Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom

make TimerService closely held by contracts: remove from terms, Board, home object #5799

Open
warner opened this issue Jul 20, 2022 · 4 comments
Open

make TimerService closely held by contracts: remove from terms, Board, home object #5799

warner opened this issue Jul 20, 2022 · 4 comments
Assignees
@Chris-Hibbert
Labels
enhancement New feature or request Inter-protocol Overarching Inter Protocol vaults_triage DO NOT USE Zoe package: Zoe

Comments

@warner
Copy link
Member

warner commented Jul 20, 2022

What is the Problem Being Solved?

If we implement #5798 , then the second step is to remove access to the full-powered TimerService, by doing the following:

  • don't publish it to the Board
    • instead, publish the TimerIdentity, which is powerless and safe to widely distribute
  • remove the TimerService from the contract's publically-visible terms
    • instead, include the TimerIdentity
  • remove the chain TimerService from the batch of chainServices supplied to newly-provisioned ag-solo clients, replacing it with the identity
  • when complete, only the core-bootstrap code should hang on to the TimerService in a way that could be provided to new code (via the Big JS Hammer eval() operation)
    • our initial contracts are given access to the TimerService when they are started
    • but no other contracts can get it unless instantiated via the Big JS Hammer

A deeper change, which I think is interesting (but I don't know how much work would be involved) would be to define an Amount-like { time, timerID } structure, maybe using AmountMath.Nat to manipulate it, and change all timer-sensitive contracts (at least the Vault, which needs to compute interest on a particular schedule) to use them. That would remove the TimerID from the contract's terms, and instead include it in each time value that crosses its API.

Description of the Design

Security Considerations

Test Plan

This probably requires updates to the existing unit tests for the components being changed, but maybe not brand new tests, unless we go with the Amount-like "typed-Time" structure.

cc @Chris-Hibbert
@warner warner added the enhancement New feature or request label Jul 20, 2022
@Tartuffo Tartuffo added the Inter-protocol Overarching Inter Protocol label Aug 16, 2022
@Chris-Hibbert
Copy link
Contributor

I would also want to add a standard check, whenever a TimerService was included in privateArgs, that the TimerService matched the TimerIdentity. Governance handles this kind of thing for Invitations that are governed parameters, but there is little likelihood of wanting the TimerService to be a governed parameter, so it would have to be a parallel utility.

@Tartuffo
Copy link
Contributor

Less coding solution: move timer from terms to private args.

@dckc dckc added the Zoe package: Zoe label Aug 17, 2022
@Tartuffo Tartuffo added this to the Mainnet 1 RC0 milestone Aug 17, 2022
@Chris-Hibbert Chris-Hibbert self-assigned this Aug 17, 2022
@Chris-Hibbert
Copy link
Contributor

The main tasks are:

  1. Zoe
    1.1 Zoe accepts either TimerService or TimerBrand in exitRules
    1.2 Zoe gets a TimerService at boot time, and doesn't accept others in exit rules

  2. Contracts
    2.1 Move timerService out of terms everywhere
    2.2 Put it in privateArgs if the contract needs to schedule activity
    2.3 figure out which contracts need to expose a TimerBrand.

  3. Bootstrap will need to register TimerBrand and Clock in some public place.

  4. zoe/src/contracts
    4.1 priceAggregatorChainlink (clock only)
    4.2 auction
    4.3 fundedCallSpread/pricedCallSpread
    4.4 coveredCall exitRule
    4.5 updateDebt periodObserver,
    4.6 otcDesk exitRule
    4.7 priceAggregator (full)

  5. inter-protocol contracts
    5.1 feeDistributor
    5.2 Vault
    5.3 stakeFactory (clock)
    5.4 liquidation

@Chris-Hibbert Chris-Hibbert mentioned this issue Aug 19, 2022
Open
@Tartuffo Tartuffo removed this from the Mainnet 1 RC0 milestone Sep 21, 2022
@rowgraus rowgraus added the vaults_triage DO NOT USE label Jan 3, 2023
@ivanlei ivanlei added this to the Vaults RC0 milestone Feb 1, 2023
@Chris-Hibbert Chris-Hibbert mentioned this issue Feb 1, 2023
Merged
@dckc dckc mentioned this issue Apr 11, 2023
Merged
1 task
@ivanlei ivanlei removed this from the Vaults EVP milestone Apr 28, 2023
@dckc dckc mentioned this issue Nov 16, 2023
Open
@dckc
Copy link
Member

dckc commented Nov 16, 2023

I learned this week that in order to make an offer with an afterDeadline exit rule, the caller has to supply a timer.

For our hackathon project, the only way we figured out how to do that via the smart wallet was to put it on the board.

Looks like addressing that is in scope here.

Zoe accepts either TimerService or TimerBrand in exitRules

@dckc dckc mentioned this issue Sep 5, 2024
Draft
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Assignees

@Chris-Hibbert Chris-Hibbert

Labels
enhancement New feature or request Inter-protocol Overarching Inter Protocol vaults_triage DO NOT USE Zoe package: Zoe
Projects
None yet
Milestone
No milestone
Development

No branches or pull requests
6 participants
@warner @dckc @Tartuffo @ivanlei @Chris-Hibbert @rowgraus