Comments (6)
Yes we're working on making this better.
In the meanwhile, I think that for this particular case you can achieve what you want by taking advantage of an escrow account where you set its master weight to 0.
The property that you want to use is that updating the signers should be done with the last operations within your transaction (to enable/disable the next edges in the graph), not as a way to modify the current transaction; you also need to make sure that the order of those operations are always valid from a signature point of view (see example below for transaction ID #2).
Basically at the end of each "state transition", you want to update the signers (edges) of the graph that make valid transitions.
Also, something to note is that if a transaction is submitted to the network with a sequence number that doesn't match the current account's counter, it will be rejected without consuming the sequence number.
I used sequence number 1 as the sequence number for the escrow account, but of course you'd need to adjust it to be whatever the escrow account has.
I also added an extra step, I think you were missing a transition that lets the consumer acknowledge receipt of the goods.
Also, I use Cleanup
here as shorthand for the following operations: { delete trustline(s), merge account -> consumer } or { restore master weight to 10 }
Transactions should only be signed before submitting to the network in this particular case.
Tx #1 Signature: (setup by Consumer)
seq=1 Escrow account setup with escrow amount.
Update signers to:
1. h(#4) @ 10
2. h(#2) @ 8
3. Merchant @ 2
4. Consumer @ 1
5. Resolver @ 1
Update weights to:
1. Master = 0
2. Low=Med=High=10
Tx #2 Signature: Merchant
seq=2 Updated - Merchant said they shipped (no-op= send 1 XLM to self).
Update signers to:
1. Delete h(#4) (deletes not strictly required but help with cleanup)
2. Set h(#5) @ 8
3. Set h(#6) @ 8
4. Set h(#7) @ 8
5. Set Consumer @2
6. Set Resolver @ 1
7. Set Merchant @10 <<< this is important as the remaining weights would not work out
8. Delete h(#2)
9. Set Merchant @1
Tx #3 Signature: Merchant
seq=2 Merchant refunds consumer & account cleanup
Tx #4 Signature: None
seq=2 Valid after T+30days: "UnlockExpiredEscrow" refund & cleanup
Tx #5 Signature: Consumer
seq=3 New: Consumer acks receipt, release amount from escrow, cleanup
Tx #6 Signature: Merchant
seq=3 Valid after T+5 days: Merchant - starts dispute "consumer didn't ack/release funds"
Update signers to:
1. Delete h(#5)
2. Delete h(#6)
3. Delete h(#7)
4. h(#8) @ 8
5. h(#9) @ 8
6. Merchant @ 1
7. Consumer @ 1
8. Resolver @ 2
Tx #7 Signature: Consumer
seq=3 Updated - Consumer starts dispute: "not received"/"not what I wanted" (follows #2)
Update signers to:
1. Delete h(#5)
2. Delete h(#6)
3. Delete h(#7)
4. h(#8) @ 8
5. h(#9) @ 8
6. Merchant @ 1
7. Consumer @ 1
8. Resolver @ 2
Tx #8 Signature: Resolver, Merchant
seq=4 completeDisputedEscrow: send funds to merchant, fee to Resolver & cleanup
Tx #9 Signature: Resolver, Consumer
seq=4 refundDisputedEscrow: send funds back to consumer, fee to resolver & cleanup
from stellar-protocol.
In Tx#2:
Including the tx hash of itself is kind of difficult. I recall the documentation saying that the hash of the signed contract would be removed automatically.
Tho it does bring up another idea - maybe in the future, the transaction seq number could be included besides the hash, so once it becomes impossible to execute that tx it would be automatically removed? It would also help with long chain of transactions that are dependent on oneanother which makes removing their hashes difficult and freeying up the 20 available signer slots is sometimes needed for large graph.
from stellar-protocol.
Ah yes, sorry the delete h(#2)
in Tx #2 is implicit and not required like you said; you should still be able to implement the workflow.
I agree, I think we need to make those one time signatures easier to manage. I don't know what should be enabled just yet at the protocol layer though (a condition on sequence number is just one of the conditions that people may want).
One of the steps here that is not easy to do is "cleanup" that cannot be a mergeaccount
operation if the tx was authorized by a one time hash so the only way right now it seems is to restore the master weight to something sane and let the person with the secret key do the cleanup.
from stellar-protocol.
btw, I opened #53 that should help reduce the need to rely on h(transaction)
(and instead just use sequence numbers when possible).
from stellar-protocol.
@roosmaa, do you feel a core enhancement (CAP) or ecosystem proposal (SEP) is needed, or can we close this out?
from stellar-protocol.
@theaeolianmachine it's been so long since I created this issue that I cannot really answer that question. So let's close this.
from stellar-protocol.
Related Issues (20)
- CAP-0054: Add Renounce Ownership Function to Admin Interface HOT 5
- CAP-0052 - provide a way to retrieve the return value of an on-chain contract call HOT 3
- SEP-9: add proof_of_liveness field HOT 1
- Transfer SEPs: add optional `refund_account` attribute to transaction initiation requests HOT 2
- SEPs (6, 12, 24, 31): Update callback header from `X-Stellar-Signature` to `Signature` HOT 4
- SEP-9: define a generalized account identifier format HOT 4
- SEP-9: add `bank_account_type` field HOT 2
- SEP-6: /deposit and /withdraw IDs should map to list of transactions rather than a single transaction HOT 22
- SEP-24: make `account` for deposit request optional to match withdraw request
- Add SEP for Soroban token interface HOT 1
- Nice
- SEP-7: thoughts on using "web+stellar://" instead of "web+stellar:"? HOT 1
- SEP-6: standardize structured off-chain deposit instructions for users HOT 1
- SEP-6: Providing deposit instructions asynchronously
- security HOT 1
- SEP-24: Layered fee structure HOT 1
- SEP-24: Configure fees by payment method HOT 1
- SEP-9: support `organization.referrer`
- Add deviation parameter instead of pure uniform periods HOT 8
- Support for `memo` field in SEP-9 Financial Account Fields
Recommend Projects
-
React
A declarative, efficient, and flexible JavaScript library for building user interfaces.
-
Vue.js
🖖 Vue.js is a progressive, incrementally-adoptable JavaScript framework for building UI on the web.
-
Typescript
TypeScript is a superset of JavaScript that compiles to clean JavaScript output.
-
TensorFlow
An Open Source Machine Learning Framework for Everyone
-
Django
The Web framework for perfectionists with deadlines.
-
Laravel
A PHP framework for web artisans
-
D3
Bring data to life with SVG, Canvas and HTML. 📊📈🎉
-
Recommend Topics
-
javascript
JavaScript (JS) is a lightweight interpreted programming language with first-class functions.
-
web
Some thing interesting about web. New door for the world.
-
server
A server is a program made to process requests and deliver data to clients.
-
Machine learning
Machine learning is a way of modeling and interpreting data that allows a piece of software to respond intelligently.
-
Visualization
Some thing interesting about visualization, use data art
-
Game
Some thing interesting about game, make everyone happy.
Recommend Org
-
Facebook
We are working to build community through open source technology. NB: members must have two-factor auth.
-
Microsoft
Open source projects and samples from Microsoft.
-
Google
Google ❤️ Open Source for everyone.
-
Alibaba
Alibaba Open Source for everyone
-
D3
Data-Driven Documents codes.
-
Tencent
China tencent open source team.
from stellar-protocol.