-
Notifications
You must be signed in to change notification settings - Fork 23
/
Copy pathRealityETH-3.0.sol
989 lines (832 loc) · 47.6 KB
/
RealityETH-3.0.sol
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
76
77
78
79
80
81
82
83
84
85
86
87
88
89
90
91
92
93
94
95
96
97
98
99
100
101
102
103
104
105
106
107
108
109
110
111
112
113
114
115
116
117
118
119
120
121
122
123
124
125
126
127
128
129
130
131
132
133
134
135
136
137
138
139
140
141
142
143
144
145
146
147
148
149
150
151
152
153
154
155
156
157
158
159
160
161
162
163
164
165
166
167
168
169
170
171
172
173
174
175
176
177
178
179
180
181
182
183
184
185
186
187
188
189
190
191
192
193
194
195
196
197
198
199
200
201
202
203
204
205
206
207
208
209
210
211
212
213
214
215
216
217
218
219
220
221
222
223
224
225
226
227
228
229
230
231
232
233
234
235
236
237
238
239
240
241
242
243
244
245
246
247
248
249
250
251
252
253
254
255
256
257
258
259
260
261
262
263
264
265
266
267
268
269
270
271
272
273
274
275
276
277
278
279
280
281
282
283
284
285
286
287
288
289
290
291
292
293
294
295
296
297
298
299
300
301
302
303
304
305
306
307
308
309
310
311
312
313
314
315
316
317
318
319
320
321
322
323
324
325
326
327
328
329
330
331
332
333
334
335
336
337
338
339
340
341
342
343
344
345
346
347
348
349
350
351
352
353
354
355
356
357
358
359
360
361
362
363
364
365
366
367
368
369
370
371
372
373
374
375
376
377
378
379
380
381
382
383
384
385
386
387
388
389
390
391
392
393
394
395
396
397
398
399
400
401
402
403
404
405
406
407
408
409
410
411
412
413
414
415
416
417
418
419
420
421
422
423
424
425
426
427
428
429
430
431
432
433
434
435
436
437
438
439
440
441
442
443
444
445
446
447
448
449
450
451
452
453
454
455
456
457
458
459
460
461
462
463
464
465
466
467
468
469
470
471
472
473
474
475
476
477
478
479
480
481
482
483
484
485
486
487
488
489
490
491
492
493
494
495
496
497
498
499
500
501
502
503
504
505
506
507
508
509
510
511
512
513
514
515
516
517
518
519
520
521
522
523
524
525
526
527
528
529
530
531
532
533
534
535
536
537
538
539
540
541
542
543
544
545
546
547
548
549
550
551
552
553
554
555
556
557
558
559
560
561
562
563
564
565
566
567
568
569
570
571
572
573
574
575
576
577
578
579
580
581
582
583
584
585
586
587
588
589
590
591
592
593
594
595
596
597
598
599
600
601
602
603
604
605
606
607
608
609
610
611
612
613
614
615
616
617
618
619
620
621
622
623
624
625
626
627
628
629
630
631
632
633
634
635
636
637
638
639
640
641
642
643
644
645
646
647
648
649
650
651
652
653
654
655
656
657
658
659
660
661
662
663
664
665
666
667
668
669
670
671
672
673
674
675
676
677
678
679
680
681
682
683
684
685
686
687
688
689
690
691
692
693
694
695
696
697
698
699
700
701
702
703
704
705
706
707
708
709
710
711
712
713
714
715
716
717
718
719
720
721
722
723
724
725
726
727
728
729
730
731
732
733
734
735
736
737
738
739
740
741
742
743
744
745
746
747
748
749
750
751
752
753
754
755
756
757
758
759
760
761
762
763
764
765
766
767
768
769
770
771
772
773
774
775
776
777
778
779
780
781
782
783
784
785
786
787
788
789
790
791
792
793
794
795
796
797
798
799
800
801
802
803
804
805
806
807
808
809
810
811
812
813
814
815
816
817
818
819
820
821
822
823
824
825
826
827
828
829
830
831
832
833
834
835
836
837
838
839
840
841
842
843
844
845
846
847
848
849
850
851
852
853
854
855
856
857
858
859
860
861
862
863
864
865
866
867
868
869
870
871
872
873
874
875
876
877
878
879
880
881
882
883
884
885
886
887
888
889
890
891
892
893
894
895
896
897
898
899
900
901
902
903
904
905
906
907
908
909
910
911
912
913
914
915
916
917
918
919
920
921
922
923
924
925
926
927
928
929
930
931
932
933
934
935
936
937
938
939
940
941
942
943
944
945
946
947
948
949
950
951
952
953
954
955
956
957
958
959
960
961
962
963
964
965
966
967
968
969
970
971
972
973
974
975
976
977
978
979
980
981
982
983
984
985
986
987
988
989
// SPDX-License-Identifier: GPL-3.0-only
pragma solidity ^0.8.6;
contract BalanceHolder {
mapping(address => uint256) public balanceOf;
event LogWithdraw(
address indexed user,
uint256 amount
);
function withdraw()
public {
uint256 bal = balanceOf[msg.sender];
balanceOf[msg.sender] = 0;
payable(msg.sender).transfer(bal);
emit LogWithdraw(msg.sender, bal);
}
}
contract RealityETH_v3_0 is BalanceHolder {
address constant NULL_ADDRESS = address(0);
// History hash when no history is created, or history has been cleared
bytes32 constant NULL_HASH = bytes32(0);
// An unitinalized finalize_ts for a question will indicate an unanswered question.
uint32 constant UNANSWERED = 0;
// An unanswered reveal_ts for a commitment will indicate that it does not exist.
uint256 constant COMMITMENT_NON_EXISTENT = 0;
// Commit->reveal timeout is 1/8 of the question timeout (rounded down).
uint32 constant COMMITMENT_TIMEOUT_RATIO = 8;
// Proportion withheld when you claim an earlier bond.
uint256 constant BOND_CLAIM_FEE_PROPORTION = 40; // One 40th ie 2.5%
// Special value representing a question that was answered too soon.
// bytes32(-2). By convention we use bytes32(-1) for "invalid", although the contract does not handle this.
bytes32 constant UNRESOLVED_ANSWER = 0xfffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffe;
event LogSetQuestionFee(
address arbitrator,
uint256 amount
);
event LogNewTemplate(
uint256 indexed template_id,
address indexed user,
string question_text
);
event LogNewQuestion(
bytes32 indexed question_id,
address indexed user,
uint256 template_id,
string question,
bytes32 indexed content_hash,
address arbitrator,
uint32 timeout,
uint32 opening_ts,
uint256 nonce,
uint256 created
);
event LogMinimumBond(
bytes32 indexed question_id,
uint256 min_bond
);
event LogFundAnswerBounty(
bytes32 indexed question_id,
uint256 bounty_added,
uint256 bounty,
address indexed user
);
event LogNewAnswer(
bytes32 answer,
bytes32 indexed question_id,
bytes32 history_hash,
address indexed user,
uint256 bond,
uint256 ts,
bool is_commitment
);
event LogAnswerReveal(
bytes32 indexed question_id,
address indexed user,
bytes32 indexed answer_hash,
bytes32 answer,
uint256 nonce,
uint256 bond
);
event LogNotifyOfArbitrationRequest(
bytes32 indexed question_id,
address indexed user
);
event LogCancelArbitration(
bytes32 indexed question_id
);
event LogFinalize(
bytes32 indexed question_id,
bytes32 indexed answer
);
event LogClaim(
bytes32 indexed question_id,
address indexed user,
uint256 amount
);
event LogReopenQuestion(
bytes32 indexed question_id,
bytes32 indexed reopened_question_id
);
struct Question {
bytes32 content_hash;
address arbitrator;
uint32 opening_ts;
uint32 timeout;
uint32 finalize_ts;
bool is_pending_arbitration;
uint256 bounty;
bytes32 best_answer;
bytes32 history_hash;
uint256 bond;
uint256 min_bond;
}
// Stored in a mapping indexed by commitment_id, a hash of commitment hash, question, bond.
struct Commitment {
uint32 reveal_ts;
bool is_revealed;
bytes32 revealed_answer;
}
// Only used when claiming more bonds than fits into a transaction
// Stored in a mapping indexed by question_id.
struct Claim {
address payee;
uint256 last_bond;
uint256 queued_funds;
}
uint256 nextTemplateID = 0;
mapping(uint256 => uint256) public templates;
mapping(uint256 => bytes32) public template_hashes;
mapping(bytes32 => Question) public questions;
mapping(bytes32 => Claim) public question_claims;
mapping(bytes32 => Commitment) public commitments;
mapping(address => uint256) public arbitrator_question_fees;
mapping(bytes32 => bytes32) public reopened_questions;
mapping(bytes32 => bool) public reopener_questions;
modifier onlyArbitrator(bytes32 question_id) {
require(msg.sender == questions[question_id].arbitrator, "msg.sender must be arbitrator");
_;
}
modifier stateAny() {
_;
}
modifier stateNotCreated(bytes32 question_id) {
require(questions[question_id].timeout == 0, "question must not exist");
_;
}
modifier stateOpen(bytes32 question_id) {
require(questions[question_id].timeout > 0, "question must exist");
require(!questions[question_id].is_pending_arbitration, "question must not be pending arbitration");
uint32 finalize_ts = questions[question_id].finalize_ts;
require(finalize_ts == UNANSWERED || finalize_ts > uint32(block.timestamp), "finalization deadline must not have passed");
uint32 opening_ts = questions[question_id].opening_ts;
require(opening_ts == 0 || opening_ts <= uint32(block.timestamp), "opening date must have passed");
_;
}
modifier statePendingArbitration(bytes32 question_id) {
require(questions[question_id].is_pending_arbitration, "question must be pending arbitration");
_;
}
modifier stateOpenOrPendingArbitration(bytes32 question_id) {
require(questions[question_id].timeout > 0, "question must exist");
uint32 finalize_ts = questions[question_id].finalize_ts;
require(finalize_ts == UNANSWERED || finalize_ts > uint32(block.timestamp), "finalization dealine must not have passed");
uint32 opening_ts = questions[question_id].opening_ts;
require(opening_ts == 0 || opening_ts <= uint32(block.timestamp), "opening date must have passed");
_;
}
modifier stateFinalized(bytes32 question_id) {
require(isFinalized(question_id), "question must be finalized");
_;
}
modifier bondMustDoubleAndMatchMinimum(bytes32 question_id) {
require(msg.value > 0, "bond must be positive");
uint256 current_bond = questions[question_id].bond;
if (current_bond == 0) {
require(msg.value >= (questions[question_id].min_bond), "bond must exceed the minimum");
} else {
require(msg.value >= (current_bond * 2), "bond must be double at least previous bond");
}
_;
}
modifier previousBondMustNotBeatMaxPrevious(bytes32 question_id, uint256 max_previous) {
if (max_previous > 0) {
require(questions[question_id].bond <= max_previous, "bond must exceed max_previous");
}
_;
}
/// @notice Constructor, sets up some initial templates
/// @dev Creates some generalized templates for different question types used in the DApp.
constructor() {
createTemplate('{"title": "%s", "type": "bool", "category": "%s", "lang": "%s"}');
createTemplate('{"title": "%s", "type": "uint", "decimals": 18, "category": "%s", "lang": "%s"}');
createTemplate('{"title": "%s", "type": "single-select", "outcomes": [%s], "category": "%s", "lang": "%s"}');
createTemplate('{"title": "%s", "type": "multiple-select", "outcomes": [%s], "category": "%s", "lang": "%s"}');
createTemplate('{"title": "%s", "type": "datetime", "category": "%s", "lang": "%s"}');
}
/// @notice Function for arbitrator to set an optional per-question fee.
/// @dev The per-question fee, charged when a question is asked, is intended as an anti-spam measure.
/// @param fee The fee to be charged by the arbitrator when a question is asked
function setQuestionFee(uint256 fee)
stateAny()
external {
arbitrator_question_fees[msg.sender] = fee;
emit LogSetQuestionFee(msg.sender, fee);
}
/// @notice Create a reusable template, which should be a JSON document.
/// Placeholders should use gettext() syntax, eg %s.
/// @dev Template data is only stored in the event logs, but its block number is kept in contract storage.
/// @param content The template content
/// @return The ID of the newly-created template, which is created sequentially.
function createTemplate(string memory content)
stateAny()
public returns (uint256) {
uint256 id = nextTemplateID;
templates[id] = block.number;
template_hashes[id] = keccak256(abi.encodePacked(content));
emit LogNewTemplate(id, msg.sender, content);
nextTemplateID = id + 1;
return id;
}
/// @notice Create a new reusable template and use it to ask a question
/// @dev Template data is only stored in the event logs, but its block number is kept in contract storage.
/// @param content The template content
/// @param question A string containing the parameters that will be passed into the template to make the question
/// @param arbitrator The arbitration contract that will have the final word on the answer if there is a dispute
/// @param timeout How long the contract should wait after the answer is changed before finalizing on that answer
/// @param opening_ts If set, the earliest time it should be possible to answer the question.
/// @param nonce A user-specified nonce used in the question ID. Change it to repeat a question.
/// @return The ID of the newly-created template, which is created sequentially.
function createTemplateAndAskQuestion(
string memory content,
string memory question, address arbitrator, uint32 timeout, uint32 opening_ts, uint256 nonce
)
// stateNotCreated is enforced by the internal _askQuestion
public payable returns (bytes32) {
uint256 template_id = createTemplate(content);
return askQuestion(template_id, question, arbitrator, timeout, opening_ts, nonce);
}
/// @notice Ask a new question and return the ID
/// @dev Template data is only stored in the event logs, but its block number is kept in contract storage.
/// @param template_id The ID number of the template the question will use
/// @param question A string containing the parameters that will be passed into the template to make the question
/// @param arbitrator The arbitration contract that will have the final word on the answer if there is a dispute
/// @param timeout How long the contract should wait after the answer is changed before finalizing on that answer
/// @param opening_ts If set, the earliest time it should be possible to answer the question.
/// @param nonce A user-specified nonce used in the question ID. Change it to repeat a question.
/// @return The ID of the newly-created question, created deterministically.
function askQuestion(uint256 template_id, string memory question, address arbitrator, uint32 timeout, uint32 opening_ts, uint256 nonce)
// stateNotCreated is enforced by the internal _askQuestion
public payable returns (bytes32) {
require(templates[template_id] > 0, "template must exist");
bytes32 content_hash = keccak256(abi.encodePacked(template_id, opening_ts, question));
bytes32 question_id = keccak256(abi.encodePacked(content_hash, arbitrator, timeout, uint256(0), address(this), msg.sender, nonce));
// We emit this event here because _askQuestion doesn't need to know the unhashed question. Other events are emitted by _askQuestion.
emit LogNewQuestion(question_id, msg.sender, template_id, question, content_hash, arbitrator, timeout, opening_ts, nonce, block.timestamp);
_askQuestion(question_id, content_hash, arbitrator, timeout, opening_ts, 0);
return question_id;
}
/// @notice Ask a new question and return the ID
/// @dev Template data is only stored in the event logs, but its block number is kept in contract storage.
/// @param template_id The ID number of the template the question will use
/// @param question A string containing the parameters that will be passed into the template to make the question
/// @param arbitrator The arbitration contract that will have the final word on the answer if there is a dispute
/// @param timeout How long the contract should wait after the answer is changed before finalizing on that answer
/// @param opening_ts If set, the earliest time it should be possible to answer the question.
/// @param nonce A user-specified nonce used in the question ID. Change it to repeat a question.
/// @param min_bond The minimum bond that may be used for an answer.
/// @return The ID of the newly-created question, created deterministically.
function askQuestionWithMinBond(uint256 template_id, string memory question, address arbitrator, uint32 timeout, uint32 opening_ts, uint256 nonce, uint256 min_bond)
// stateNotCreated is enforced by the internal _askQuestion
public payable returns (bytes32) {
require(templates[template_id] > 0, "template must exist");
bytes32 content_hash = keccak256(abi.encodePacked(template_id, opening_ts, question));
bytes32 question_id = keccak256(abi.encodePacked(content_hash, arbitrator, timeout, min_bond, address(this), msg.sender, nonce));
// We emit this event here because _askQuestion doesn't need to know the unhashed question.
// Other events are emitted by _askQuestion.
emit LogNewQuestion(question_id, msg.sender, template_id, question, content_hash, arbitrator, timeout, opening_ts, nonce, block.timestamp);
_askQuestion(question_id, content_hash, arbitrator, timeout, opening_ts, min_bond);
return question_id;
}
function _askQuestion(bytes32 question_id, bytes32 content_hash, address arbitrator, uint32 timeout, uint32 opening_ts, uint256 min_bond)
stateNotCreated(question_id)
internal {
// A timeout of 0 makes no sense, and we will use this to check existence
require(timeout > 0, "timeout must be positive");
require(timeout < 365 days, "timeout must be less than 365 days");
uint256 bounty = msg.value;
// The arbitrator can set a fee for asking a question.
// This is intended as an anti-spam defence.
// The fee is waived if the arbitrator is asking the question.
// This allows them to set an impossibly high fee and make users proxy the question through them.
// This would allow more sophisticated pricing, question whitelisting etc.
if (arbitrator != NULL_ADDRESS && msg.sender != arbitrator) {
uint256 question_fee = arbitrator_question_fees[arbitrator];
require(bounty >= question_fee, "ETH provided must cover question fee");
bounty = bounty - question_fee;
balanceOf[arbitrator] = balanceOf[arbitrator] + question_fee;
}
questions[question_id].content_hash = content_hash;
questions[question_id].arbitrator = arbitrator;
questions[question_id].opening_ts = opening_ts;
questions[question_id].timeout = timeout;
if (bounty > 0) {
questions[question_id].bounty = bounty;
emit LogFundAnswerBounty(question_id, bounty, bounty, msg.sender);
}
if (min_bond > 0) {
questions[question_id].min_bond = min_bond;
emit LogMinimumBond(question_id, min_bond);
}
}
/// @notice Add funds to the bounty for a question
/// @dev Add bounty funds after the initial question creation. Can be done any time until the question is finalized.
/// @param question_id The ID of the question you wish to fund
function fundAnswerBounty(bytes32 question_id)
stateOpen(question_id)
external payable {
questions[question_id].bounty = questions[question_id].bounty + msg.value;
emit LogFundAnswerBounty(question_id, msg.value, questions[question_id].bounty, msg.sender);
}
/// @notice Submit an answer for a question.
/// @dev Adds the answer to the history and updates the current "best" answer.
/// May be subject to front-running attacks; Substitute submitAnswerCommitment()->submitAnswerReveal() to prevent them.
/// @param question_id The ID of the question
/// @param answer The answer, encoded into bytes32
/// @param max_previous If specified, reverts if a bond higher than this was submitted after you sent your transaction.
function submitAnswer(bytes32 question_id, bytes32 answer, uint256 max_previous)
stateOpen(question_id)
bondMustDoubleAndMatchMinimum(question_id)
previousBondMustNotBeatMaxPrevious(question_id, max_previous)
external payable {
_addAnswerToHistory(question_id, answer, msg.sender, msg.value, false);
_updateCurrentAnswer(question_id, answer);
}
/// @notice Submit an answer for a question, crediting it to the specified account.
/// @dev Adds the answer to the history and updates the current "best" answer.
/// May be subject to front-running attacks; Substitute submitAnswerCommitment()->submitAnswerReveal() to prevent them.
/// @param question_id The ID of the question
/// @param answer The answer, encoded into bytes32
/// @param max_previous If specified, reverts if a bond higher than this was submitted after you sent your transaction.
/// @param answerer The account to which the answer should be credited
function submitAnswerFor(bytes32 question_id, bytes32 answer, uint256 max_previous, address answerer)
stateOpen(question_id)
bondMustDoubleAndMatchMinimum(question_id)
previousBondMustNotBeatMaxPrevious(question_id, max_previous)
external payable {
require(answerer != NULL_ADDRESS, "answerer must be non-zero");
_addAnswerToHistory(question_id, answer, answerer, msg.value, false);
_updateCurrentAnswer(question_id, answer);
}
// @notice Verify and store a commitment, including an appropriate timeout
// @param question_id The ID of the question to store
// @param commitment The ID of the commitment
function _storeCommitment(bytes32 question_id, bytes32 commitment_id)
internal
{
require(commitments[commitment_id].reveal_ts == COMMITMENT_NON_EXISTENT, "commitment must not already exist");
uint32 commitment_timeout = questions[question_id].timeout / COMMITMENT_TIMEOUT_RATIO;
commitments[commitment_id].reveal_ts = uint32(block.timestamp) + commitment_timeout;
}
/// @notice Submit the hash of an answer, laying your claim to that answer if you reveal it in a subsequent transaction.
/// @dev Creates a hash, commitment_id, uniquely identifying this answer, to this question, with this bond.
/// The commitment_id is stored in the answer history where the answer would normally go.
/// Does not update the current best answer - this is left to the later submitAnswerReveal() transaction.
/// @param question_id The ID of the question
/// @param answer_hash The hash of your answer, plus a nonce that you will later reveal
/// @param max_previous If specified, reverts if a bond higher than this was submitted after you sent your transaction.
/// @param _answerer If specified, the address to be given as the question answerer. Defaults to the sender.
/// @dev Specifying the answerer is useful if you want to delegate the commit-and-reveal to a third-party.
function submitAnswerCommitment(bytes32 question_id, bytes32 answer_hash, uint256 max_previous, address _answerer)
stateOpen(question_id)
bondMustDoubleAndMatchMinimum(question_id)
previousBondMustNotBeatMaxPrevious(question_id, max_previous)
external payable {
bytes32 commitment_id = keccak256(abi.encodePacked(question_id, answer_hash, msg.value));
address answerer = (_answerer == NULL_ADDRESS) ? msg.sender : _answerer;
_storeCommitment(question_id, commitment_id);
_addAnswerToHistory(question_id, commitment_id, answerer, msg.value, true);
}
/// @notice Submit the answer whose hash you sent in a previous submitAnswerCommitment() transaction
/// @dev Checks the parameters supplied recreate an existing commitment, and stores the revealed answer
/// Updates the current answer unless someone has since supplied a new answer with a higher bond
/// msg.sender is intentionally not restricted to the user who originally sent the commitment;
/// For example, the user may want to provide the answer+nonce to a third-party service and let them send the tx
/// NB If we are pending arbitration, it will be up to the arbitrator to wait and see any outstanding reveal is sent
/// @param question_id The ID of the question
/// @param answer The answer, encoded as bytes32
/// @param nonce The nonce that, combined with the answer, recreates the answer_hash you gave in submitAnswerCommitment()
/// @param bond The bond that you paid in your submitAnswerCommitment() transaction
function submitAnswerReveal(bytes32 question_id, bytes32 answer, uint256 nonce, uint256 bond)
stateOpenOrPendingArbitration(question_id)
external {
bytes32 answer_hash = keccak256(abi.encodePacked(answer, nonce));
bytes32 commitment_id = keccak256(abi.encodePacked(question_id, answer_hash, bond));
require(!commitments[commitment_id].is_revealed, "commitment must not have been revealed yet");
require(commitments[commitment_id].reveal_ts > uint32(block.timestamp), "reveal deadline must not have passed");
commitments[commitment_id].revealed_answer = answer;
commitments[commitment_id].is_revealed = true;
if (bond == questions[question_id].bond) {
_updateCurrentAnswer(question_id, answer);
}
emit LogAnswerReveal(question_id, msg.sender, answer_hash, answer, nonce, bond);
}
function _addAnswerToHistory(bytes32 question_id, bytes32 answer_or_commitment_id, address answerer, uint256 bond, bool is_commitment)
internal
{
bytes32 new_history_hash = keccak256(abi.encodePacked(questions[question_id].history_hash, answer_or_commitment_id, bond, answerer, is_commitment));
// Update the current bond level, if there's a bond (ie anything except arbitration)
if (bond > 0) {
questions[question_id].bond = bond;
}
questions[question_id].history_hash = new_history_hash;
emit LogNewAnswer(answer_or_commitment_id, question_id, new_history_hash, answerer, bond, block.timestamp, is_commitment);
}
function _updateCurrentAnswer(bytes32 question_id, bytes32 answer)
internal {
questions[question_id].best_answer = answer;
questions[question_id].finalize_ts = uint32(block.timestamp) + questions[question_id].timeout;
}
// Like _updateCurrentAnswer but without advancing the timeout
function _updateCurrentAnswerByArbitrator(bytes32 question_id, bytes32 answer)
internal {
questions[question_id].best_answer = answer;
questions[question_id].finalize_ts = uint32(block.timestamp);
}
/// @notice Notify the contract that the arbitrator has been paid for a question, freezing it pending their decision.
/// @dev The arbitrator contract is trusted to only call this if they've been paid, and tell us who paid them.
/// @param question_id The ID of the question
/// @param requester The account that requested arbitration
/// @param max_previous If specified, reverts if a bond higher than this was submitted after you sent your transaction.
function notifyOfArbitrationRequest(bytes32 question_id, address requester, uint256 max_previous)
onlyArbitrator(question_id)
stateOpen(question_id)
previousBondMustNotBeatMaxPrevious(question_id, max_previous)
external {
require(questions[question_id].finalize_ts > UNANSWERED, "Question must already have an answer when arbitration is requested");
questions[question_id].is_pending_arbitration = true;
emit LogNotifyOfArbitrationRequest(question_id, requester);
}
/// @notice Cancel a previously-requested arbitration and extend the timeout
/// @dev Useful when doing arbitration across chains that can't be requested atomically
/// @param question_id The ID of the question
function cancelArbitration(bytes32 question_id)
onlyArbitrator(question_id)
statePendingArbitration(question_id)
external {
questions[question_id].is_pending_arbitration = false;
questions[question_id].finalize_ts = uint32(block.timestamp) + questions[question_id].timeout;
emit LogCancelArbitration(question_id);
}
/// @notice Submit the answer for a question, for use by the arbitrator.
/// @dev Doesn't require (or allow) a bond.
/// If the current final answer is correct, the account should be whoever submitted it.
/// If the current final answer is wrong, the account should be whoever paid for arbitration.
/// However, the answerer stipulations are not enforced by the contract.
/// @param question_id The ID of the question
/// @param answer The answer, encoded into bytes32
/// @param answerer The account credited with this answer for the purpose of bond claims
function submitAnswerByArbitrator(bytes32 question_id, bytes32 answer, address answerer)
onlyArbitrator(question_id)
statePendingArbitration(question_id)
public {
require(answerer != NULL_ADDRESS, "answerer must be provided");
emit LogFinalize(question_id, answer);
questions[question_id].is_pending_arbitration = false;
_addAnswerToHistory(question_id, answer, answerer, 0, false);
_updateCurrentAnswerByArbitrator(question_id, answer);
}
/// @notice Submit the answer for a question, for use by the arbitrator, working out the appropriate winner based on the last answer details.
/// @dev Doesn't require (or allow) a bond.
/// @param question_id The ID of the question
/// @param answer The answer, encoded into bytes32
/// @param payee_if_wrong The account to by credited as winner if the last answer given is wrong, usually the account that paid the arbitrator
/// @param last_history_hash The history hash before the final one
/// @param last_answer_or_commitment_id The last answer given, or the commitment ID if it was a commitment.
/// @param last_answerer The address that supplied the last answer
function assignWinnerAndSubmitAnswerByArbitrator(bytes32 question_id, bytes32 answer, address payee_if_wrong, bytes32 last_history_hash, bytes32 last_answer_or_commitment_id, address last_answerer)
external {
bool is_commitment = _verifyHistoryInputOrRevert(questions[question_id].history_hash, last_history_hash, last_answer_or_commitment_id, questions[question_id].bond, last_answerer);
address payee;
// If the last answer is an unrevealed commit, it's always wrong.
// For anything else, the last answer was set as the "best answer" in submitAnswer or submitAnswerReveal.
if (is_commitment && !commitments[last_answer_or_commitment_id].is_revealed) {
require(commitments[last_answer_or_commitment_id].reveal_ts < uint32(block.timestamp), "You must wait for the reveal deadline before finalizing");
payee = payee_if_wrong;
} else {
payee = (questions[question_id].best_answer == answer) ? last_answerer : payee_if_wrong;
}
submitAnswerByArbitrator(question_id, answer, payee);
}
/// @notice Report whether the answer to the specified question is finalized
/// @param question_id The ID of the question
/// @return Return true if finalized
function isFinalized(bytes32 question_id)
view public returns (bool) {
uint32 finalize_ts = questions[question_id].finalize_ts;
return ( !questions[question_id].is_pending_arbitration && (finalize_ts > UNANSWERED) && (finalize_ts <= uint32(block.timestamp)) );
}
/// @notice (Deprecated) Return the final answer to the specified question, or revert if there isn't one
/// @param question_id The ID of the question
/// @return The answer formatted as a bytes32
function getFinalAnswer(bytes32 question_id)
stateFinalized(question_id)
external view returns (bytes32) {
return questions[question_id].best_answer;
}
/// @notice Return the final answer to the specified question, or revert if there isn't one
/// @param question_id The ID of the question
/// @return The answer formatted as a bytes32
function resultFor(bytes32 question_id)
stateFinalized(question_id)
public view returns (bytes32) {
return questions[question_id].best_answer;
}
/// @notice Returns whether the question was answered before it had an answer, ie resolved to UNRESOLVED_ANSWER
/// @param question_id The ID of the question
function isSettledTooSoon(bytes32 question_id)
public view returns(bool) {
return (resultFor(question_id) == UNRESOLVED_ANSWER);
}
/// @notice Like resultFor(), but errors out if settled too soon, or returns the result of a replacement if it was reopened at the right time and settled
/// @param question_id The ID of the question
function resultForOnceSettled(bytes32 question_id)
external view returns(bytes32) {
bytes32 result = resultFor(question_id);
if (result == UNRESOLVED_ANSWER) {
// Try the replacement
bytes32 replacement_id = reopened_questions[question_id];
require(replacement_id != bytes32(0x0), "Question was settled too soon and has not been reopened");
// We only try one layer down rather than recursing to keep the gas costs predictable
result = resultFor(replacement_id);
require(result != UNRESOLVED_ANSWER, "Question replacement was settled too soon and has not been reopened");
}
return result;
}
/// @notice Asks a new question reopening a previously-asked question that was settled too soon
/// @dev A special version of askQuestion() that replaces a previous question that was settled too soon
/// @param template_id The ID number of the template the question will use
/// @param question A string containing the parameters that will be passed into the template to make the question
/// @param arbitrator The arbitration contract that will have the final word on the answer if there is a dispute
/// @param timeout How long the contract should wait after the answer is changed before finalizing on that answer
/// @param opening_ts If set, the earliest time it should be possible to answer the question.
/// @param nonce A user-specified nonce used in the question ID. Change it to repeat a question.
/// @param min_bond The minimum bond that can be used to provide the first answer.
/// @param reopens_question_id The ID of the question this reopens
/// @return The ID of the newly-created question, created deterministically.
function reopenQuestion(uint256 template_id, string memory question, address arbitrator, uint32 timeout, uint32 opening_ts, uint256 nonce, uint256 min_bond, bytes32 reopens_question_id)
// stateNotCreated is enforced by the internal _askQuestion
public payable returns (bytes32) {
require(isSettledTooSoon(reopens_question_id), "You can only reopen questions that resolved as settled too soon");
bytes32 content_hash = keccak256(abi.encodePacked(template_id, opening_ts, question));
// A reopening must exactly match the original question, except for the nonce and the creator
require(content_hash == questions[reopens_question_id].content_hash, "content hash mismatch");
require(arbitrator == questions[reopens_question_id].arbitrator, "arbitrator mismatch");
require(timeout == questions[reopens_question_id].timeout, "timeout mismatch");
require(opening_ts == questions[reopens_question_id].opening_ts , "opening_ts mismatch");
require(min_bond == questions[reopens_question_id].min_bond, "min_bond mismatch");
// If the the question was itself reopening some previous question, you'll have to re-reopen the previous question first.
// This ensures the bounty can be passed on to the next attempt of the original question.
require(!reopener_questions[reopens_question_id], "Question is already reopening a previous question");
// A question can only be reopened once, unless the reopening was also settled too soon in which case it can be replaced
bytes32 existing_reopen_question_id = reopened_questions[reopens_question_id];
// Normally when we reopen a question we will take its bounty and pass it on to the reopened version.
bytes32 take_bounty_from_question_id = reopens_question_id;
// If the question has already been reopened but was again settled too soon, we can transfer its bounty to the next attempt.
if (existing_reopen_question_id != bytes32(0)) {
require(isSettledTooSoon(existing_reopen_question_id), "Question has already been reopened");
// We'll overwrite the reopening with our new question and move the bounty.
// Once that's done we'll detach the failed reopener and you'll be able to reopen that too if you really want, but without the bounty.
reopener_questions[existing_reopen_question_id] = false;
take_bounty_from_question_id = existing_reopen_question_id;
}
bytes32 question_id = askQuestionWithMinBond(template_id, question, arbitrator, timeout, opening_ts, nonce, min_bond);
reopened_questions[reopens_question_id] = question_id;
reopener_questions[question_id] = true;
questions[question_id].bounty = questions[take_bounty_from_question_id].bounty + questions[question_id].bounty;
questions[take_bounty_from_question_id].bounty = 0;
emit LogReopenQuestion(question_id, reopens_question_id);
return question_id;
}
/// @notice Return the final answer to the specified question, provided it matches the specified criteria.
/// @dev Reverts if the question is not finalized, or if it does not match the specified criteria.
/// @param question_id The ID of the question
/// @param content_hash The hash of the question content (template ID + opening time + question parameter string)
/// @param arbitrator The arbitrator chosen for the question (regardless of whether they are asked to arbitrate)
/// @param min_timeout The timeout set in the initial question settings must be this high or higher
/// @param min_bond The bond sent with the final answer must be this high or higher
/// @return The answer formatted as a bytes32
function getFinalAnswerIfMatches(
bytes32 question_id,
bytes32 content_hash, address arbitrator, uint32 min_timeout, uint256 min_bond
)
stateFinalized(question_id)
external view returns (bytes32) {
require(content_hash == questions[question_id].content_hash, "content hash must match");
require(arbitrator == questions[question_id].arbitrator, "arbitrator must match");
require(min_timeout <= questions[question_id].timeout, "timeout must be long enough");
require(min_bond <= questions[question_id].bond, "bond must be high enough");
return questions[question_id].best_answer;
}
/// @notice Assigns the winnings (bounty and bonds) to everyone who gave the accepted answer
/// Caller must provide the answer history, in reverse order
/// @dev Works up the chain and assign bonds to the person who gave the right answer
/// If someone gave the winning answer earlier, they must get paid from the higher bond
/// That means we can't pay out the bond added at n until we have looked at n-1
/// The first answer is authenticated by checking against the stored history_hash.
/// One of the inputs to history_hash is the history_hash before it, so we use that to authenticate the next entry, etc
/// Once we get to a null hash we'll know we're done and there are no more answers.
/// Usually you would call the whole thing in a single transaction, but if not then the data is persisted to pick up later.
/// @param question_id The ID of the question
/// @param history_hashes Second-last-to-first, the hash of each history entry. (Final one should be empty).
/// @param addrs Last-to-first, the address of each answerer or commitment sender
/// @param bonds Last-to-first, the bond supplied with each answer or commitment
/// @param answers Last-to-first, each answer supplied, or commitment ID if the answer was supplied with commit->reveal
function claimWinnings(
bytes32 question_id,
bytes32[] memory history_hashes, address[] memory addrs, uint256[] memory bonds, bytes32[] memory answers
)
stateFinalized(question_id)
public {
require(history_hashes.length > 0, "at least one history hash entry must be provided");
// These are only set if we split our claim over multiple transactions.
address payee = question_claims[question_id].payee;
uint256 last_bond = question_claims[question_id].last_bond;
uint256 queued_funds = question_claims[question_id].queued_funds;
// Starts as the hash of the final answer submitted. It'll be cleared when we're done.
// If we're splitting the claim over multiple transactions, it'll be the hash where we left off last time
bytes32 last_history_hash = questions[question_id].history_hash;
bytes32 best_answer = questions[question_id].best_answer;
uint256 i;
for (i = 0; i < history_hashes.length; i++) {
// Check input against the history hash, and see which of 2 possible values of is_commitment fits.
bool is_commitment = _verifyHistoryInputOrRevert(last_history_hash, history_hashes[i], answers[i], bonds[i], addrs[i]);
queued_funds = queued_funds + last_bond;
(queued_funds, payee) = _processHistoryItem(
question_id, best_answer, queued_funds, payee,
addrs[i], bonds[i], answers[i], is_commitment);
// Line the bond up for next time, when it will be added to somebody's queued_funds
last_bond = bonds[i];
// Burn (just leave in contract balance) a fraction of all bonds except the final one.
// This creates a cost to increasing your own bond, which could be used to delay resolution maliciously
if (last_bond != questions[question_id].bond) {
last_bond = last_bond - last_bond / BOND_CLAIM_FEE_PROPORTION;
}
last_history_hash = history_hashes[i];
}
if (last_history_hash != NULL_HASH) {
// We haven't yet got to the null hash (1st answer), ie the caller didn't supply the full answer chain.
// Persist the details so we can pick up later where we left off later.
// If we know who to pay we can go ahead and pay them out, only keeping back last_bond
// (We always know who to pay unless all we saw were unrevealed commits)
if (payee != NULL_ADDRESS) {
_payPayee(question_id, payee, queued_funds);
queued_funds = 0;
}
question_claims[question_id].payee = payee;
question_claims[question_id].last_bond = last_bond;
question_claims[question_id].queued_funds = queued_funds;
} else {
// There is nothing left below us so the payee can keep what remains
_payPayee(question_id, payee, queued_funds + last_bond);
delete question_claims[question_id];
}
questions[question_id].history_hash = last_history_hash;
}
function _payPayee(bytes32 question_id, address payee, uint256 value)
internal {
balanceOf[payee] = balanceOf[payee] + value;
emit LogClaim(question_id, payee, value);
}
function _verifyHistoryInputOrRevert(
bytes32 last_history_hash,
bytes32 history_hash, bytes32 answer, uint256 bond, address addr
)
internal pure returns (bool) {
if (last_history_hash == keccak256(abi.encodePacked(history_hash, answer, bond, addr, true)) ) {
return true;
}
if (last_history_hash == keccak256(abi.encodePacked(history_hash, answer, bond, addr, false)) ) {
return false;
}
revert("History input provided did not match the expected hash");
}
function _processHistoryItem(
bytes32 question_id, bytes32 best_answer,
uint256 queued_funds, address payee,
address addr, uint256 bond, bytes32 answer, bool is_commitment
)
internal returns (uint256, address) {
// For commit-and-reveal, the answer history holds the commitment ID instead of the answer.
// We look at the referenced commitment ID and switch in the actual answer.
if (is_commitment) {
bytes32 commitment_id = answer;
// If it's a commit but it hasn't been revealed, it will always be considered wrong.
if (!commitments[commitment_id].is_revealed) {
delete commitments[commitment_id];
return (queued_funds, payee);
} else {
answer = commitments[commitment_id].revealed_answer;
delete commitments[commitment_id];
}
}
if (answer == best_answer) {
if (payee == NULL_ADDRESS) {
// The entry is for the first payee we come to, ie the winner.
// They get the question bounty.
payee = addr;
if (best_answer != UNRESOLVED_ANSWER && questions[question_id].bounty > 0) {
_payPayee(question_id, payee, questions[question_id].bounty);
questions[question_id].bounty = 0;
}
} else if (addr != payee) {
// Answerer has changed, ie we found someone lower down who needs to be paid
// The lower answerer will take over receiving bonds from higher answerer.
// They should also be paid the takeover fee, which is set at a rate equivalent to their bond.
// (This is our arbitrary rule, to give consistent right-answerers a defence against high-rollers.)
// There should be enough for the fee, but if not, take what we have.
// There's an edge case involving weird arbitrator behaviour where we may be short.
uint256 answer_takeover_fee = (queued_funds >= bond) ? bond : queued_funds;
// Settle up with the old (higher-bonded) payee
_payPayee(question_id, payee, queued_funds - answer_takeover_fee);
// Now start queued_funds again for the new (lower-bonded) payee
payee = addr;
queued_funds = answer_takeover_fee;
}
}
return (queued_funds, payee);
}
/// @notice Convenience function to assign bounties/bonds for multiple questions in one go, then withdraw all your funds.
/// Caller must provide the answer history for each question, in reverse order
/// @dev Can be called by anyone to assign bonds/bounties, but funds are only withdrawn for the user making the call.
/// @param question_ids The IDs of the questions you want to claim for
/// @param lengths The number of history entries you will supply for each question ID
/// @param hist_hashes In a single list for all supplied questions, the hash of each history entry.
/// @param addrs In a single list for all supplied questions, the address of each answerer or commitment sender
/// @param bonds In a single list for all supplied questions, the bond supplied with each answer or commitment
/// @param answers In a single list for all supplied questions, each answer supplied, or commitment ID
function claimMultipleAndWithdrawBalance(
bytes32[] memory question_ids, uint256[] memory lengths,
bytes32[] memory hist_hashes, address[] memory addrs, uint256[] memory bonds, bytes32[] memory answers
)
stateAny() // The finalization checks are done in the claimWinnings function
public {
uint256 qi;
uint256 i;
for (qi = 0; qi < question_ids.length; qi++) {
bytes32 qid = question_ids[qi];
uint256 ln = lengths[qi];
bytes32[] memory hh = new bytes32[](ln);
address[] memory ad = new address[](ln);
uint256[] memory bo = new uint256[](ln);
bytes32[] memory an = new bytes32[](ln);
uint256 j;
for (j = 0; j < ln; j++) {
hh[j] = hist_hashes[i];
ad[j] = addrs[i];
bo[j] = bonds[i];
an[j] = answers[i];
i++;
}
claimWinnings(qid, hh, ad, bo, an);
}
withdraw();
}
/// @notice Returns the questions's content hash, identifying the question content
/// @param question_id The ID of the question
function getContentHash(bytes32 question_id)
public view returns(bytes32) {
return questions[question_id].content_hash;
}
/// @notice Returns the arbitrator address for the question
/// @param question_id The ID of the question
function getArbitrator(bytes32 question_id)
public view returns(address) {
return questions[question_id].arbitrator;
}
/// @notice Returns the timestamp when the question can first be answered
/// @param question_id The ID of the question
function getOpeningTS(bytes32 question_id)
public view returns(uint32) {
return questions[question_id].opening_ts;
}
/// @notice Returns the timeout in seconds used after each answer
/// @param question_id The ID of the question
function getTimeout(bytes32 question_id)
public view returns(uint32) {
return questions[question_id].timeout;
}
/// @notice Returns the timestamp at which the question will be/was finalized
/// @param question_id The ID of the question
function getFinalizeTS(bytes32 question_id)
public view returns(uint32) {
return questions[question_id].finalize_ts;
}
/// @notice Returns whether the question is pending arbitration
/// @param question_id The ID of the question
function isPendingArbitration(bytes32 question_id)
public view returns(bool) {
return questions[question_id].is_pending_arbitration;
}
/// @notice Returns the current total unclaimed bounty
/// @dev Set back to zero once the bounty has been claimed
/// @param question_id The ID of the question
function getBounty(bytes32 question_id)
public view returns(uint256) {
return questions[question_id].bounty;
}
/// @notice Returns the current best answer
/// @param question_id The ID of the question
function getBestAnswer(bytes32 question_id)
public view returns(bytes32) {
return questions[question_id].best_answer;
}
/// @notice Returns the history hash of the question
/// @param question_id The ID of the question
/// @dev Updated on each answer, then rewound as each is claimed
function getHistoryHash(bytes32 question_id)
public view returns(bytes32) {
return questions[question_id].history_hash;
}
/// @notice Returns the highest bond posted so far for a question
/// @param question_id The ID of the question
function getBond(bytes32 question_id)
public view returns(uint256) {
return questions[question_id].bond;
}
/// @notice Returns the minimum bond that can answer the question
/// @param question_id The ID of the question
function getMinBond(bytes32 question_id)
public view returns(uint256) {
return questions[question_id].min_bond;
}
}