Cross-chain Tokenized Threshold BTC: Generic L2 ERC20 implementation #550
Conversation
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
This is the first step for the implementation of a generic L2/sidechain token contract. The L2/sidechain token will be upgradeable, owned by Threshold Council, will delegate the minting authority to multiple parties, and have a pause functionality for mints and burns. Individual L2/sidechain token implementations will inherit from this contract setting only the token name and symbol. So far, adding and removing minters was implemented. More to come!
pdyraga
commented
Feb 18, 2023
solidity/contracts/l2/L2TBTC.sol
Outdated
Comment on lines
22
to
23
| // * Be paused by any one of `n` guardians, allowing avoidance of contagion in case | ||
| // of a chain- or bridge-specific incident. |
There was a problem hiding this comment.
@mhluongo Would you like to pause everything or just mints/burns. I assumed mint/burns given the bridges are posing most of the risk. It is not about blocking l2 DEXes, for example.
There was a problem hiding this comment.
What about ERC20WithPermit, MisfundRecovery functionality for tokens that will be inheriting from L2TBTC.sol? Do we want/need to add it?
There was a problem hiding this comment.
We want it! See c710eec.
pdyraga
commented
Feb 18, 2023
| // Hacky workaround allowing to deploy proxy contract any number of times | ||
| // without clearing `deployments/hardhat` directory. | ||
| // See: https://github.com/keep-network/hardhat-helpers/issues/38 | ||
| `L2TBTC_${randomBytes(8).toString("hex")}`, |
There was a problem hiding this comment.
@nkuba Not super proud of it but I had to move forward. May be replaced with a flag if we do keep-network/hardhat-helpers#38.
dimpar
reviewed
Feb 20, 2023
dimpar
reviewed
Feb 22, 2023
4.8.1 is the most recent version. In the `main` version of OpenZeppelin, `draft-ERC20PermitUpgradeable` is no longer a draft but this change is not yet present in 4.8.1 version of OpenZeppelin. Once a new version gets released we should update to drop the `draft-` prefix from the import in L2TBTC (see the very next commit). For now, I am updating to the most recent version to be closer to 4.8.2 or 4.9.0 we will be updating to.
Only the functions defined in L2TBTC are fully covered with tests. L2TBTC contract inherits from OpenZeppelin contracts and we do not want to test the framework. The basic tests for functions defined in the OpenZeppelin contracts ensure all expected OpenZeppelin extensions are inherited in L2TBTC contract and that they are properly initialized.
Allow one of the guardians to pause mints and burns allowing avoidance of contagion in case of a chain- or bridge-specific incident.
Added functions allowing the governance to recover any ERC20 or ERC721 sent mistakenly to the contract address.
dimpar
reviewed
Feb 24, 2023
Renames of some test scenarios plus additional assertions for empty guardian and minter lists.
dimpar
approved these changes
Feb 27, 2023
Sign up for free
to join this conversation on GitHub.
Already have an account?
Sign in to comment
Add this suggestion to a batch that can be applied as a single commit.
This suggestion is invalid because no changes were made to the code.
Suggestions cannot be applied while the pull request is closed.
Suggestions cannot be applied while viewing a subset of changes.
Only one suggestion per line can be applied in a batch.
Add this suggestion to a batch that can be applied as a single commit.
Applying suggestions on deleted lines is not supported.
You must change the existing code in this line in order to create a valid suggestion.
Outdated suggestions cannot be applied.
This suggestion has been applied or marked resolved.
Suggestions cannot be applied from pending reviews.
Suggestions cannot be applied on multi-line comments.
Suggestions cannot be applied while the pull request is queued to merge.
Suggestion cannot be applied right now. Please check back later.
Closes #543
The contract
L2TBTCis a canonical L2/sidechain token implementation. tBTC token is minted on L1 and locked there to be moved to L2/sidechain. By deploying a canonical token on each L2/sidechain, we can ensure the supply of tBTC remains sacrosanct, while enabling quick, interoperable cross-chain bridges and localizing ecosystem risk.This contract is flexible enough to:
The token is burnable by the token holder and supports EIP2612 permits. Token holder can authorize a transfer of their token with a signature conforming EIP712 standard instead of an on-chain transaction from their address. Anyone can submit this signature on the user's behalf by calling the permit function, paying gas fees, and possibly performing other actions in the same transaction. The governance can recover ERC20 and ERC721 tokens sent mistakenly to
L2TBTCtoken contract.Testing
All functions defined in
L2TBTCcontract are fully covered with tests.L2TBTCcontract inherits from OpenZeppelin contracts and we do not want to test the framework. At the same time, we need to make sure all the declared functionalities are exposed by the contract and that they work. The tests must fail if the contract initialization gets broken or if one of the OpenZeppelin extensions is dropped from the inheritance. To make it happen, the tests cover really basic scenarios for the code implemented in OpenZeppelin ERC20 and extensions.The tests use
helpers.upgrades.deployProxyto deployL2TBTCand to test it as a contract deployed behind a proxy. There is a small complication with this approach that led to opening an issue in our hardhat plugins repo: keep-network/hardhat-helpers#38.