Extend finalizeWithdrawal in Standard Bridge Interface
#355
Comments
|
One thing to note: The PoC is incorrect/unsafe because the message being validated allows anybody to specify bytes memory data = abi.encode(to, (address))
bytes memory call = abi.encodeWithSelector(L2ERC20.withdrawTo.selector, address(this), amount, data);and client side the user would submit the withdrawal as done here, but by also encoding their data (js pseudocode below): // user specifies their address in the extraData because their address is not passed to the L1 messenger
// due to the call-flow being: User -> L2ERC20 -> L2Messenger -> L1Messenger, meaning that the l2_msgsender
// is L2ERC20
withdrawalTx = await L2_ERC20.connect(l2account1).withdrawTo(
marketMaker.address,
amount,
abi.encode(['address'], [await l2account1.getAddress()]
)Separately from that, the PoC is missing features like I think that this approach is the simplest one for getting Fast Withdrawals minimally enabled, without introducing any additional mechanisms/overheads. The client side watcher for this should also be pretty simple:
What's nice about this is that it requires 1 L2 transaction for the user w/o any additional approvals, and 1 L2 transaction & 1 L1 transaction by the market maker. |
|
@gakonst I believe it's possible to implement your PoC bridge without this addition if you used 2 xDomain messages right? One where you send the tokens (with no context) and a second one with a custom call using the xDomainMessenger to call a function on your L1 Market Maker contract like I would still much rather have an |
|
Ideally we could have an Specifying the condition is currently not possible (unless my assumption above is correct that you could do this with 2 calls). |
|
Re 1: Uh sure it's prob possible, but does not sound like great UX |
|
We seem to agree here. Anyone want to pick up @gakonst's PR again? |
|
I have a plan in motion to collect this and other feature requests for the bridge so that we can get a proper community-driven implementation, stay tuned :) I have been thinking about another bit of devex here which you folks might have a good grasp on. I was wondering--would it be useful to expose the unique identifier for cross-chain messages more readily in the messengers and token gateways? For example, |
Problem Description
As a developer of a 3rd party (external to a birdge) fast withdrawal solution I would like to have a way to connect an original withdrawal requester from an l2 to l1 message payload. Additionally, I would like to embed even more details about the withdrawal request (fees etc).
Solution
Add
extraDatafield toiOVM_L1TokenGateway'sfinalizeWithdrawal. This adds more context to cross-chain messages and allows to build 3rd party fast withdrawal solutions OUTSIDE of the token bridge.extraDatacan contain a hash of a message containing the address of an original requester, info about fees etc.Additional context
FW solution flow possible after this change:
withdrawToonL2DepositedTokenwith an address of a smartcontract coordinating FW let's call itCoordinator.Coordinatorto send his funds to Alice and record this fact. Alice can enjoy their token on L1.If (3) never happened, after withdrawal settles, Alice proofs that she initiated the original withdraw and she claims tokens. Without the change described in this PR a cross-chain message only contains address of a Coordinator SC (
tofield) and hence Alice can not prove that she originated the withdrawal.PoC of such solution was implemented by @gakonst in: https://github.com/gakonst/optimistic-fast-withdrawals/blob/feat/fast-withdrawals/contracts/MarketMaker.sol
Alice and Bob can negotiate additional fees in a state channel and they don't have to be part of the cross-chain message.
Original discussion: #349
The text was updated successfully, but these errors were encountered: