time of dkg.ResultChallengePeriodLength. If the DKG result submitted is challenged and proven to be malicious, the operator who submitted the malicious result is slashed for _maliciousDkgResultSlashingAmount.

_unauthorizedSigningSlashingAmount

uint96 _unauthorizedSigningSlashingAmount

Slashing amount when an unauthorized signing has been proved, which means the private key leaked and all the group members should be punished.

_sortitionPoolRewardsBanDuration

uint256 _sortitionPoolRewardsBanDuration

Duration of the sortition pool rewards ban imposed on operators who misbehaved during DKG by being inactive or disqualified and for operators that were identified by the rest of group members as inactive via notifyOperatorInactivity.

_relayEntryTimeoutNotificationRewardMultiplier

uint256 _relayEntryTimeoutNotificationRewardMultiplier

Percentage of the staking contract malicious behavior notification reward which will be transferred to the notifier reporting about relay entry timeout. Notifiers are rewarded from a notifiers treasury pool. For example, if notification reward is 1000 and the value of the multiplier is 5, the notifier will receive: 5% of 1000 = 50 per each operator affected.

_unauthorizedSigningNotificationRewardMultiplier

uint256 _unauthorizedSigningNotificationRewardMultiplier

Percentage of the staking contract malicious behavior notification reward which will be transferred to the notifier reporting about unauthorized signing. Notifiers are rewarded from a notifiers treasury pool. For example, if a notification reward is 1000 and the value of the multiplier is 5, the notifier will receive: 5% of 1000 = 50 per each operator affected.

_dkgMaliciousResultNotificationRewardMultiplier

uint256 _dkgMaliciousResultNotificationRewardMultiplier

Percentage of the staking contract malicious behavior notification reward which will be transferred to the notifier reporting about a malicious DKG result. Notifiers are rewarded from a notifiers treasury pool. For example, if notification reward is 1000 and the value of the multiplier is 5, the notifier will receive: 5% of 1000 = 50 per each operator affected.

_dkgResultSubmissionGas

uint256 _dkgResultSubmissionGas

Calculated gas cost for submitting a DKG result. This will be refunded as part of the DKG approval process. It is in the submitter's interest to not skip his priority turn on the approval, otherwise the refund of the DKG submission will be refunded to another group member that will call the DKG approve function.

_dkgResultApprovalGasOffset

uint256 _dkgResultApprovalGasOffset

Gas that is meant to balance the DKG result approval's overall cost. Can be updated by the governance based on the current market conditions.

_notifyOperatorInactivityGasOffset

uint256 _notifyOperatorInactivityGasOffset

Gas that is meant to balance the operator inactivity notification cost. Can be updated by the governance based on the current market conditions.

_relayEntrySubmissionGasOffset

uint256 _relayEntrySubmissionGasOffset

Gas that is meant to balance the relay entry submission cost. Can be updated by the governance based on the current market conditions.

inactivityClaimNonce

mapping(uint64 => uint256) inactivityClaimNonce

Stores current operator inactivity claim nonce for given group. Each claim is made with an unique nonce which protects against claim replay.

authorizedRequesters

mapping(address => bool) authorizedRequesters

Authorized addresses that can request a relay entry.

sortitionPool

contract SortitionPool sortitionPool

tToken

contract IERC20 tToken

staking

contract IStaking staking

authorization

struct BeaconAuthorization.Data authorization

dkg

struct BeaconDkg.Data dkg

groups

struct Groups.Data groups

relay

struct Relay.Data relay

callback

struct Callback.Data callback

AuthorizationParametersUpdated

event AuthorizationParametersUpdated(uint96 minimumAuthorization, uint64 authorizationDecreaseDelay, uint64 authorizationDecreaseChangePeriod)

RelayEntryParametersUpdated

event RelayEntryParametersUpdated(uint256 relayEntrySoftTimeout, uint256 relayEntryHardTimeout, uint256 callbackGasLimit)

GroupCreationParametersUpdated

event GroupCreationParametersUpdated(uint256 groupCreationFrequency, uint256 groupLifetime, uint256 dkgResultChallengePeriodLength, uint256 dkgResultChallengeExtraGas, uint256 dkgResultSubmissionTimeout, uint256 dkgResultSubmitterPrecedencePeriodLength)

RewardParametersUpdated

event RewardParametersUpdated(uint256 sortitionPoolRewardsBanDuration, uint256 relayEntryTimeoutNotificationRewardMultiplier, uint256 unauthorizedSigningNotificationRewardMultiplier, uint256 dkgMaliciousResultNotificationRewardMultiplier)

SlashingParametersUpdated

event SlashingParametersUpdated(uint256 relayEntrySubmissionFailureSlashingAmount, uint256 maliciousDkgResultSlashingAmount, uint256 unauthorizedSigningSlashingAmount)

GasParametersUpdated

event GasParametersUpdated(uint256 dkgResultSubmissionGas, uint256 dkgResultApprovalGasOffset, uint256 notifyOperatorInactivityGasOffset, uint256 relayEntrySubmissionGasOffset)

RequesterAuthorizationUpdated

event RequesterAuthorizationUpdated(address requester, bool isAuthorized)

DkgStarted

event DkgStarted(uint256 seed)

DkgResultSubmitted

event DkgResultSubmitted(bytes32 resultHash, uint256 seed, struct BeaconDkg.Result result)

DkgTimedOut

event DkgTimedOut()

DkgResultApproved

event DkgResultApproved(bytes32 resultHash, address approver)

DkgResultChallenged

event DkgResultChallenged(bytes32 resultHash, address challenger, string reason)

DkgMaliciousResultSlashed

event DkgMaliciousResultSlashed(bytes32 resultHash, uint256 slashingAmount, address maliciousSubmitter)

DkgMaliciousResultSlashingFailed

event DkgMaliciousResultSlashingFailed(bytes32 resultHash, uint256 slashingAmount, address maliciousSubmitter)

DkgStateLocked

event DkgStateLocked()

DkgSeedTimedOut

event DkgSeedTimedOut()

GroupRegistered

event GroupRegistered(uint64 groupId, bytes groupPubKey)

RelayEntryRequested

event RelayEntryRequested(uint256 requestId, uint64 groupId, bytes previousEntry)

RelayEntrySubmitted

event RelayEntrySubmitted(uint256 requestId, address submitter, bytes entry)

RelayEntryTimedOut

event RelayEntryTimedOut(uint256 requestId, uint64 terminatedGroupId)

RelayEntryDelaySlashed

event RelayEntryDelaySlashed(uint256 requestId, uint256 slashingAmount, address[] groupMembers)

RelayEntryDelaySlashingFailed

event RelayEntryDelaySlashingFailed(uint256 requestId, uint256 slashingAmount, address[] groupMembers)

RelayEntryTimeoutSlashed

event RelayEntryTimeoutSlashed(uint256 requestId, uint256 slashingAmount, address[] groupMembers)

RelayEntryTimeoutSlashingFailed

event RelayEntryTimeoutSlashingFailed(uint256 requestId, uint256 slashingAmount, address[] groupMembers)

UnauthorizedSigningSlashed

event UnauthorizedSigningSlashed(uint64 groupId, uint256 unauthorizedSigningSlashingAmount, address[] groupMembers)

UnauthorizedSigningSlashingFailed

event UnauthorizedSigningSlashingFailed(uint64 groupId, uint256 unauthorizedSigningSlashingAmount, address[] groupMembers)

CallbackFailed

event CallbackFailed(uint256 entry, uint256 entrySubmittedBlock)

InactivityClaimed

event InactivityClaimed(uint64 groupId, uint256 nonce, address notifier)

OperatorRegistered

event OperatorRegistered(address stakingProvider, address operator)

AuthorizationIncreased

event AuthorizationIncreased(address stakingProvider, address operator, uint96 fromAmount, uint96 toAmount)

AuthorizationDecreaseRequested

event AuthorizationDecreaseRequested(address stakingProvider, address operator, uint96 fromAmount, uint96 toAmount, uint64 decreasingAt)

AuthorizationDecreaseApproved

event AuthorizationDecreaseApproved(address stakingProvider)

InvoluntaryAuthorizationDecreaseFailed

event InvoluntaryAuthorizationDecreaseFailed(address stakingProvider, address operator, uint96 fromAmount, uint96 toAmount)

OperatorJoinedSortitionPool

event OperatorJoinedSortitionPool(address stakingProvider, address operator)

OperatorStatusUpdated

event OperatorStatusUpdated(address stakingProvider, address operator)

constructor

constructor(contract SortitionPool _sortitionPool, contract IERC20 _tToken, contract IStaking _staking, contract BeaconDkgValidator _dkgValidator, contract ReimbursementPool _reimbursementPool) public

Assigns initial values to parameters to make the beacon work safely. These parameters are just proposed defaults and they might be updated with update* functions after the contract deployment and before transferring the ownership to the governance contract.

onlyStakingContract

modifier onlyStakingContract()

onlyReimbursableAdmin

modifier onlyReimbursableAdmin()

updateAuthorizationParameters

function updateAuthorizationParameters(uint96 _minimumAuthorization, uint64 _authorizationDecreaseDelay, uint64 _authorizationDecreaseChangePeriod) external

Updates the values of authorization parameters.

Can be called only by the contract guvnor, which should be the random beacon governance contract. The caller is responsible for validating parameters.

Parameters

updateRelayEntryParameters

function updateRelayEntryParameters(uint256 relayEntrySoftTimeout, uint256 relayEntryHardTimeout, uint256 callbackGasLimit) external

Updates the values of relay entry parameters.

Can be called only by the contract guvnor, which should be the random beacon governance contract. The caller is responsible for validating parameters.

Parameters

updateGroupCreationParameters

function updateGroupCreationParameters(uint256 groupCreationFrequency, uint256 groupLifetime, uint256 dkgResultChallengePeriodLength, uint256 dkgResultChallengeExtraGas, uint256 dkgResultSubmissionTimeout, uint256 dkgSubmitterPrecedencePeriodLength) external

Updates the values of group creation parameters.

Can be called only by the contract guvnor, which should be the random beacon governance contract. The caller is responsible for validating parameters.

Parameters

updateRewardParameters

function updateRewardParameters(uint256 sortitionPoolRewardsBanDuration, uint256 relayEntryTimeoutNotificationRewardMultiplier, uint256 unauthorizedSigningNotificationRewardMultiplier, uint256 dkgMaliciousResultNotificationRewardMultiplier) external

Updates the values of reward parameters.

Can be called only by the contract guvnor, which should be the random beacon governance contract. The caller is responsible for validating parameters.

Parameters

updateSlashingParameters

function updateSlashingParameters(uint96 relayEntrySubmissionFailureSlashingAmount, uint96 maliciousDkgResultSlashingAmount, uint96 unauthorizedSigningSlashingAmount) external

Updates the values of slashing parameters.

Can be called only by the contract guvnor, which should be the random beacon governance contract. The caller is responsible for validating parameters.

Parameters

updateGasParameters

function updateGasParameters(uint256 dkgResultSubmissionGas, uint256 dkgResultApprovalGasOffset, uint256 notifyOperatorInactivityGasOffset, uint256 relayEntrySubmissionGasOffset) external

Updates the values of gas parameters.

Can be called only by the contract guvnor, which should be the random beacon governance contract. The caller is responsible for validating parameters.

Parameters

setRequesterAuthorization

function setRequesterAuthorization(address requester, bool isAuthorized) external

Set authorization for requesters that can request a relay entry.

Can be called only by the contract guvnor, which should be the random beacon governance contract.

Parameters

withdrawRewards

function withdrawRewards(address stakingProvider) external

Withdraws application rewards for the given staking provider. Rewards are withdrawn to the staking provider's beneficiary address set in the staking contract. Reverts if staking provider has not registered the operator address.

Emits RewardsWithdrawn event.

withdrawIneligibleRewards

function withdrawIneligibleRewards(address recipient) external

Withdraws rewards belonging to operators marked as ineligible for sortition pool rewards.

Can be called only by the contract guvnor, which should be the random beacon governance contract.

Parameters

registerOperator

function registerOperator(address operator) external

Used by staking provider to set operator address that will operate a node. The given staking provider can set operator address only one time. The operator address can not be changed and must be unique. Reverts if the operator is already set for the staking provider or if the operator address is already in use. Reverts if there is a pending authorization decrease for the staking provider.

joinSortitionPool

function joinSortitionPool() external

Lets the operator join the sortition pool. The operator address must be known - before calling this function, it has to be appointed by the staking provider by calling registerOperator. Also, the operator must have the minimum authorization required by the beacon. Function reverts if there is no minimum stake authorized or if the operator is not known. If there was an authorization decrease requested, it is activated by starting the authorization decrease delay.

updateOperatorStatus

function updateOperatorStatus(address operator) external

Updates status of the operator in the sortition pool. If there was an authorization decrease requested, it is activated by starting the authorization decrease delay. Function reverts if the operator is not known.

authorizationIncreased

function authorizationIncreased(address stakingProvider, uint96 fromAmount, uint96 toAmount) external

Used by T staking contract to inform the beacon that the authorized stake amount for the given staking provider increased.

Reverts if the authorization amount is below the minimum.

The function is not updating the sortition pool. Sortition pool state needs to be updated by the operator with a call to joinSortitionPool or updateOperatorStatus.

Can only be called by T staking contract.

authorizationDecreaseRequested

function authorizationDecreaseRequested(address stakingProvider, uint96 fromAmount, uint96 toAmount) external

Used by T staking contract to inform the beacon that the authorization decrease for the given staking provider has been requested.

Reverts if the amount after deauthorization would be non-zero and lower than the minimum authorization.

Reverts if another authorization decrease request is pending for the staking provider and not enough time passed since the original request (see authorizationDecreaseChangePeriod).

If the operator is not known (registerOperator was not called) it lets to approveAuthorizationDecrease immediately. If the operator is known (registerOperator was called), the operator needs to update state of the sortition pool with a call to joinSortitionPool or updateOperatorStatus. After the sortition pool state is in sync, authorization decrease delay starts.

After authorization decrease delay passes, authorization decrease request needs to be approved with a call to approveAuthorizationDecrease function.

If there is a pending authorization decrease request, it is overwritten, but only if enough time passed since the original request. Otherwise, the function reverts.

Can only be called by T staking contract.

approveAuthorizationDecrease

function approveAuthorizationDecrease(address stakingProvider) external

Approves the previously registered authorization decrease request. Reverts if authorization decrease delay has not passed yet or if the authorization decrease was not requested for the given staking provider.

involuntaryAuthorizationDecrease

function involuntaryAuthorizationDecrease(address stakingProvider, uint96 fromAmount, uint96 toAmount) external

Used by T staking contract to inform the beacon the authorization has been decreased for the given staking provider involuntarily, as a result of slashing.

If the operator is not known (registerOperator was not called) the function does nothing. The operator was never in a sortition pool so there is nothing to update.

If the operator is known, sortition pool is unlocked, and the operator is in the sortition pool, the sortition pool state is updated. If the sortition pool is locked, update needs to be postponed. Every other staker is incentivized to call updateOperatorStatus for the problematic operator to increase their own rewards in the pool.

genesis

function genesis() external

Triggers group selection if there are no active groups.

submitDkgResult

function submitDkgResult(struct BeaconDkg.Result dkgResult) external

\x19Ethereum signed message: before signing, so the message to sign is: \x19Ethereum signed message:\n${keccak256(chainID,groupPubKey,misbehaved,startBlock)}

Parameters

notifyDkgTimeout

function notifyDkgTimeout() external

Notifies about DKG timeout.

approveDkgResult

function approveDkgResult(struct BeaconDkg.Result dkgResult) external

Approves DKG result. Can be called when the challenge period for the submitted result is finished. Considers the submitted result as valid, bans misbehaved group members from the sortition pool rewards, and completes the group creation by activating the candidate group. For the first submitterPrecedencePeriodLength blocks after the end of the challenge period can be called only by the DKG result submitter. After that time, can be called by anyone.

Parameters

challengeDkgResult

function challengeDkgResult(struct BeaconDkg.Result dkgResult) external

Challenges DKG result. If the submitted result is proved to be invalid it reverts the DKG back to the result submission phase. It removes a candidate group that was previously registered with the DKG result submission.

Due to EIP-150 1/64 of the gas is not forwarded to the call, and will be kept to execute the remaining operations in the function after the call inside the try-catch. To eliminate a class of attacks related to the gas limit manipulation, this function requires an extra amount of gas to be left at the end of the execution.

Parameters

getGroupCreationState

function getGroupCreationState() external view returns (enum BeaconDkg.State)

Check current group creation state.

hasDkgTimedOut

function hasDkgTimedOut() external view returns (bool)

Checks if DKG timed out. The DKG timeout period includes time required for off-chain protocol execution and time for the result publication for all group members. After this time result cannot be submitted and DKG can be notified about the timeout.

Return Values

getGroupsRegistry

function getGroupsRegistry() external view returns (bytes32[])

getGroup

function getGroup(uint64 groupId) external view returns (struct Groups.Group)

getGroup

function getGroup(bytes groupPubKey) external view returns (struct Groups.Group)

requestRelayEntry

function requestRelayEntry(contract IRandomBeaconConsumer callbackContract) external

Creates a request to generate a new relay entry, which will include a random number (by signing the previous entry's random number). Requester must be previously authorized by the governance.

Parameters

submitRelayEntry

function submitRelayEntry(bytes entry) external

Creates a new relay entry. Gas-optimized version that can be called only before the soft timeout. This should be the majority of cases.

Parameters

submitRelayEntry

function submitRelayEntry(bytes entry, uint32[] groupMembers) external

Creates a new relay entry.

Parameters

reportRelayEntryTimeout

function reportRelayEntryTimeout(uint32[] groupMembers) external

Reports a relay entry timeout.

Parameters

reportUnauthorizedSigning

function reportUnauthorizedSigning(bytes signedMsgSender, uint64 groupId, uint32[] groupMembers) external

Reports unauthorized groups signing. Must provide a valid signature of the sender's address as a message. Successful signature verification means the private key has been leaked and all group members should be punished by slashing their tokens. Group has to be active or expired. Unauthorized signing cannot be reported for a terminated group. In case of reporting unauthorized signing for a terminated group, or when the signature is invalid, function reverts.

Parameters

notifyOperatorInactivity

function notifyOperatorInactivity(struct BeaconInactivity.Claim claim, uint256 nonce, uint32[] groupMembers) external

Notifies about operators who are inactive. Using this function, a majority of the group can decide about punishing specific group members who constantly fail doing their job. If the provided claim is proved to be valid and signed by sufficient number of group members, operators of members deemed as inactive are banned for sortition pool rewards for duration specified by _sortitionPoolRewardsBanDuration parameter. The sender of the claim must be one of the claim signers. This function can be called only for active and non-terminated groups.

Parameters

minimumAuthorization

function minimumAuthorization() external view returns (uint96)

The minimum authorization amount required so that operator can participate in the random beacon. This amount is required to execute slashing for providing a malicious DKG result or when a relay entry times out.

isRelayRequestInProgress

function isRelayRequestInProgress() external view returns (bool)

Return Values

eligibleStake

function eligibleStake(address stakingProvider) external view returns (uint96)

Returns the current value of the staking provider's eligible stake. Eligible stake is defined as the currently authorized stake minus the pending authorization decrease. Eligible stake is what is used for operator's weight in the sortition pool. If the authorized stake minus the pending authorization decrease is below the minimum authorization, eligible stake is 0.

availableRewards

function availableRewards(address stakingProvider) external view returns (uint96)

Returns the amount of rewards available for withdrawal for the given staking provider. Reverts if staking provider has not registered the operator address.

pendingAuthorizationDecrease

function pendingAuthorizationDecrease(address stakingProvider) external view returns (uint96)

Returns the amount of stake that is pending authorization decrease for the given staking provider. If no authorization decrease has been requested, returns zero.

remainingAuthorizationDecreaseDelay

function remainingAuthorizationDecreaseDelay(address stakingProvider) external view returns (uint64)

Returns the remaining time in seconds that needs to pass before the requested authorization decrease can be approved. If the sortition pool state was not updated yet by the operator after requesting the authorization decrease, returns type(uint64).max.

stakingProviderToOperator

function stakingProviderToOperator(address stakingProvider) public view returns (address)

Returns operator registered for the given staking provider.

operatorToStakingProvider

function operatorToStakingProvider(address operator) public view returns (address)

Returns staking provider of the given operator.

isOperatorUpToDate

function isOperatorUpToDate(address operator) external view returns (bool)

Checks if the operator's authorized stake is in sync with operator's weight in the sortition pool. If the operator is not in the sortition pool and their authorized stake is non-zero, function returns false.

isOperatorInPool

function isOperatorInPool(address operator) external view returns (bool)

Returns true if the given operator is in the sortition pool. Otherwise, returns false.

selectGroup

function selectGroup() external view returns (uint32[])

Selects a new group of operators. Can only be called when DKG is in progress and the pool is locked. At least one operator has to be registered in the pool, otherwise the function fails reverting the transaction.

Return Values

authorizationParameters

function authorizationParameters() external view returns (uint96 minimumAuthorization, uint64 authorizationDecreaseDelay, uint64 authorizationDecreaseChangePeriod)

Returns authorization-related parameters of the beacon.

The minimum authorization is also returned by minimumAuthorization() function, as a requirement of IApplication interface.

Return Values

relayEntryParameters

function relayEntryParameters() external view returns (uint256 relayEntrySoftTimeout, uint256 relayEntryHardTimeout, uint256 callbackGasLimit)

Returns relay-entry-related parameters of the beacon.

Return Values

groupCreationParameters

function groupCreationParameters() external view returns (uint256 groupCreationFrequency, uint256 groupLifetime, uint256 dkgResultChallengePeriodLength, uint256 dkgResultChallengeExtraGas, uint256 dkgResultSubmissionTimeout, uint256 dkgSubmitterPrecedencePeriodLength)

Returns group-creation-related parameters of the beacon.

Return Values

rewardParameters

function rewardParameters() external view returns (uint256 sortitionPoolRewardsBanDuration, uint256 relayEntryTimeoutNotificationRewardMultiplier, uint256 unauthorizedSigningNotificationRewardMultiplier, uint256 dkgMaliciousResultNotificationRewardMultiplier)

Returns reward-related parameters of the beacon.

Return Values

slashingParameters

function slashingParameters() external view returns (uint96 relayEntrySubmissionFailureSlashingAmount, uint96 maliciousDkgResultSlashingAmount, uint96 unauthorizedSigningSlashingAmount)

Returns slashing-related parameters of the beacon.

Return Values

gasParameters

function gasParameters() external view returns (uint256 dkgResultSubmissionGas, uint256 dkgResultApprovalGasOffset, uint256 notifyOperatorInactivityGasOffset, uint256 relayEntrySubmissionGasOffset)

Returns gas-related parameters of the beacon.

Return Values

Last updated