feat(fast-usdc): settler disburses or forwards funds #10530
Conversation
Deploying agoric-sdk with
|
| Latest commit: |
d67cd22
|
| Status: | ✅ Deploy successful! |
| Preview URL: | https://12e7d7e6.agoric-sdk.pages.dev |
| Branch Preview URL: | https://10391-settler-exo.agoric-sdk.pages.dev |
dckc
force-pushed
the
10391-settler-exo
branch
3 times, most recently
from
9e90738 to
09171cb
Compare
dckc
force-pushed
the
10391-settler-exo
branch
from
9e5c099 to
ab020c2
Compare
dckc
force-pushed
the
10391-settler-exo
branch
3 times, most recently
from
50f3674 to
2dc941f
Compare
dckc
changed the title
| } | ||
| disbursed(txHash, address, amount) { | ||
| // TODO: store txHash -> evidence for txs pending settlement? | ||
| console.log('TODO: vstorage update', { txHash, address, amount }); |
There was a problem hiding this comment.
can wait for another PR but should at least have a TODO in this one…
define the states and valid transitions in constants, and when transitioning state verify that it's a valid transition. like in
agoric-sdk/packages/inter-protocol/src/vaultFactory/vault.js
Lines 67 to 77 in 2dc941f
There was a problem hiding this comment.
I'm adding a TODO in constants.js, but in this disbursed(...) case, the previous state has been dequeued, so this exo no longer has it. In fact, I'm struggling to find anywhere that such a check would be relevant.
There was a problem hiding this comment.
gotcha, maybe it doesn't make sense here with this virtual entity
| recordPendingTx(evidence, PendingTxStatus.Advancing); | ||
| }, | ||
|
|
||
| /** |
There was a problem hiding this comment.
please some more docs on when this is to be called
| @@ -109,8 +132,34 @@ export const prepareStatusManager = zone => { | |||
| * Add a new transaction with ADVANCED status | |||
| * @param {CctpTxEvidence} evidence | |||
| */ | |||
| advance(evidence) { | |||
| recordPendingTx(evidence, PendingTxStatus.Advanced); | |||
| advancing(evidence) { | |||
There was a problem hiding this comment.
I think advance was correct. That's the transition event that will change the state to Advancing.
Consider having a naming scheme for all transition events. "send" is common in state FSMs. So here could be sendAdvance
There was a problem hiding this comment.
restored advance
just added a TODO re naming scheme
| * @param {boolean} success | ||
| * @throws {Error} if nothing to advance | ||
| */ | ||
| advanceOutcome(sender, amount, success) { |
There was a problem hiding this comment.
it makes sense that this takes a boolean but for the calling code consider having a more explicit sendAdvanceSuccess and sendAdvanceFailure (which could call this)
There was a problem hiding this comment.
I'm struggling with this "sendX" phrasing. We're telling the status manager to send something?
There was a problem hiding this comment.
How about settleX? To signify the transfer vow settlement.
I don't mind the Boolean. Another option is a Fulfilled | Rejected const that would be more explicit at the call site.
Also keep in mind we'll soon need settleForward (in addition to settleAdvance or whatever is decided here)
There was a problem hiding this comment.
"send" phrasing is from the metaphor of sending a message to the state machine. It's in a bunch of state machine libraries.
my comment was just a "consider" which is done.
| * Find an `ADVANCED` or `OBSERVED` tx waiting to be `SETTLED` | ||
| * @param {CctpTxEvidence} evidence | ||
| */ | ||
| isSeen(evidence) { |
There was a problem hiding this comment.
is connotes a check on the current state but Seen isn't one of the states.
hasBeenObserved?
| }, | ||
|
|
||
| /** | ||
| * Lookup all pending entries for a given address and amount | ||
| * | ||
| * XXX only used in tests. should we remove? |
There was a problem hiding this comment.
yes. tests need only cover what can be called in production.
There was a problem hiding this comment.
I wrote this comment - some tests would need to be reworked if we were to remove this. They use this method to confirm state transitions.
There was a problem hiding this comment.
I wonder if they need to do so explicitly. Kind of testing the implementation.
There was a problem hiding this comment.
Maybe a better approach is to define the stores as optional initState arguments so we can access the contents in tests.
There was a problem hiding this comment.
cleaner wrt the API surface but that's even moreso testing the implementation
There was a problem hiding this comment.
Nice job. My review is partial since we paired and tag teamed much of this. I think it's good to land but noted some additional requirements that could be part of #10391 or a follow up ticket.
| /** fallback: do not collect fees */ | ||
| Forwarded: 'FORWARDED', | ||
| /** failed to forward to EUD */ | ||
| ForwardFailed: 'FORWARD_FAILED', |
There was a problem hiding this comment.
| ForwardFailed: 'FORWARD_FAILED', | |
| ForwardFailed: 'FORWARD_FAILED', | |
| /** started IBC transfer for fallback path */ | |
| Forwarding: 'FORWARDING', |
| dest, | ||
| AmountMath.make(USDC, amount), | ||
| ); | ||
| await vowTools.when(txfrV); // TODO: watch, handle failure |
There was a problem hiding this comment.
This PR tackles a lot so I won't push to include here - but please create a follow up ticket or update this to refs that captures work needed for Forwarding and ForwardFailed states.
There was a problem hiding this comment.
We don't in general have issues for all TODOs, do we? Is this one special?
| } | ||
|
|
||
| const { status, txHash } = pending[dequeueIdx]; | ||
| // TODO: store txHash -> evidence for txs pending settlement? |
There was a problem hiding this comment.
| // TODO: store txHash -> evidence for txs pending settlement? | |
| // TODO: store txHash -> evidence for txs pending settlement? | |
| // If necessary for vstorage writes in `forwarded` and `settled` |
| * @param {NobleAddress} address | ||
| * @param {bigint} amount | ||
| * @returns {PendingTx[]} | ||
| */ | ||
| lookupPending(address, amount) { | ||
| const key = makePendingTxKey(address, amount); | ||
| if (!pendingTxs.has(key)) { | ||
| throw makeError(`Key ${q(key)} not yet observed`); | ||
| return []; |
There was a problem hiding this comment.
| return []; | |
| return harden([]); |
| // TODO #10390 log all early returns | ||
| // only interested in packets from the issuing chain | ||
| return; |
There was a problem hiding this comment.
Before closing #10390, please log all early returns. This was a previous request: https://github.com/Agoric/agoric-sdk/pull/10406/files#r1831815520
0xpatrickdev
requested review from
0xpatrickdev
and removed request for
0xpatrickdev
| const pending = pendingTxs.get(key); | ||
| return !!pending.length; | ||
| if (!pending.length) return undefined; |
There was a problem hiding this comment.
| if (!pending.length) return undefined; |
We might be able to remove this - it seems unreachable with the pendingTxs.delete logic in dequeueStatus. (Also the only line popping up on test:c8)
There was a problem hiding this comment.
it's also taken care of by the dequeueIdx < 0 check after find. it's at best an optimization.
dckc
force-pushed
the
10391-settler-exo
branch
from
cb93488 to
e4bf666
Compare
dckc
force-pushed
the
10391-settler-exo
branch
from
e4bf666 to
0ab9e37
Compare
|
I'm struggling with this ci mystery: I re-ran it; it still failed. |
It’s strange—I can see in the logs the message: However, since the istBalanceBefore value isn’t being logged, we cannot properly verify this. What I don’t understand is why this test doesn’t fail when running the a3p-integration acceptance tests locally or in other PRs (for example here, where the acceptance wallet test is passing), but it’s failing here—even though I don’t see any changes being introduced that to a3p-integration proposals. Am I failing to notice any change being introduced in this PR that may conflict with the any a3p-integration acceptance test? |
I can't imagine any. All the changes are in the fast-usdc package, which isn't even deployed in the z:acceptance context. |
|
I see some earlier symptoms, at 4370: |
- settle -> disburse
settler, advancer
dckc
force-pushed
the
10391-settler-exo
branch
from
0ab9e37 to
d67cd22
Compare
|
rebased now that #10553 has landed |
|
I'm bypassing integration because this is passing every integration test but this flake, |
refs: #10565 ## Description #10530 was failing repeatedly due to this test problem, - #10565 I thought it was a flake so I [bypassed the check](#10530 (comment)) but it turns out to fail deterministically due to the changes in #10530. But those changes should have not affected the test, so the problem is with the test. This marks it as failing until it can be solved. ### Security Considerations none ### Scaling Considerations none ### Documentation Considerations none ### Testing Considerations I used `failing` instead of `skip` to help confirm that it's deterministic. Also if something happens to resolve it inadvertently it'll be detected so we re-enable it. ### Upgrade Considerations none
closes: #10565 refs: #10774 ## Description Test named `exitOffer tool reclaims stuck payment` was flakey and this prevented landing other PRs like #10530. ### Security Considerations None. ### Scaling Considerations None. ### Documentation Considerations None. ### Testing Considerations The flakey test was being skipped before. Now we included it back in and the CI should pass. ### Upgrade Considerations This test concerns current and all future upgrades as the acceptance should pass before landing upgrades.
closes: #10391
Description
Discussion of what to do if the minted USDC shows up at each state led to some refinement of states.
So the scope of this PR expanded somewhat:
Security Considerations
In addition to the normal case where funds are repaid to the pool and fees are distributed, the settler is responsible to forward funds in case they were not advanced.
Scaling Considerations
nothing novel
Documentation Considerations
Readers are assumed to be familiar with design docs.
Testing Considerations
Getting the tests to pass requires:
It's included in this PR for now but is expected to land separately
DRAFT until
Upgrade Considerations
This is a new component.