EcdsaDkg

EcdsaDkg

Parameters

struct Parameters {
  uint256 seedTimeout;
  uint256 resultChallengePeriodLength;
  uint256 resultChallengeExtraGas;
  uint256 resultSubmissionTimeout;
  uint256 submitterPrecedencePeriodLength;
}

Data

struct Data {
  contract SortitionPool sortitionPool;
  contract EcdsaDkgValidator dkgValidator;
  struct EcdsaDkg.Parameters parameters;
  uint256 stateLockBlock;
  uint256 startBlock;
  uint256 seed;
  uint256 resultSubmissionStartBlockOffset;
  bytes32 submittedResultHash;
  uint256 submittedResultBlock;
  uint256[38] __gap;
}

Result

struct Result {
  uint256 submitterMemberIndex;
  bytes groupPubKey;
  uint8[] misbehavedMembersIndices;
  bytes signatures;
  uint256[] signingMembersIndices;
  uint32[] members;
  bytes32 membersHash;
}

State

enum State {
  IDLE,
  AWAITING_SEED,
  AWAITING_RESULT,
  CHALLENGE
}

groupSize

uint256 groupSize

Size of a group in ECDSA wallet.

DkgStarted

event DkgStarted(uint256 seed)

DkgResultSubmitted

event DkgResultSubmitted(bytes32 resultHash, uint256 seed, struct EcdsaDkg.Result result)

DkgTimedOut

event DkgTimedOut()

DkgResultApproved

event DkgResultApproved(bytes32 resultHash, address approver)

DkgResultChallenged

event DkgResultChallenged(bytes32 resultHash, address challenger, string reason)

DkgStateLocked

event DkgStateLocked()

DkgSeedTimedOut

event DkgSeedTimedOut()

init

function init(struct EcdsaDkg.Data self, contract SortitionPool _sortitionPool, contract EcdsaDkgValidator _dkgValidator) internal

Initializes SortitionPool and EcdsaDkgValidator addresses. Can be performed only once.

Parameters

currentState

function currentState(struct EcdsaDkg.Data self) internal view returns (enum EcdsaDkg.State state)

Determines the current state of group creation. It doesn't take timeouts into consideration. The timeouts should be tracked and notified separately.

lockState

function lockState(struct EcdsaDkg.Data self) internal

Locks the sortition pool and starts awaiting for the group creation seed.

start

function start(struct EcdsaDkg.Data self, uint256 seed) internal

submitResult

function submitResult(struct EcdsaDkg.Data self, struct EcdsaDkg.Result result) internal

Allows to submit a DKG result. The submitted result does not go through a validation and before it gets accepted, it needs to wait through the challenge period during which everyone has a chance to challenge the result as invalid one. Submitter of the result needs to be in the sortition pool and if the result gets challenged, the submitter will get slashed.

hasSeedTimedOut

function hasSeedTimedOut(struct EcdsaDkg.Data self) internal view returns (bool)

Checks if awaiting seed timed out.

Return Values

hasDkgTimedOut

function hasDkgTimedOut(struct EcdsaDkg.Data self) internal view returns (bool)

Checks if DKG timed out. The DKG timeout period includes time required for off-chain protocol execution and time for the result publication. After this time a result cannot be submitted and DKG can be notified about the timeout. DKG period is adjusted by result submission offset that include blocks that were mined while invalid result has been registered until it got challenged.

Return Values

notifySeedTimeout

function notifySeedTimeout(struct EcdsaDkg.Data self) internal

Notifies about the seed was not delivered and restores the initial DKG state (IDLE).

notifyDkgTimeout

function notifyDkgTimeout(struct EcdsaDkg.Data self) internal

Notifies about DKG timeout.

approveResult

function approveResult(struct EcdsaDkg.Data self, struct EcdsaDkg.Result result) internal returns (uint32[] misbehavedMembers)

Approves DKG result. Can be called when the challenge period for the submitted result is finished. Considers the submitted result as valid. For the first submitterPrecedencePeriodLength blocks after the end of the challenge period can be called only by the DKG result submitter. After that time, can be called by anyone.

Can be called after a challenge period for the submitted result.

Parameters

Return Values

challengeResult

function challengeResult(struct EcdsaDkg.Data self, struct EcdsaDkg.Result result) internal returns (bytes32 maliciousResultHash, uint32 maliciousSubmitter)

Challenges DKG result. If the submitted result is proved to be invalid it reverts the DKG back to the result submission phase.

Can be called during a challenge period for the submitted result.

Parameters

Return Values

requireChallengeExtraGas

function requireChallengeExtraGas(struct EcdsaDkg.Data self) internal view

Due to EIP150, 1/64 of the gas is not forwarded to the call, and will be kept to execute the remaining operations in the function after the call inside the try-catch.

To ensure there is no way for the caller to manipulate gas limit in such a way that the call inside try-catch fails with out-of-gas and the rest of the function is executed with the remaining 1/64 of gas, we require an extra gas amount to be left at the end of the call to the function challenging DKG result and wrapping the call to EcdsaDkgValidator and TokenStaking contracts inside a try-catch.

isResultValid

function isResultValid(struct EcdsaDkg.Data self, struct EcdsaDkg.Result result) internal view returns (bool, string)

Checks if DKG result is valid for the current DKG.

Parameters

Return Values

setSeedTimeout

function setSeedTimeout(struct EcdsaDkg.Data self, uint256 newSeedTimeout) internal

Set setSeedTimeout parameter.

setResultChallengePeriodLength

function setResultChallengePeriodLength(struct EcdsaDkg.Data self, uint256 newResultChallengePeriodLength) internal

Set resultChallengePeriodLength parameter.

setResultChallengeExtraGas

function setResultChallengeExtraGas(struct EcdsaDkg.Data self, uint256 newResultChallengeExtraGas) internal

Set resultChallengeExtraGas parameter.

setResultSubmissionTimeout

function setResultSubmissionTimeout(struct EcdsaDkg.Data self, uint256 newResultSubmissionTimeout) internal

Set resultSubmissionTimeout parameter.

setSubmitterPrecedencePeriodLength

function setSubmitterPrecedencePeriodLength(struct EcdsaDkg.Data self, uint256 newSubmitterPrecedencePeriodLength) internal

Set submitterPrecedencePeriodLength parameter.

complete

function complete(struct EcdsaDkg.Data self) internal

Completes DKG by cleaning up state.

Should be called after DKG times out or a result is approved.